How can I avoid these error messages ?

astoller

Help !
How can I avoid these error messages!
When I run my php script locally, I get:

dd
Warning: Cannot send session cookie - headers already sent by (output started at c:\program files\easyphp\www\example.customer.2.php:1) in c:\program files\easyphp\www\example.customer.2.php on line 37

Here is the script code:
dd<?
/
Source code example for Web Database Applications
Unless otherwise stated, the source code distributed with this book can be
redistributed in source or binary form so long as an acknowledgment appears
in derived source files.
The citation should list that the code comes from Hugh E.
Williams and David Lane, "Web Database Application with PHP and MySQL"
published by O'Reilly & Associates.
This code is under copyright and cannot be included in any other book,
publication, or educational product without permission from O'Reilly &
Associates.
No warranty is attached; we cannot take responsibility for errors or fitness
for use.
/
?>
<?php
// This script shows the user a customer <form>.
// It can be used both for INSERTing a new customer and
// for UPDATE-ing an existing customer. If the customer
// is logged in, then it is an UPDATE; otherwise, an
// INSERT.
// The script also shows error messages above widgets
// that contain erroneous data; errors are generated
// by example.customer.1.php
include 'include.inc';
set_error_handler("errorHandler");
// Show an error in a red font
function fieldError($fieldName, $errors)
{
if (isset($errors[$fieldName]))
echo "<font color=\"red\">" .
$errors[$fieldName] .
"</font><br>";
}

// Connect to a session
session_start();
// Is the user logged in and were there no errors from a previous
// validation? If so, look up the customer for editing
if (session_is_registered("loginUsername") && empty($errors))
{
if (!($connection = @ mysql_pconnect($hostName,
$username,
$password)))
showerror();

 if (!mysql_select_db($databaseName, $connection))
    showerror();

 $custID = getCustomerID($loginUsername, $connection);

 $query = "SELECT * FROM customer 
           WHERE cust_id = " . $custID;

 if (!($result = @ mysql_query($query, $connection)))
    showerror();

 $row = mysql_fetch_array($result);

 // Reset $formVars, since we're loading from 
 // the customer table
 $formVars = array();

 // Reset the errors
 $errors = array();

 // Load all the form variables with customer data
 $formVars["title"] = $row["title"];
 $formVars["surname"] = $row["surname"];
 $formVars["firstName"] = $row["firstname"];
 $formVars["initial"] = $row["initial"];
 $formVars["address1"] = $row["addressline1"];
 $formVars["address2"] = $row["addressline2"];
 $formVars["address3"] = $row["addressline3"];
 $formVars["city"] = $row["city"];
 $formVars["state"] = $row["state"];
 $formVars["zipcode"] = $row["zipcode"];
 $formVars["country"] = $row["country"];
 $formVars["phone"] = $row["phone"];
 $formVars["fax"] = $row["fax"];
 $formVars["email"] = $row["email"];
 $formVars["dob"] = $row["birth_date"];
 $formVars["dob"] = substr($formVars["dob"], 8, 2) . "/" .
                    substr($formVars["dob"], 5, 2) . "/" .   
                    substr($formVars["dob"], 0, 4);

}

?>
<!DOCTYPE HTML PUBLIC
"-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd" >
<html>
<head><title>Customer Details</title></head>
<body bgcolor="white">

<?php
// Show the user login status
showLogin();
?>
<form method="post" action="example.customer.1.php">
<h1>Customer Details</h1>
<?php
// Display any messages to the user
showMessage();

// Show meaningful instructions for UPDATE or INSERT
if (session_is_registered("loginUsername"))
echo "<h3>Please amend your details below as required. Fields shown in <font color=\"red\">red</font> are mandatory.</h3>";
else
echo "<h3>Please fill in the details below to join. Fields shown in <font color=\"red\">red</font> are mandatory.</h3>";
?>
<table>
<col span="1" align="right">

<tr><td><font color="red">Title:</font></td>

<tr><td><font color="red">First name:</font></td>

<tr><td><font color="red">Surname:</font></td>

<tr><td>Initial: </td>

<tr><td><font color="red">Address:</font></td>

<tr><td></td>

<tr><td></td>

<tr><td><font color="red">City:</font></td>

<tr><td>State: </td>
<td><? echo fieldError("state", $errors); ?>

<tr><td><font color="red">Zipcode:</font></td>
<td><? echo fieldError("zipcode", $errors); ?>

<tr><td>Country: </td>

<td><? echo fieldError("country", $errors); ?>
<select name="country">
<option <?if ($formVars["country"]=="Australia") echo "selected";?>>
Australia
<option <?if ($formVars["country"]=="United States") echo "selected";?>>
United States
<option <?if ($formVars["country"]=="Zimbabwe") echo "selected";?>>
Zimbabwe
</select></td>
</tr>

<tr><td>Telephone: </td>

<tr><td>Fax: </td>

<tr><td><font color="red">Date of birth (dd/mm/yyyy):</font> </td>

<?php
// Only show the username/email and password widgets to new users
if (!session_is_registered("loginUsername"))
{
?>
<tr><td><font color="red">Email/username:</font></td>
<td><? echo fieldError("email", $errors); ?>
<input type="text" name="email"
value="<? echo $formVars["email"]; ?>" size=50></td>
</tr>

<tr><td><font color="red">Password:</font></td>

eoghain

The problem is that you are sending information to the browser before you set your session information. So either you have a space or HTML outside of your <?php ?> tags in this script or the include.inc file.

