header and session_start errors

bokerfest

I have had 3 people look at this and they are all at a loss. My code all makes perfect sense to to and all the testing for my auth_level is correct and works properly.

My problem when testing the code is that it comes out with error with my session_start(); line and my header("Location: auth2menu.php"); line.

Can Anyone help or let me know what these errors are trying to communicate?

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/oddprod/public_html/login3.php:9) in /home/oddprod/public_html/login3.php on line 11

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/oddprod/public_html/login3.php:9) in /home/oddprod/public_html/login3.php on line 11

Warning: Cannot modify header information - headers already sent by (output started at /home/oddprod/public_html/login3.php:9) in /home/oddprod/public_html/login3.php on line 47

//start sessions
session_start();
// Connect to DB
$db = mysql_connect ("localhost", "username", "password")
or die ('I cannot connect to the database because: ' . mysql_error());
$db_selected = mysql_select_db('oddprod_managment', $db);
if (!$db_selected) {
   die ('Can\'t use oddprod_managment : ' . mysql_error());
}
// End Connect

//extract user information from database

if ($username && $password)
{
// if the user has just tried to log in
$query = "select * from users "
."where usersLOGIN='$username' "
." and usersPASS='$password' ";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);

if (mysql_num_rows($result) >0)
{
  // if they are in the database register the user id
  $_SESSION['valid_user'] = $row['usersLOGIN'];
  $_SESSION['pass'] = $_POST['password'];
  $_SESSION['auth_level'] = $row["usersTITLEID"];
}
}

if ($_SESSION['auth_level']==1){
header("Location: auth2menu.php");
}

else if($_SESSION['auth_level']==2){
header("Location: auth2menu.php");
}

mysql_close($db);

swr

The problem is that something has been sent to the browser before you called session_start() or header(). Make sure there is no output; no HTML or echo statements or anything occuring before the code you posted.

Details here:
http://www.phpbuilder.com/board/showthread.php?s=&postid=10453971#post10453971
and here:
http://www.php.net/manual/en/faq.using.php#faq.using.headers-sent
and here:
http://www.php.net/header

bokerfest

I got the error messages gone and now it correctly redirects but my session variables are not being recognized by further pages.

This is how it is set up:

The code from my first post is doing good and it redirects to my auth2menu.php. On that page I have:

<?php 
if ($_SESSION['auth_level']==2){
	echo "Level 2 accessed.\n";
}

else if($_SESSION['auth_level']==1){
	echo "Level 1 accessed.\n";
}
?>

If I echo out the session variable i get back a 0 and I know that it should be coming back as a 2 for that is how it is being redirected to auth2menu.php. If I also put this else if statment, it will echo out this to prove that it is set at 0.

else if($_SESSION['auth_level']<1){
	echo "Session Variable Not working.\n";
}

Any Ideas?

swr

You need to call [man]session_start[/man] at the beginning of all pages where you use the $_SESSION array. Doing it on the first page is not enough.

[edit]...unless the session.auto_start configuration setting is enabled, in which case PHP calls session_start() for you at the start of every page, whether it needs it or not.[/edit]

bokerfest

Thanks, I believe I got it figured out. Thanks for the help. I much appreciate it