PHP Login error

Mere

hey just wondering if you may be able to solve this error for me, its a php join login system, you can signup ok, but when you go to sign in, I get these errors and wont login, im very new to php so take it easy on any questions........errors and login file as follows....

Warning: Cannot modify header information - headers already sent by (output started at /home/maybe/public_html/login.php:1) in /home/maybe/public_html/login.php on line 68

Warning: Cannot modify header information - headers already sent by (output started at /home/maybe/public_html/login.php:1) in /home/maybe/public_html/login.php on line 69
your now being logged in!

<?php
// Instant Network
// Version: 1.0
// Creator: m <blah@gmail.com>
// Support Website: http://www.flowstream-net.com/index.php

// Check the as this is the.
// CopyRight 2005 - mgnchat /

//Database/Mysql//
$dusername = "blahmevv"; //username to connect to database
$dpwd = "balhmemm"; //password to accecss mySQL
$dhost = "localhost"; //your db host usually localhost
$dbname = "freddynnnn"; //db name to be accessed

$conn = mysql_connect("$dhost","$dusername","$dpwd") or die ("Unable to connect to database.");
$db=mysql_select_db($dbname,$conn) or die("Unable to connect to database!");

//Global Vars
$sitepath = "/home/blahe/public_html/"; //sitepath without trailing backslash
$siteurl = "http://mgnchat.com"; //siteurl without trailing backslash
$sitetitle = 'MySite'; //site title
$version = '1.0Alpha'; //site verion
$years = '2005'; // the copy right years
$sitename = 'MySite'; //Site Name

$colour = array(
// key => "file:name",
0 => "red_night:Red Night",
1 => "blue_night:Blue Night",
2 => "emerald_night:Emerald Night",

);
include("functions.php");
if($action==login)
{
if($COOKIE[username]=="" AND $COOKIE[password]=="")
{
$md5_password = md5($POST[password]);
$sql = mysql_query("SELECT * FROM users WHERE username = '$POST[username]' AND password = '$md5_password'") OR DIE("Sorry there is a mysql error.");
$row = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($POST[password]=="")
{
print("No password Entered.");
login_form();
exit;
}
elseif($POST[username]=="")
{
print("No username Entered.");
login_form();
exit;
}
elseif($numrows == "0")
{
print("Username and Password doesnt match!");
login_form();
exit;
}

else
{
setcookie("username","$_POST[username]",time()+30000000);
setcookie("password","$md5_password",time()+30000000);
echo "<meta http-equiv=refresh content=\"5;url=/loggedin.php\">";
print("your now being logged in!");

}
}
else
{
print("Your are already loggedin!");

}
}
if($action=="")
{
login_form();

}

the errors stop it from setcookies username pass

Thanks to anyone that can help🙂

bradgrafelman

headers already sent by (output started at /home/maybe/public_html/login.php:1)

This means that something was already outputted to the connection, whether by an echo(), print(), blank space at the top/bottom of your PHP script (outside the <?PHP tags), etc.

Looking at the line # of the error (login.php:1), look at the above list and see which error you think stands out more and might be causing this 🙂

Mere

I know basically what it means, but on how to fix the error, I have no idea, as I said im very new to php and kinda seeking a solution to the prob, if anyone would like to add me to msn messenger and give me a hand on it, I wont say no or post a fix would be just as good :p

Thanks

bradgrafelman

Umm.... look at the bold words in my post

I thought I made it obvious enough? 😕

Look for blank lines/spaces before and after your <?PHP ?> tags.

Mere

well from what I can see there are no blank lines or spaces b4 or after, but i got no idea, ive been at it for nearly 2 weeks and it frustrating for people to tell me what to look for, when im to new at it, this is why im asking for help, is that straight forward enuff, i dont know enuff on it..............sorry if i sound blunt, but this is killing me......🙁

bradgrafelman

Can you post the exact PHP file to your next post?

Change the extension to '.txt' or '.php.txt' and attach it.

Mere

<?php
//* PaperIRC Instant Network
//* Version: 1.0-
//* Creator: Synaptic <@.com>
//* Support Website: [url]http://www..com/index.php[/url]  

//* Check the forums for support as this is the only location support will be offered. 
//* CopyRight 2004 -  / 



//Database/Mysql//
	$dusername = "12345";					//username to connect to database
	$dpwd = "111111111";	 					//password to accecss mySQL
	$dhost = "localhost";					//your db host usually localhost
	$dbname = "1111111111";					//db name to be accessed


$conn = mysql_connect("$dhost","$dusername","$dpwd") or die ("Unable to connect to database.");
$db=mysql_select_db($dbname,$conn) or die("Unable to connect to database!");

//Global Vars
$sitepath = "/home/maybe/public_html/";			//sitepath without trailing backslash
$siteurl = "http://mgnchat.com";					//siteurl without trailing backslash
$sitetitle = 'MySite';				//site title
$version = '1.0Alpha';						//site verion
$years = '2005';						// the copy right years
$sitename = 'MySite';					//Site Name



$colour = array(
// key => "file:name",
0 => "red_night:Red Night",
1 => "blue_night:Blue Night",
2 => "emerald_night:Emerald Night",

);
include("functions.php");
if($action==login)
{
if($_COOKIE[username]=="" AND $_COOKIE[password]=="")
{
$md5_password = md5($_POST[password]);
$sql = mysql_query("SELECT * FROM users WHERE username = '$_POST[username]' AND password = '$md5_password'") OR DIE("Sorry there is a mysql error.");
$row = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($_POST[password]=="")
{
print("No password Entered.");
login_form();
exit;
}
elseif($_POST[username]=="")
{
print("No username Entered.");
login_form();
exit;
}
elseif($numrows == "0")
{
print("Username and Password doesnt match!");
login_form();
exit;
}

else
{
setcookie("username","$_POST[username]",time()+30000000);
setcookie("password","$md5_password",time()+30000000);
echo "<meta http-equiv=refresh content=\"5;url=/loggedin.php\">";
print("your now being logged in!");

}
}
else
{
print("Your are already loggedin!");

}
}
if($action=="")
{
login_form();

}

?>

bradgrafelman

I meant attach the actual file; that will help me more.

