headers already sent error

jonathen

Another script problem....

I have a very basic auth system I'm using on one page (a blog script I created) which authenticates the user. However, when I try to call the page, instead of prompting for user/pass, I get the following errors:

Warning: Cannot add header information - headers already sent by (output started at c:\ibserver\www\header.php:4) in c:\ibserver\www\addnews.php on line 13

Warning: Cannot add header information - headers already sent by (output started at c:\ibserver\www\header.php:4) in c:\ibserver\www\addnews.php on line 14
Access Denied!

This is my script:

<?php 
include "header.php";
include "config.php";

$LOGIN = "$admin";
$PASSWORD = "$adminpass";
function error ($error_message) {
echo $error_message."<BR>";
exit;
}

if ( (!isset($PHP_AUTH_USER)) || ! (($PHP_AUTH_USER == $LOGIN) && ( $PHP_AUTH_PW == "$PASSWORD" )) ) {
header("WWW-Authenticate: Basic entry=\"News Blog\"");
header("HTTP/1.0 401 Unauthorized");
error("Access Denied!");
}
?> ...protected page content goes here...

I thought it might be because I am including header.php at the top (which is ony the header inc of all pages - aesthetic only) but removing that then caused the browser to crash (??) instead of the instant error I got above.

Any ideas what I am missing here?

Thanks in advance,

Jonathen

rupertbj

Headers are sent when the browser loads the page, so to get them included when they are sent make sure your include statement is right at the top of the page (i.e. before ANYTHING else e.g. <html> or <doctype ...... >

spirp

Looking at the result the debugger returns tells you almost all you need to know.

The output that creates the problem is located at line 4 in the header.php

Just put the

include "header.php";

after the header()-methods, and that ought to fix it!

// Olle

abnfire

make sure there are no space or any word when you start your php code or any word echoing out before your header function.

jonathen

Thanks for that, but I did similar before (I simply removed the include header.php line) and this time I moved it to be below the auth script, but now instead of getting the error, the page takes forever to load, before eventually crashing the browser.

Weird!

jonathen

There are no spaces or anything else at all - I now have this from the very first line of the file:

<?php 
$LOGIN = "test";
$PASSWORD = "test";
function error ($error_message) {
echo $error_message."<BR>";
exit;
}
if ( (!isset($PHP_AUTH_USER)) || ! (($PHP_AUTH_USER == $LOGIN) && ( $PHP_AUTH_PW == "$PASSWORD" )) ) {
header("WWW-Authenticate: Basic entry=\"News Blog\"");
header("HTTP/1.0 401 Unauthorized");
error("Access Denied");
}
?> 
...then all the other stuff here

spirp

Weird.

Sounds like an eternal loop or something.. Anyway, as rupertbj said, you can't generate any output before header() unless you use output buffering, which might help you.. Don't know much about it, but it might be worth while to investigate that option..

good luck,

Olle

ejrhodes

Originally posted by jonathen
There are no spaces or anything else at all - I now have this from the very first line of the file:

<?php 
$LOGIN = "test";
$PASSWORD = "test";
function error ($error_message) {
echo $error_message."<BR>";
exit;
}
if ( (!isset($PHP_AUTH_USER)) || ! (($PHP_AUTH_USER == $LOGIN) && ( $PHP_AUTH_PW == "$PASSWORD" )) ) {
header("WWW-Authenticate: Basic entry=\"News Blog\"");
header("HTTP/1.0 401 Unauthorized");
error("Access Denied");
}
?> 
...then all the other stuff here

[/B]

It could be the echo, I ran into the problem where echo was what was causing me problems. Who knows.

spirp

I don't get any errors when using your code, it seems to work just fine.. I think 🙂 Mayber the errors are further down the code?

// Olle