I've recently switched to another hoster ... So I had to change the whole database names and credentials, but now one of my logins is not working anymore.
My user login works perfectly, but my admin login doesn't work since I changed the hoster.
He now gives me this error:
Warning: session_start() [function.session-start]: Cannot start session when headers already sent in /****/*************/***/********/news_login.php on line 2
I would appreciate an answer :)
I have no idea what to do
<?php
session_start();
require_once 'mysql.php';
$db = new DB();
?>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<title>Euro Trans GmbH | Admin LogIn</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
<script src="https://kit.fontawesome.com/c96bf7b876.js"></script>
<style>
.bd-placeholder-img {
font-size: 1.125rem;
text-anchor: middle;
-webkit-user-select: none;
-moz-user-select: none;
-ms-user-select: none;
user-select: none;
}
@media (min-width: 768px) {
.bd-placeholder-img-lg {
font-size: 3.5rem;
}
}
body {
display: -ms-flexbox;
display: flex;
-ms-flex-align: center;
align-items: center;
padding-top: 40px;
padding-bottom: 40px;
background-color: #333333;
}
form {
position: absolute;
top: 50%;
left: 50%;
transform: translateX(-50%) translateY(-50%);
}
</style>
</head>
<body class="text-center">
<?php
if($db->isUserLoggedIn() === TRUE) {
echo "<div style='position: absolute; top: 50%; left: 50%; transform: translateX(-50%) translateY(-50%);'><p style='color: white;'>Du bist bereits eingeloggt!</p><a href='logout.php' class='btn btn-outline-success my-2 my-sm-0' type='submit' alt='Ausloggen'>Ausloggen</a></div>";
} else {
if(isset($_POST['einloggen'])) {
$email = $_POST['email'];
$passwort = sha1($_POST['passwort']);
if($db->login($email, $passwort) === TRUE) {
echo "<br /><p>Erfolgreich eingeloggt!</p><br />";
} else {
echo "<br />Einloggen fehlgeschlagen!<br />";
}
}
?>
<form class="form-signin" action="news_login.php" method="POST">
<img src="images/default.png" alt="logo" width="200" height="200" style="border-radius: 20px; margin-right: 5%;">
<h1 class="h3 mb-3 font-weight-normal" style="color: white;">Administrator Login</h1>
<label for="inputEmail" class="sr-only">Email-Adresse</label>
<input type="email" style="margin-top: 30px;" name="email" class="form-control" placeholder="Email-Adresse" required autofocus>
<label for="inputPassword" class="sr-only">Passwort</label>
<input type="password" style="margin-top: 3px;" name="passwort" class="form-control" placeholder="Passwort" required>
<button class="btn btn-lg btn-primary btn-block" type="submit" name="einloggen" style="margin-top: 20px;">Einloggen</button>
<br>
<p><a href="index.php" style="color: white; text-decoration: underline;">Zurück zu Startseite</a></p>
<p class="mt-5 mb-3 text-muted">© <script>document.write(new Date().getFullYear());</script> by Euro Trans GmbH. All Rights Reserved</p>
</form>
<?php
}
?>
</body>
</html>
<?php
class DB {
private static $_db_username = "***********";
private static $_db_password = "***************";
private static $_db_host = "*******";
private static $_db_name = "*************";
private static $_db;
function __construct() {
try {
self::$_db = new PDO("mysql:host=" . self::$_db_host . ";dbname=" . self::$_db_name, self::$_db_username, self::$_db_password);
} catch (PDOException $e) {
echo "Datenbankverbindung gescheitert!";
die();
}
}
function isUserLoggedIn() {
$stmt = self::$_db->prepare("SELECT user_id FROM admins WHERE Session=:sid");
$sid = session_id();
$stmt->bindParam(":sid", $sid);