If your script outputs anything (and php outputs all characters outside of the <?php ?> tags immediately before you call session_start() then you will get this error.

astoller

I'm not sure what you mean by a space outside <php
I include the include.inc file here for reference.

<?php
// This file contains functions used in more than
// one script in the cart module

include 'db.inc';
include 'error.inc';

// Untaint user data
function clean($input, $maxlength)
{
$input = substr($input, 0, $maxlength);
$input = EscapeShellCmd($input);
return ($input);
}

// Print out the varieties for a wineID
function showVarieties($connection, $wineID)
{
// Find the varieties of the current wine,
// and order them by id
$query = "SELECT gv.variety
FROM grape_variety gv,
wine_variety wv, wine w
WHERE w.wine_id = wv.wine_id
AND wv.variety_id = gv.variety_id
AND w.wine_id = $wineID
ORDER BY wv.id";

  // Run the query
  if (!($result = @ mysql_query($query, $connection)))
     showerror();

  $varieties = "";

  // Retrieve and print the varieties
  while ($row = @ mysql_fetch_array($result))
     $varieties .= " " . $row["variety"];

  return $varieties;

}

// Show the user the details of one wine in their cart
function showWine($wineId, $connection)
{
global $username;
global $password;
global $databaseName;

  $wineQuery = "SELECT year, winery_name, wine_name
                FROM winery, wine
                WHERE wine.winery_id = winery.winery_id
                AND wine.wine_id = $wineId";  

  $open = false;

  // If a connection parameter is not passed, then 
  // use our own connection to avoid any locking problems
  if (!isset($connection))
  {
     if (!($connection = @ mysql_connect($hostName, 
                                         $username, 
                                         $password)))
        showerror();

     if (!mysql_select_db($databaseName, $connection))
        showerror();

     $open = true;
  }

  // Run the query created above on the database through
  // the connection
  if (!($result = @ mysql_query ($wineQuery, $connection)))
     showerror();

  $row = @ mysql_fetch_array($result);

  // Print the wine details
  $result = $row["year"] . " " .
            $row["winery_name"] . " " .
            $row["wine_name"];

  // Print the varieties for this wine
  $result .= showVarieties($connection, $wineId);     

  if ($open == true)
     @ mysql_close($connection);

  return $result;

}

// Print out the pricing information for a wineID
function showPricing($connection, $wineID)
{
// Find the price of the cheapest inventory
$query = "SELECT min(cost)
FROM inventory
WHERE wine_id = $wineID";

  // Run the query
  if (!($result = @ mysql_query($query, $connection)))
     showerror();

  // Retrieve the oldest price
  $row = @ mysql_fetch_array($result);

  printf("<b>Our price: </b>$%.2f", $row["min(cost)"]);
  printf(" ($%.2f a dozen)", ($row["min(cost)"] * 12));

}

// Show the total number of items and dollar value of the shopping cart,
// as well as a clickable cart icon
function showCart($connection)
{
global $order_no;

  // Initialise an empty cart
  $cartAmount = 0;
  $cartCount = 0;

  // If the user has added items to their cart, then
  // the variable order_no will be registered
  if (session_is_registered("order_no"))
  {
     $cartQuery = "SELECT qty, price " .
                  "FROM items " .
                  "WHERE cust_id = -1 " .
                  "AND order_id = " . $order_no;

     // Find out the number and the dollar value of
     // the items in the cart. To do this, we run the
     // cartQuery through the connection on the database         
     if (!($result = @ mysql_query ($cartQuery, $connection)))
        showerror();                                          

     while ($row = @ mysql_fetch_array($result))
     {
        $cartAmount += $row["price"] * $row["qty"];
        $cartCount += $row["qty"];          
     }
  }

