Sessions Help

prent327

I've heard from everybody that my sessions need to come before any html, but with the following file, everything works correctly as is. How would I move the various session code to the beginning of the file, while still keeping it functional?

<html>
<head>
<title> PSC Data </title>
</head>
<body>

<TABLE border="0" cellpadding="0" cellspacing="0" width="100%">
  <TR>
  <TR>
     <form action = "http://pscdata.com/General/GeneralInfo.php" method=POST>
  <TD><img src="http://pscdata.com/Images/collaoration.gif"></td>
  <TR>
  </TABLE>
  <TABLE border="0" cellpadding="0" cellspacing="0">
  <TD align='left'><img src="http://pscdata.com/Images/PSC-data-ber.gif"></td>
  <TD background="http://pscdata.com/Images/search-form.gif" width = 210 align = "center" valign = "middle"><input = "text" value = "" name = "Ticker" size = 4 maxlength = 12><input = "text" value = "" name = "Company" size = 12 maxlength = 35>&nbsp&nbsp <input type = "submit" value = "Ticker/Name" name = "SearchButton"></td>
  </form>
</TR>
</TABLE>

<?php
session_start();
if(isset($_SESSION['IDNumber']) && (!isset($_POST['Ticker']) || !$_POST['Company'])) {
    $IDNumber = $_SESSION['IDNumber'];
}
else {
    $IDNumber = "";
    $Ticker = $_POST['Ticker'];
    $Company = $_POST['Company'];
}

$db = mysql_connect('host', 'username', 'password') or die("Error - cound not connect to server");
$er = mysql_select_db('prent32_FinDat') or die("Error - cound not connect to database");


if (isset($_POST['Ticker']) || isset($_POST['Company']) && $IDNumber=="") {
     $result = mysql_query("SELECT * FROM General WHERE Ticker = '$Ticker' or Company = '$Company'") or die(mysql_error());
}
else if ($IDNumber!="") {
     $result = mysql_query("SELECT * FROM General WHERE IDNumber = '$IDNumber'") or die(mysql_error());
}

$num_rows = mysql_num_rows($result);

if ($num_rows <=0)

?> 

<table width="75%" border="1" cellspacing="2" cellpadding="4">
<caption> <b>General Information</b> </caption>

<?php
while($row = mysql_fetch_array($result)) {    

     echo "<tr><td><b>Sector - </b>". $row["Sector"]. "</td>";
     echo "<td><b>Country - </b>". $row["Country"]. "</td>";
     echo "<td><b>Index - </b>". $row["Index1"]. "</td></tr>";
     echo "<td><b>Industry - </b>". $row["Industry"]. "</td>";
     $IDNumber = $row['IDNumber'];

} 
     echo "</table>";

if(isset($_POST['Ticker']) || $_POST['Company']) {
    $_SESSION['IDNumber'] = $IDNumber;
    session_regenerate_id();
    session_write_close();
}
else {
    session_regenerate_id();
    session_write_close();
}

$Ticker ="";
$Company ="";
?>

<form action = "http://pscdata.com/General/modifyGeneral.php" method = POST>
<input type = "submit" value = "Edit" />
</form>

</body>
</html>

bbreslauer

All they mean is that you start the session before any of the html code. Therefore, putting

<?php
session_start();
?>

is what they're talking about (while at the same time getting rid of the session_start() later in the code).

prent327

I get the following error message when making html changes to the previous file, which seem as though they should have no bearing on the sessions, but here's the error message.

PHP Warning: session_regenerate_id(): Cannot send session cookie - headers already sent by (output started at D:\hshome\prent327\pscdata.com\General\GeneralInfo.php:87) in D:\hshome\prent327\pscdata.com\General\GeneralInfo.php on line 114

Any ideas?

dalecosp

This is exactly what he's telling you. When you have any output (like HTML code, for example), the server sends out HTTP headers to the browser as the "starting point", if you will, of the HTTP transaction.

Lo and behold, 43 lines later (or whatever), you call [man]session_start/man, or [man]setcookie/man, and you get an error that very plainly states "Headers already sent".

Cookies (both COOKIE cookies, and the cookie used for session management [which contains the PHPSESSID]), are sent by the HTTP server with the other header info at the begnning of the HTTP transaction.

And, therefore, you can't have some much as a single text character or even a whitespace up there prior to calling session_start(), or header(), or setcookie()....

prent327

Ok, I got the sessions working by deleting that line of code. Now I have a new problem that may or may not be related to the sessions. Within the query I have the following line of code.

echo "<tr><td colspan=3><b>Competitors - </b>". "<a href=\"{$_SERVER['PHP_SELF']}?company={$row["Competitor"]}\">{$row["Competitor"]}</a>". "<b>, </b>". $row["Competitor2"]. "</td></tr>";

This is an attempt to hyperlink to the same page, but with a new session around the entry 'Competitor'. The structure of the table is as follows. For 'company' x, there is a 'competitor' y, and that 'competitor' has its own entry in the 'company' column. So, I want the code to identify the 'competitor' and start a new session around that entry. Does this make sense, and how would I state this?