This question already has answers here:
How to fix "Headers already sent" error in PHP
(11 answers)
Reference - What does this error mean in PHP?
(38 answers)
Closed 9 years ago.
<?php session_start();
include_once("include/Connection.php");
$userid=$_POST['userid'];
$password=$_POST['password'];
$loginSql = "SELECT * FROM admin2 WHERE admin_name='$userid' and admin_psw='$password'";
$loginQuery=mysql_query($loginSql);
$num_row = mysql_num_rows($loginQuery);
$login = mysql_fetch_array($loginQuery);
$user = $login['admin_name'];
$password = $login['admin_psw'];
echo $user;
echo $password;
if($num_row >0)
{
if($user == $userid)
{
$_SESSION['id_gosi'] = $login['id'];
$_SESSION['userid_gosi'] = $login['admin_name'];
header("Location: CustomerMaster.php");
}
else{
header("Location: index.php?msg=2");
exit();}}
else{
header("Location: index.php?msg=1");
}?>
Warning: Cannot modify header information - headers already sent by (output started at C:\wamp\www\php_mahavirbhadra\Admin\validate_login.php:17) in C:\wamp\www\php_mahavirbhadra\Admin\validate_login.php on line 26
Warning: Unknown: 1 result set(s) not freed. Use mysql_free_result to free result sets which were requested using mysql_query() in Unknown on line 0
when i write above code for admin login in php than connection successfully done but give me above error what can i do for this error ...Please give me solution....
print/echo before HEADER is WRONG !!!
/* echo $user;
echo $password;*/
if($num_row >0)
{
if($user == $userid)
{
....
header("Location: CustomerMaster.php");
}
else
{
header("Location: index.php?msg=2");
exit();
}
}
else
header("Location: index.php?msg=1");
?>
never echo ANYTHING before HEADER, so remove those ECHO $USER, $PASSWORD
Tip 1-> Use mysqli instead of mysql
Tip 2-> Use prepared statement
Tip 3-> Use mysql_real_escape_string()
Related
This question already has answers here:
How to fix "Headers already sent" error in PHP
(11 answers)
Closed 6 years ago.
<?php
include 'conn/condb.php';
if (isset($_POST['submit'])) {
if (isset($_POST['username'])and isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$query = mysql_query("SELECT username,password FROM login WHERE`username='$username'AND password='$password'");
if (!$query)
die("Database access failed: " . mysql_error());
$rows = mysql_num_rows($query);
if (($username == 'admin') && ($password == 'keystech')) {
$_SESSION['username'] = $username;
$_SESSION['sid'] = session_id();
header("location:index1.php");
} else {
echo "<script type='text/javascript'>alert('Please Enter Your Correct user name And Password..')</script>";
echo '<script type="text/javascript">window.location="index.html";
</script>';
}
}
}
?>
At some point, before reaching your header() instruction, some output has been made. Your formatting is messed up, but there may be a space at the first character of the page before
<?php
but that could just be bad pasting.
after your <?php starting just type this ob_start(); it will buffer empty spaces or any output before redirect.
Do few things
add ob_start just after the <?php
Place exit(); or die() after your header.
This question already has answers here:
Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at [duplicate]
(2 answers)
Closed 7 years ago.
i have error like Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at G:\PleskVhosts\globaledudeals.com\translatemasters\list.php:1) in G:\PleskVhosts\globaledudeals.com\translatemasters\list.php on line 87
<?php
ob_start();
session_start(); //**---> This is 87th line**
$message="";
if(count($_POST)>0) {
$conn = mysql_connect("198.72.225.45:3360","test","xxxx");
mysql_select_db("test",$conn);
$result = mysql_query("SELECT * FROM candidate WHERE user_name='" . $_POST["userName"] . "' and pass_word = '". $_POST["password"]."'");
$row = mysql_fetch_array($result);
if(is_array($row)) {
$_SESSION["user_id"] = $row['id'];
$_SESSION["user_name"] = $row['user_name'];
} else {
$message = "<font color='#FF0000'>Invalid Username or Password!</font>";
}
}
if(isset($_SESSION["user_id"])) {
header("Location:profile.php");
}
ob_flush();
?>
See if there are any spaces before very first <?php at the start of the page; if so, remove that space and see the result...
Also, always start the session at the top of the page before anything else (session_start()).
This question already has answers here:
How do I make a redirect in PHP?
(34 answers)
Closed 7 years ago.
I want it to redirect the user based on the if statements, but it doesn't seem to work. Any ideas?
<?php
$username = $_POST['username'];
$password = $_POST['password'];
if ($username == 'co323'){
if($password == 'marking'){
$link = "menu.php";
}
else{
echo "Wrong Username/Password";
$link = "loginform.html";
}
}
else{
echo "Wrong Username/Password";
$link = "loginform.html";
}
header($link);
?>
To redirect, you need a Location header, so the proper line would be:
header("Location: $link");
Note that you must not echo any output before the redirect header, so remove all your echos to make this work.
This question already has answers here:
How to fix "Headers already sent" error in PHP
(11 answers)
Closed 9 years ago.
