Header Error

[wut]

I've been staring at this for ages and I can't for the life of me see what the problem is, even after reading the 'HEADER ERRORS - READ HERE BEFORE POSTING THEM' post I still haven't been able to get it! It's probably something really stupid, I'm fairly sure its to do with the header because all the info gets passed to the MySQL datase.

 

The form: admin-news.php

<?php
session_start();
require_once('auth.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Admin Index</title>
<link href="layout.css" rel="stylesheet" type="text/css" />
<script language="javascript" type="text/javascript">
function limitText(limitField, limitCount, limitNum) {
if (limitField.value.length > limitNum) {
	limitField.value = limitField.value.substring(0, limitNum);
} else {
	limitCount.value = limitNum - limitField.value.length;
}
}
</script>
</head>
<body>

<h1>Update News Feed</h1>
<a href="admin-profile.php">My Profile</a> | <a href="admin-news.php">News</a> | <a href="adlogout.php">Logout</a>
<p>Enter news below or click <a href="member-news.php">here</a> to view news feed.</p>

<form id="news" name="news" method="post" action="newsfeed.php">
<table  border="0" class="tablecontents">

<tr>
<td align="left">Message:</td>
<td><textarea name="newsfeed" style="resize: none;" rows="4" cols="40" onKeyDown="limitText(news.newsfeed,news.countdown,140);" onKeyUp="limitText(news.newsfeed,news.countdown,140);"></textarea>
</td>
</tr>
<tr>
<td> </td>
      <td><?php
		if( isset($_SESSION['ERRMSG_ARR']) && is_array($_SESSION['ERRMSG_ARR']) && count($_SESSION['ERRMSG_ARR']) >0 ) {
		echo '<ul class="err">';
		foreach($_SESSION['ERRMSG_ARR'] as $msg) {
		echo '<li>',$msg,'</li>'; 
		}
		echo '</ul>';
		unset($_SESSION['ERRMSG_ARR']);
		}
	?>
        </td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Post News"></td>
</tr>
<tr>
<td></td>
<td><p>(Maximum characters: 140)<br />
You have <input readonly type="text" name="countdown" size="3" value="140" /> characters left.</p></td>
</tr>
</table>
</form>
</body>
</html>

 

 

The php script: newsfeed.php

<?php
//Start session
session_start();

//Include database connection details
require_once('config.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}

//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
	die("Unable to select database");
}

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

//Sanitize the POST values
$newsfeed = clean($_POST['newsfeed']);

//Input Validations
if($newsfeed == '') {
	$errmsg_arr[] = 'Please enter some news';
	$errflag = true;
}

	//If there are input validations, redirect back to the registration form
if($errflag) {
	$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
	session_write_close();
	header("location: admin-news.php");
	exit();
}

//Create INSERT query
$qry = "INSERT INTO newsfeed(newsfeed) VALUES('$newsfeed')";
$result = @mysql_query($qry);


if($result) {
	header("location: news-success.php");
	exit();
}
else {
	die("Query failed");
}
?>

 

The script carries out the insert but just leaves me at a blank newsfeed.php page!

 

Any ideas?

 

Thanks in advance

[batwimp]

Is that a blank line before your php tags in admin-news.php? That would cause a header error.

[wut]

No, sorry thats just my bad posting.

[DavidAM]

The header error usually tells you the file and line number where the output started. This would be the place to start looking. Post the entire error message that you are getting.

[wut]

There is no error message when you submit the admin-news.php it takes you to a blank newsfeed.php but the data still gets put into the database

[batwimp]

As an aside, it's pretty weird to have one of your column names the same as your table name. I don't know if this would cause problems or not.

[wut]

Hmm.. I'll give that a try

[wut]

That hasn't changed anything, same problem! the page just wont redirect to where it should! Although if I change the code from header to an echo it will echo what i want, so the script is running to that point, the header just isn't working?

[DavidAM]

1) Do you have error reporting turned on?