$stmt->execute();
if($stmt->rowCount() === 1) {
return true;
} else {
return false;
}
}
function login($userMail, $pw) {
$stmt = self::$_db->prepare("SELECT user_id FROM admins WHERE Email=:usermail AND Passwort=:pw");
$stmt->bindParam(":usermail", $userMail);
$stmt->bindParam(":pw", $pw);
$stmt->execute();
if ($stmt->rowCount() === 1) {
$stmt = self::$_db->prepare("Update admins SET Session=:sid WHERE Email=:usermail AND Passwort=:pw");
$sid = session_id();
$stmt->bindParam(":sid", $sid);
$stmt->bindParam(":usermail", $userMail);
$stmt->bindParam(":pw", $pw);
$stmt->execute();
return true;
} else {
return false;
}
}
function logout() {
$stmt = self::$_db->prepare("Update admins SET Session='' WHERE Session=:sid");
$sid = session_id();
$stmt->bindParam(":sid", $sid);
$stmt->execute();
}
function getAllEntries($sort = "DESC") {
if ($sort != "ASC" && $sort != "DESC") {
return -1;
}
$stmt = self::$_db->prepare("SELECT eintraege.eintrag_id, eintraege.header, eintraege.datum, eintraege.eintrag, admins.Vorname, admins.Nachname FROM eintraege INNER JOIN admins ON eintraege.autor = admins.user_id ORDER BY datum " . $sort);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
function createNewNews($titel, $news) {
$stmt = self::$_db->prepare("INSERT INTO eintraege (header, eintrag, autor) VALUES(:titel, :news, :autor)");
$autorID = self::getUserID();
$stmt->bindParam(":titel", $titel);
$stmt->bindParam(":news", $news);
$stmt->bindParam(":autor", $autorID);
if($stmt->execute()) {
return true;
} else {
return false;
}
}
function getUserID() {
$stmt = self::$_db->prepare("SELECT user_id FROM admins WHERE Session=:sid");
$sid = session_id();
$stmt->bindParam(":sid", $sid);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_OBJ)->user_id;
}
function getUserName() {
$stmt = self::$_db->prepare("SELECT Vorname, Nachname FROM admins WHERE Session=:sid");
$sid = session_id();
$stmt->bindParam(":sid", $sid);
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_OBJ);
return $user->Vorname . " " . $user->Nachname;
}
function getUserNameByID($userID) {
$stmt = self::$_db->prepare("SELECT Vorname, Nachname FROM admins WHERE user_id=:userid");
$stmt->bindParam(":userid", $userID);
if($stmt->execute()) {
if ($stmt->rowCount() === 1) {
$user = $stmt->fetch(PDO::FETCH_OBJ);
return $user->Vorname . " " . $user->Nachname;
} else {
return "";
}
} else {
return "";
}
}
function getEntryByID($id) {
$stmt = self::$_db->prepare("SELECT * FROM eintraege INNER JOIN admins ON eintraege.Autor = admins.user_id WHERE eintrag_id=:id");
$stmt->bindParam(":id", $id);
if ($stmt->execute()) {
if ($stmt->rowCount() === 1) {
return $stmt->fetch(PDO::FETCH_OBJ);
} else {
return false;
}
} else {
return false;
}
}
function editEntry($titel, $news, $date, $id) {
$stmt = self::$_db->prepare("UPDATE eintraege SET
datum=:datum,
header=:titel,
eintrag=:news
WHERE eintrag_id=:id");
$date = date('Y-m-d H:i:s', strtotime($date));
$stmt->bindParam(":id", $id);
$stmt->bindParam(":datum", $date);
$stmt->bindParam(":news", $news);
$stmt->bindParam(":titel", $titel);
if($stmt->execute()) {
return true;
} else {
return false;
}
}
function deleteEntry($id) {
$stmt = self::$_db->prepare("DELETE FROM eintraege WHERE eintrag_id=:id");
$stmt->bindParam(":id", $id);
if($stmt->execute()) {
return true;
} else {
return false;
}
}
}
?>
I expect no errors, but actually I have an error...
The ERROR:
"Warning: session_start() [function.session-start]: Cannot start session when headers already sent in /*****/*******/*******/****/news_login.php on line 2"