I have an php login function. When I try to logged in with correct user, it show the error like this :
Warning: Cannot modify header information - headers already sent by (output started at /home/hapshou1/public_html/index.php:15) in /home/hapshou1/public_html/index.php on line 150
-
include "config.php";
if($_SERVER["REQUEST_METHOD"] == "POST")
{
function antiinjection($data)
{
$filter_sql = mysql_real_escape_string(stripslashes(strip_tags(htmlspecialchars($data,ENT_QUOTES))));
return $filter_sql;
}
$username = antiinjection($_POST['username']);
$pass = antiinjection($_POST['password']);
$login=mysql_query("SELECT username, password FROM user WHERE (username='$username' OR email='$username') AND password='$pass'");
$found=mysql_num_rows($login);
$r=mysql_fetch_array($login);
if
((!empty($username)) &&
(!empty($pass)))
{
if ($found > 0)
{
session_register("username");
session_register("password");
$_SESSION[username] = $r[username];
$_SESSION[password] = $r[password];
date_default_timezone_set("Asia/Jakarta");
$date_log = date("j-F-Y, G:i ");
mysql_query("update user set status='online', date_logged_in='$date_log' WHERE username='$_SESSION[username]'");
header('location:home');
}
else
{
echo '<div class="error_log">
<p>Wrong username or password. Please try again.</p>
</div>';
}
}
else
{
echo '
<div class="error_log">
<p>Username and password are required.</p>
</div>
';
}
}
What's wrong with my code?
Well, then look at what's on line 15.
The most likely scenario is that this statement caused the output:
$found=mysql_num_rows($login);
Which in turn is caused by the fact that your mysql_query returns false.
You could consider this to report any errors:
if (false === ($login=mysql_query("SELECT username, password FROM user WHERE (username='$username' OR email='$username') AND password='$pass'"))) {
die(mysql_error());
}
It's not advisable to use die() statements like this in a production environment, so consider using a logger instead
Btw, learn how to use PDO / mysqli; PDO has a mode in which all errors can be turned into exceptions which helped me find bugs much faster.
Put ob_start(); at top of the code and put ob_flush(); at end
Always put exit(); after header redirect
Enclose your code within
ob_start();
...
ob_flush();
The reason this error occurs is that some part of the body of the web page has been sent to the user already when a request is made to set a header value.
Also always put exit(); after header() statement so that rest of code on current page after the header() call doesn't get executed.
Exemple: header('Location: http://www.example.com/');
Naga, try this code:
session_start();
date_default_timezone_set("Asia/Jakarta");
include "config.php";
if(isset($_POST['username']) && isset($_POST['password']))
{
function antiinjection($data)
{
$filter_sql = mysql_real_escape_string(stripslashes(strip_tags($data)));
return $filter_sql;
}
$username = antiinjection($_POST['username']);
$pass = antiinjection($_POST['password']);
$login = mysql_query("SELECT username, password FROM user WHERE (username='$username' OR email='$username') AND password='$pass'");
$r = mysql_fetch_array($login);
if((!empty($username)) && (!empty($pass)) && is_array($r))
{
if (count($r) > 0)
{
$_SESSION['username'] = $r['username'];
$_SESSION['password'] = $r['password'];
$date_log = date("j-F-Y, G:i");
mysql_query("UPDATE user SET status = 'online', date_logged_in = '$date_log' WHERE username = '$_SESSION[username]'");
header('Location: http://domen.com/');
}
else
{
echo '<div class="error_log">
<p>Wrong username or password. Please try again.</p>
</div>';
}
}
else
{
echo '
<div class="error_log">
<p>Username and password are required.</p>
</div>
';
}
} else {
// do some action
}
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Warning: Cannot modify header information - headers already sent
Headers already sent by PHP
Error: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\GameHutWebsite\data\connection.php:1) in C:\xampp\htdocs\GameHutWebsite\login.php on line 21
I am getting this error when the user enters the correct username and password in the login screen to send the user in the home page. This is the code:
<?php
if ($_POST)
{
$dsLogin = $dataobj->validateLogin($_POST["txtUsername"],$_POST["txtPassword"]);
if (mysql_num_rows($dsLogin))
{
$dsUserDetails = mysql_fetch_array($dsLogin);
$_SESSION["UserEmail"] = $dsUserDetails["UserEmail"];
$_SESSION["Username"] = $dsUserDetails["Username"];
$_SESSION["UserTypeId"] = $dsUserDetails["UserTypeId"];
header ("Location: index.php");
}
else
{
$msg = "Invalid Username and Password!";
}
}
?>
Connection Class:
<?php
class connection
{
function connect($sql)
{
$server = 'localhost';
$myDB = 'gamehutdb';
//connection to the database
$dbhandle = mysql_connect($server, 'root', "")
or die("Couldn't connect to SQL Server $server");
//select a database to work with
$selected = mysql_select_db($myDB)
or die("Couldn't open database $myDB");
//execute the SQL query and return records
$result = mysql_query($sql);
//return result set
return $result;
//close the connection
mysql_close($dbhandle);
}
}
?>
You have used
header ("Location: index.php");
AFTER sending something to the client (ie, using echo or print), make sure that there is nothing sent to the client before that code.
Another reason might be a BOM problem.
This is probably due to the fact that your connection class is emitting some kind of output
Comment out the "header" line and run your script. If you get some output, then that's the reason.
You should conditionally launch the "header" line based on whether you get an error or not, at least while you troubleshoot your problem.