Cannot modify header information

[DizzyThermal]

Hey guys, I've searched on Google for this and have had no luck, and you guys have been EXTREMELY helpful with a few of my previous questions!

 

Alright the error I get is: Warning: Cannot modify header information - headers already sent by (output started at /****/header.php:6) in /***/*login.php on line 65

 

:-\ :-\ :-\ :-\ :-\

Errr.. After I posted this I saw the Sticky regarding Header posts..

 

I read the post and cannot find where the issue is with this..

 

The PHP code comes before the form information, am I missing something?

:-\ :-\ :-\ :-\ :-\

 

My login.php script is:

<?php
  include("header.php");

  mysql_connect("10.6.186.84", "gilmdiniz", "Gil19471947") or die(mysql_error());
  mysql_select_db("gilmdiniz") or die(mysql_error());

  if(isset($_COOKIE['ID_my_site']))
  {
    $username = $_COOKIE['ID_my_site']; 
    $pass = $_COOKIE['Key_my_site'];
    $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());

    while($info = mysql_fetch_array( $check )) 	
    {
      if ($pass != $info['password']) 
      {
      }
      else
        echo "SUP";//header($hdir."files.php");
    }
  }

  if (isset($_POST['submit']))
  {
    if(!$_POST['username'] | !$_POST['pass'])
      die('<center>You did not fill in a required field!
             <br />
             <a href="'.$hdir.'login.php">
               Back to Login
             </a>
           </center>');

    if (!get_magic_quotes_gpc())
      $_POST['email'] = addslashes($_POST['email']);

    $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

    $check2 = mysql_num_rows($check);
    if ($check2 == 0)
      die('<center>This username does not exist in our database, sorry.
             <br />
             <a href="'.$hdir.'login.php">
               Back to Login
             </a>
           </center>');

    while($info = mysql_fetch_array( $check )) 	
    {
      $_POST['pass'] = stripslashes($_POST['pass']);
      $info['password'] = stripslashes($info['password']);
      $_POST['pass'] = md5($_POST['pass']);

      if ($_POST['pass'] != $info['password'])
        die('<center>Incorrect password, please try again.
             <br />
             <a href="'.$hdir.'login.php">
               Back to Login
             </a>
           </center>');

      else 
      {
        $_POST['username'] = stripslashes($_POST['username']); 
        $hour = time() + 3600; 
        setcookie(ID_my_site, $_POST['username'], $hour); 
        setcookie(Key_my_site, $_POST['pass'], $hour);	 

        echo "SUP";//header($hdir."files.php"); 
      }
    }
  }

  else 
  {
?> 
  <center>
    <a href="<?php echo $hdir .'index.php'; ?>">
      Back to Home
    </a>
    <table border="1">
      <tr><td>
        <center><h2>Login Information</h2></center>
      </td></tr>
      <tr><td>
        <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
          <table border="0"> 
            <tr><td>
              Username:
            </td><td> 
            <input type="text" name="username" maxlength="40"> 
          </td></tr> 
          <tr><td>
            Password:
          </td><td> 
          <input type="password" name="pass" maxlength="50"> 
        </td></tr> 
        <tr><td colspan="2" align="right"> 
          <input type="submit" name="submit" value="Login"> 
        </td></tr> 
      </table> 
    </form>
  </td></tr>
</table>
</center>
<?php 
  } 
?>

 

and my header.php script is:

<?php
  $hdir = "http://www.ondemandagents.com/NewSite_ALPHA/";
?>

  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> 
  <link rel="stylesheet" type="text/css" href="<?php echo $hdir .'style.css'; ?>" />
</head>

<body>

<table width="920" cellspacing="0" cellpadding="10" border="0" align="center"> 
  <tr> 
    <td class="bodyline">
      <table align="center" border="0" width="635" height="121" background="<?php echo $hdir .'images/logo.png'; ?>"> 
        <tr> 
          <td height="69"> 
            <table border="0" width="635" height="106"> 
              <tr> 
                <td width="800" height="70"> </td> 
                <td width="600" height="70"> </td> 
              </tr> 
              <tr> 
                <td width="400" height="18"> </td> 
                <td width="600" height="18">
          <a href="<?php echo $hdir .'index.php'; ?>" style="text-decoration: none">
          <img src="<?php echo $hdir .'images/icon_mini_home.gif'; ?>" width="12" height="13" border="0" alt="Home" hspace="3" />
          <font face="Arial" color="#FFFFFF" size="2">Home  </font></a>   

          <a href="<?php echo $hdir .'files.php'; ?>" style="text-decoration: none">
          <img src="<?php echo $hdir .'images/icon_mini_files.gif'; ?>" width="12" height="13" border="0" alt="Files" hspace="3" />
          <font face="Arial" color="#FFFFFF" size="2">Files  </font></a>   

          <a href="<?php echo $hdir .'admin.php'; ?>" style="text-decoration: none">
          <img src="<?php echo $hdir .'images/icon_mini_login.gif'; ?>" width="12" height="13" border="0" alt="Administration" hspace="3" />
          <font face="Arial" color="#FFFFFF" size="2">Administration</font></a>   
                </td> 
              </tr>
            </table> 
          </td> 
        </tr> 
      </table>
    </td> 
  </tr> 
</table>

 

I have been using a header file in all my pages and scripts so far so that I wouldn't have to keep typing repetitive code..

 

Help is MUCH appreciated!

 

Thanks in advance guys

[DizzyThermal]

Errr.. After I posted this I saw the Sticky regarding Header posts..

 

I read the post and cannot find where the issue is with this..

 

[prays not to get flamed]  :-\

[Pikachu2000]

You can't output anything at all, not even whitespace, to the browser before using header(). Also, using $_SERVER['PHP_SELF'] as the form action is a bad idea as it presents an XSS vulnerability. To submit a form to itself, simply use <form action="" . . .

[DizzyThermal]

Ahh, it's erroring about the setcookie's

 

        setcookie(ID_my_site, $_POST['username'], $hour); 
        setcookie(Key_my_site, $_POST['pass'], $hour);

 

What is this outputting to the browser that is bad?

 

Am I not allowed to setcookie's on that user's computer?

[Pikachu2000]

Cookies are set using a header. If anything has been sent to the browser as display output, headers can't be sent and attempting to do so will cause an error.

[chintansshah]

Hey,

If headers gives a problem in redirection, then

• Please use out buffering functions of php about headers issue.
  http://www.php.net/manual/en/ref.outcontrol.php
   
  
• After header function for redirect, use exit();
  

 

 

[DizzyThermal]

Alright, If I put:

 

<?php
  ob_start();
  include("header.php");
  ob_end_clean();

....

 

The redirect and cookie creation works fine, but the header file doesn't seem to be loading..

 

If I remove the ob_start(); and ob_end_clean(); and place exit(); after the two redirect headers:

 

.....
        header("Location: ".$hdir."files.php");
        exit();
.....

 

It still doesn't work, same error

 

Not really sure how the output buffering works 

[chintansshah]

at page start, write ob_start();

 

and before page end use ob_flush();