  // This sets up the cart picture.
  // The user can click on it to see the contents of their
  // cart. It also contains JavaScript, so that the cart highlights
  // when the mouse is over it (a "roll-over")
  echo "<table>\n<tr>\n\t<td>";
  echo "<a href=\"example.cart.2.php\" " .
       "onMouseOut=\"cart.src='cart_off.jpg'\" " .
       "onMouseOver=\"cart.src='cart_on.jpg'\"> " .
       "<img src=\"cart_off.jpg\" vspace=0 border=0 " .
       "alt=\"cart picture\" name=\"cart\"></a>\n";
  echo "\t</td>\n";

  printf("\t<td>Total in cart: $%.2f (%d items)</td>\n", $cartAmount, $cartCount);
  echo "</tr>\n</table>";

}

// Display any messages that are set, and then
// clear the message
function showMessage()
{
global $message;

  // Is there an error message to show the user?
  if (session_is_registered("message"))
  {
     echo "<h3><font color=\"red\">$message</font></h3>";
     // Clear the error message
     session_unregister("message");
     $message = "";
  }

}

// Show whether the user is logged in or not
function showLogin()
{
global $loginUsername;

  // Is the user logged in?
  if (session_is_registered("loginUsername"))
     echo "<p align=\"right\">You are currently logged in as <b>$loginUsername</b></p>\n";
  else
     echo "<p align=\"right\">You are currently not logged in</p>\n";

}

// Show the user a login or logout button. Also, show them membership
// buttons as appropriate.
function loginButtons()
{
if (session_is_registered("loginUsername"))
{
echo "\n\t<td><input type=\"submit\" name=\"logout\" value=\"Logout\"></td>\n";
echo "\n\t<td><input type=\"submit\" name=\"account\" value=\"Change Details\"></td>\n";
}
else

{
echo "\t<td><input type=\"submit\" name=\"login\" value=\"Login\"></td>\n";
echo "\n\t<td><input type=\"submit\" name=\"account\" value=\"Become a Member\"></td>\n";
}
}

// Get the cust_id using loginUsername
function getCustomerID($loginUsername, $connection)
{
global $databaseName;
global $username;
global $password;
global $hostName;

  $open = false;

  // If a connection parameter is not passed, then 
  // use our own connection to avoid any locking problems
  if (!isset($connection))
  { 
      if (!($connection = @ mysql_connect($hostName, 
                                         $username, 
                                         $password)))
         showerror();

      if (!mysql_select_db($databaseName, $connection))
         showerror();

      $open = true;
  }

  // We find the cust_id through the users table, using the
  // session variable holding their loginUsername.
  $query = "SELECT cust_id 
            FROM users 
            WHERE user_name = \"$loginUsername\"";

  if (($result = @ mysql_query ($query, $connection)))
     $row = mysql_fetch_array($result);         
  else
     showerror();

  if ($open == true)
     @ mysql_close($connection);

 return($row["cust_id"]);

}

function selectDistinct ($connection,
$tableName,
$columnName,
$pulldownName,
$additionalOption,
$defaultValue)
{
$defaultWithinResultSet = FALSE;

 // Query to find distinct values of $columnName
 // in $tableName
 $distinctQuery = "SELECT DISTINCT $columnName
                   FROM $tableName";

 // Run the distinctQuery on the databaseName
 if (!($resultId = @ mysql_query ($distinctQuery, 
                                  $connection)))
    showerror();

 // Retrieve all distinct values
 $i = 0;
 while ($row = @ mysql_fetch_array($resultId))
    $resultBuffer[$i++] = $row[$columnName];

 // Start the select widget
 echo "\n<select name=\"$pulldownName\">";       

 // Is there an additional option?
 if (isset($additionalOption))
    // Yes, but is it the default option?
    if ($defaultValue == $additionalOption)
       // Show the additional option as selected
       echo "\n\t<option selected>$additionalOption";
    else
       // Just show the additional option
       echo "\n\t<option>$additionalOption";

 // check for a default value
 if (isset($defaultValue))
 {
    // Yes, there's a default value specified

    // Check if the defaultValue is in the 
    // database values
    foreach ($resultBuffer as $result)
       if ($result == $defaultValue)
          // Yes, show as selected
          echo "\n\t<option selected>$result";
       else
          // No, just show as an option
          echo "\n\t<option>$result";
 }  // end if defaultValue
 else 
 { 
    // No defaultValue

    // Show database values as options
    foreach ($resultBuffer as $result)
       echo "\n\t<option>$result";
 }
 echo "\n</select>";

} // end of function

astoller

Can you help me here.
I'm not sure what you mean by a space outside <php
I include the include.inc file above for reference.

newcastle_unite

As you know, a php script starts with <?php . Now, if there are any spaces, any characters, anything that generates output, before <?php , then you will get this error. The reason for this is that session-related code needs to be a part of the header, and the header MUST be placed before any output.

This also means that if you try to get php to print something before you call your session functions, you will end up with the same error.

I hope this makes some sense to you?

Pie

You can also add ob_start() at the start of your code and ob_end_flush() at the end.

E.g.

<?php
    ob_start();

..your code here

ob_end_flush();
?>