Mere

Ive tried and wont upload :bemused:

Mere

oops ok done

bradgrafelman

Ok, appreantly I need to explain how to use strings to ya.

If you compare a variable to just text, without surrounding it in quotes, you're telling PHP to look for a constant with that name. FILE, NULL, etc. are all constants. To compare/use strings, use quotes! For example, all of this:

if($action==login)
{
if($_COOKIE[username]=="" AND $_COOKIE[password]=="")
{
$md5_password = md5($_POST[password]);

contains 4 errors. Should be:

if($action=='login')
{
if($_COOKIE['username']=="" AND $_COOKIE['password']=="")
{
$md5_password = md5($_POST['password']);

Down to your setcookie()'s. Generally you shouldn't reference arrays inside a string ("$_POST[username]"), not to mention the missing quotes around username. Change:

setcookie("username","$_POST[username]",time()+30000000);
setcookie("password","$md5_password",time()+30000000);

to:

setcookie("username",$_POST['username'],time()+30000000);
setcookie("password",$md5_password,time()+30000000);

Also, go through your script and correct all of the constant vs. strings errors I've explained. There are quite a few it looks like. Another thing I just noticed deals with the same thing I just fixed (referencing arrays inside strings); change:

$sql = mysql_query("SELECT * FROM users WHERE username = '$_POST[username]' AND password = '$md5_password'") OR DIE("Sorry there is a mysql error.");

to:

$sql = mysql_query("SELECT * FROM users WHERE username = '" . $_POST['username'] . "' AND password = '$md5_password'") OR DIE("Sorry there is a mysql error.");

You can escape out of strings and concatenate (or "glue") pieces together to insert variables, etc., as in the above fix.

Make all of these changes, and let me know how it's working.

Mere

na didnt work, same error still :mad:

bradgrafelman

Alrighty.. repost a copy of your new code.

Mere

[<?php
//* PaperIRC Instant Network
//* Version: 1.0-Alpha
//* Creator: Synaptic <gmail.com>
//* Support Website: /index.php  

//* Check the forums for support as this is the only location support will be offered. 
//* CopyRight 2004 -  / FlowStream



//Database/Mysql//
	$dusername = "11111";					//username to connect to database
	$dpwd = "1111111";	 					//password to accecss mySQL
	$dhost = "localhost";					//your db host usually localhost
	$dbname = "ssssssss";					//db name to be accessed


$conn = mysql_connect("$dhost","$dusername","$dpwd") or die ("Unable to connect to database.");
$db=mysql_select_db($dbname,$conn) or die("Unable to connect to database!");

//Global Vars
$sitepath = "/home/maybe/public_html/";			//sitepath without trailing backslash
$siteurl = "http://mgnchat.com";					//siteurl without trailing backslash
$sitetitle = 'MySite';				//site title
$version = '1.0Alpha';						//site verion
$years = '2005';						// the copy right years
$sitename = 'MySite';					//Site Name



$colour = array(
// key => "file:name",
0 => "red_night:Red Night",
1 => "blue_night:Blue Night",
2 => "emerald_night:Emerald Night",

);
include("functions.php");
if($action=='login') 
{ 
if($_COOKIE['username']=="" AND $_COOKIE['password']=="") 
{ 
$md5_password = md5($_POST['password']);

$sql = mysql_query("SELECT * FROM users WHERE username = '" . $_POST['username'] . "' AND password = '$md5_password'") OR DIE("Sorry there is a mysql error.");
$row = mysql_fetch_array($sql);
$numrows = mysql_num_rows($sql);
if($_POST[password]=="")
{
print("No password Entered.");
login_form();
exit;
}
elseif($_POST[username]=="")
{
print("No username Entered.");
login_form();
exit;
}
elseif($numrows == "0")
{
print("Username and Password doesnt match!");
login_form();
exit;
}

else
{
setcookie("username",$_POST['username'],time()+30000000); 
setcookie("password",$md5_password,time()+30000000);
echo "<meta http-equiv=refresh content=\"5;url=/chatroom.php?room=TheLounge\">";
print("your now being logged in!");

}
}
else
{
print("Your are already loggedin!");

}
}
if($action=="")
{
login_form();

}

?>/PHP]

bradgrafelman

There's still 2 arrays that you don't have quotes in the key name (between the brackets)..

It might be the where you're checking in the IF statements, but I'm not sure... can you give me a link to this script on your site (and any login info I need to use for a test) ?

Mere

http://www.mgnchat.com/signup.php

bradgrafelman

What is error reporting set to?

Try adding this:

ini_set('error_reporting', E_ALL);

to the top of your script. See if you get any new errors.

If this doesn't work, I'm about ready to say forget it, and show you how to use output buffering to snag whatever is outputing before your cookies.

Mere

got these when added

Notice: Undefined variable: action in /home/maybe/public_html/login.php on line 40

Notice: Undefined variable: action in /home/maybe/public_html/login.php on line 83

bradgrafelman

Try changing:

if($action=='login')

to:

if(@$action=='login')

otherwise, when I get a free second, I'll convert your script to use output buffering.

EDIT: Woops, forgot about the 2nd line, change:

if($action=="")

to:

if(@$action=="")

Also, change that ini_set() at the top to:

ini_set('error_reporting', ~E_ALL);

AFTER you make the changes and try it.

Mere

I hate to say it, but no dont work either :queasy: