Dynasty 0 Report post Posted July 4, 2005 My friend helped me create a login script. But there is a error that shows up on the page. I am able to connect to the database and login in and everything but theres an error on the page. Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/dynasty/public_html/New Folder/db_connect.php:9) in /home/dynasty/public_html/New Folder/check_login.php on line 13 Can someone tell me whats wrong. Im new to php and mysql. So please be gentle Share this post Link to post Share on other sites
rejected 0 Report post Posted July 4, 2005 I'm not sure that I can do much without knowing what is in /home/dynasty/public_html/New Folder/db_connect.php:9) and/home/dynasty/public_html/New Folder/check_login.php on line 13 Share this post Link to post Share on other sites
Dynasty 0 Report post Posted July 4, 2005 session_start();That is line 13.<?php/* check login script, included in db_connect.php. */session_start();if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) { $logged_in = 0; return;} else { // remember, $_SESSION['password'] will be encrypted. if(!get_magic_quotes_gpc()) { $_SESSION['username'] = addslashes($_SESSION['username']); } // addslashes to session username before using in a query. $pass = $db_object->query("SELECT password FROM users WHERE username = '".$_SESSION['username']."'"); if(DB::isError($pass) || $pass->numRows() != 1) { $logged_in = 0; unset($_SESSION['username']); unset($_SESSION['password']); // kill incorrect session variables. } $db_pass = $pass->fetchRow(); // now we have encrypted pass from DB in //$db_pass['password'], stripslashes() just incase: $db_pass['password'] = stripslashes($db_pass['password']); $_SESSION['password'] = stripslashes($_SESSION['password']); //compare: if($_SESSION['password'] == $db_pass['password']) { // valid password for username $logged_in = 1; // they have correct info // in session variables. } else { $logged_in = 0; unset($_SESSION['username']); unset($_SESSION['password']); // kill incorrect session variables. }}// clean upunset($db_pass['password']);$_SESSION['username'] = stripslashes($_SESSION['username']);?>That is the whole script if you need it. Share this post Link to post Share on other sites
bureX 0 Report post Posted July 4, 2005 I had a similar problem, and I read somewhere that the PHP.ini file should be edited, so:I changed this line:session.auto_start= 0 ; initialize session on request startupTo this:session.auto_start= 1 ; initialize session on request startupIf anyone has a better solution for this, I would really like to hear it please, because you can't edit the PHP.ini file on a remote server, only locally.I have no idea what it does, but I will look it up on http://php.net/ later... Share this post Link to post Share on other sites
SystemWisdom 0 Report post Posted July 4, 2005 I am guessing you have some white-space (or anything) that is being output to the browser (meaning it is not inside of any PHP tags) in your /home/dynasty/public_html/New Folder/db_connect.php file at line 9.In order to use sessions, you must start your session before outputting *anything* to the browser.. Even white-space will cause this error for you, if the white-space is output before the call to session_start().. Share this post Link to post Share on other sites
fffanatics 0 Report post Posted July 4, 2005 yeah make sure u do not have any empty lines after the ?> or even a blank space after it because if you do you get that error. Share this post Link to post Share on other sites
bureX 0 Report post Posted July 4, 2005 Sorry, but you are wrong! The session_start() line has to be started BEFORE ANY DATA IS OUTPUTTED to the browser! So, you can have white spaces, comments or php code before the session_start() function, but you cannot have a, let's say, <body> tag before it, or use the echo() command before the session is started!This code: <?php$thisvariable="nothing";session_start();echo("<meta http-equiv=\"Cache-Control\" content=\"private\">");?> ..is valid!But, this code:<?php$thisvariable="nothing";echo("<meta http-equiv=\"Cache-Control\" content=\"private\">");session_start();?> ... is invalid! The echo() command outputs data to the browser before the session is started! Share this post Link to post Share on other sites
Dynasty 0 Report post Posted July 5, 2005 Thank you bureX. You were right about the body thing. I forgot to erase the previous code i had. My fualt. Thanks for all the help and suggestions. Share this post Link to post Share on other sites
SystemWisdom 0 Report post Posted July 5, 2005 Sorry, but you are wrong! The session_start() line has to be started BEFORE ANY DATA IS OUTPUTTED to the browser! So, you can have white spaces, comments or php code before the session_start() function, but you cannot have a, let's say, <body> tag before it, or use the echo() command before the session is started! 157694[/snapback] I am not wrong, nor is the PHP online documentation.. You can go and argue this fact with the PHP developers if you want to.. Read: session_start Quoting the page: Note: If you are using cookie-based sessions, you must call session_start() before anything is outputted to the browser. In most cases PHP will use cookie-based sessions (to store session id) unless the users browser doesn't accept cookies, then it will use the querystring method.. You see, when outputting *anything* to the browser (including white-space) the PHP processor first must prepare and send the MIME Type Headers for the requested page. If *any* output is sent to the client *before* session_start() then PHP has to send the Headers first. If the headers are sent before calling session_start() then PHP will not be able to append the SessionID to the page headers, and thus you will receive an error.. I didn't make this up, it IS the way PHP works! Share this post Link to post Share on other sites
bureX 0 Report post Posted July 5, 2005 You didn't quite understand that PHP documentation page...I think I see what is the problem here... When OUTPUTTING something to the browser, that means that data is SENT to the user's browser! Registering a variable, or using a function that isn't die(), echo(), print() etc. is not outputting!echo("Hello world!"); <---- This is outputting data to the browser$hello="Hello world"; <---- This is NOT outputting data to the browser (the user's browser is not aware of the existence of this variable)The PHP manual page that you included in your post has lots of comments on the bottom, and here's a piece of code from one of them: <?$id = 473483478383834;session_id($id);session_start();?> He/she registered a variable and used a function before the session_start() command! This is perfectly valid!Did you actually try to run the example scripts that I wrote in the previous post? Try it! (But close the browser after testing each script, because session_destroy() isn't called in them) Share this post Link to post Share on other sites
