[RESOLVED] My doozy user auth script isn't working on one page

schwim

Hi there guys,

I am using a user authorization script to protect the administration section of a script, and it works great on all pages but one.

If I want to edit a submission, I go to the edit page, the user auth script works fine. When I click submit though, I get the following error at the top of the page:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/roughing/public_html/automonial/admin/submit.php:1) in /home/roughing/public_html/automonial/admin/submit.php on line 51

This is the code that I'm using in the script for user authorization:

Line 51~~> session_start(); <~~ Line 51
if(!session_is_registered(myusername)){
header("location:login.php");
}

Does passing values in a form mess up sessions? How do I fix this?

thanks,
json

schwim

ok, after reading this thread(thanks weedpacket!), I see what causes the problem, but Mr. Packet seems to be of the opinion that option 1 is really the only valid option.

hehe, my problem is I don't know how to properly plan the output when the information is spanning two pages 🙂

I know that it's important that I lock down the submit page, because I think it could be used to do foul deeds by bad people, so I don't want to get rid of the user check, but I'm not sure how to include it in the headers created by the form submission of the previous page.

thanks,
json

schwim

Thank you all for the deluge of suggestions, but I ended up resolving this(or maybe just a band-aid) by writing the whole script into one page. The header issue doesn't seem to happen when the post data is being sent back to itself.

thanks,
json