 

Put these to lines at the beginning of your PHP code in newsfeed.php.

error_reporting(E_ALL);
ini_set("display_errors", 1);

 

2) Forget you ever heard about the "@" operator. All it does is hide errors. Take it out and fix whatever errors, warnings, notices that code produces.

 

3) When you get the blank page, use the "View Source" feature of the browser to see if there is any hidden output -- if an open angle bracket is sent to the browser, the browser considers it an HTML tag and will not display the contents until it comes to a closing angle bracket.

 

4) Are header strings case-sensitive? I can't remember, but I always write it as header('Location: somewhere.php');

 

Question: If you post an empty news item, do you get sent back to admin-news.php as programmed, or do you get left at a blank newsfeed.php page?

 

If the header is not working then you probably have output being sent somewhere, and the header error is not being displayed because you don't have error reporting on.

 

[wut]

Ok so I edited the newsfeed.php to:

<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);
//Start session
session_start();

//Include database connection details
require_once('config.php');
require_once('adauth.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}

//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
	die("Unable to select database");
}

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
	$str = trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

//Sanitize the POST values
$newsfeed = clean($_POST['newsfeed']);

//Input Validations
if($newsfeed == '') {
	$errmsg_arr[] = 'Please enter some news';
	$errflag = true;
}

	//If there are input validations, redirect back to the registration form
if($errflag) {
	$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
	session_write_close();
	header("location: admin-news.php");
	exit();
}

//Create INSERT query
$qry = "INSERT INTO news(newsfeed) VALUES('$newsfeed')";
$result = mysql_query($qry);


if($result) {
	header("location: news-success.php");
	exit();
}
else {
	die("Query failed");
}
?>

 

When it runs now the errors I get are:

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /Applications/MAMP/htdocs/newsfeed.php:1) in /Applications/MAMP/htdocs/newsfeed.php on line 5

 

Notice: A session had already been started - ignoring session_start() in /Applications/MAMP/htdocs/adauth.php on line 3

 

Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/newsfeed.php:1) in /Applications/MAMP/htdocs/newsfeed.php on line 51

 

Does this help you? Sure doesn't help me, sorry!

[batwimp]

does your config.php or adauth.php includes write anything out?

[wut]

adauth.php just checks to see that it's the admin logged in, if not show access-denied.php

this works on all of my other admin pages if im logged out i get redirected to access-denied.php

but if im logged out and try to go to newsfeed.php i dont get redirected and still get the blank page

<?php
//Start session
session_start();

//Check whether the session variable SESS_ADMIN_ID is present or not
if(!isset($_SESSION['SESS_ADMIN_ID']) || (trim($_SESSION['SESS_ADMIN_ID']) == '')) {
	header("location: access-denied.php");
	exit();
}
?>

 

and config.php is the database config

<?php
    define('DB_HOST', 'localhost');
    define('DB_USER', 'xxxxxx');
    define('DB_PASSWORD', 'xxxxxx');
    define('DB_DATABASE', 'xxxxxx');
?>

[DavidAM]

output started at /Applications/MAMP/htdocs/newsfeed.php:1

 

Either your newsfeed.php file is saved as utf-8 WITH BOM or there is a space or new-line before the opening "<?php" tags.

 

Notice: A session had already been started - ignoring session_start() in /Applications/MAMP/htdocs/adauth.php on line 3

 

Your adauth.php is script is trying to start a session but you already started one -- most likely the one you started there in newsfeed.php. If this is one of your scripts, you either need to take the session_start() out of adauth.php, or have adauth.php check to see if there is already a session before issuing the session_start(). If this is a third-party script, umm, hmm, move your session_start() to after the include and check to see if one has already been started -- of course this will be a problem if config.php needs a session.

 

Cannot modify header information - headers already sent

This one (the third one) is probably coming from your header() call that your original post was all about. You can't send the header because something else has already been sent to the browser (including these error messages). So fix the first two problems above and this one will go away.

 

 

Edit: The moral of this story is: Always develop with FULL error reporting on.

[wut]

Ahh thank you so much DavidAM.. You genius!!