session_start():

youbi

Hello everybody !
Like you see i'm new in this forum and in php too...
I got a little probleme :
Messages :
1."session_start(): Cannot send session cookie - headers already sent by (output started at ...

2." session_start(): Cannot send session cache limiter - headers already sent (output started at ...

My page :

<?php
include_once 'includes/connexion.php';
include_once 'includes/functions.php';
include_once 'admin/includes/ad_functions.php';
connexion_db('bouchind_db');
$host = "localhost";

$user = "root";
$bdd = "bouchind_db";
$passwd = "";?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr><td width="160" height="300" rowspan="2" align="center" valign="top" background="images/home.gif" bgcolor="#f5f5f5">
<?php $verification = page_to_display("verification"); ?>
<form name="form" method="post" action="index.php?id_page=<?php echo $verification['id_page']; ?>">
<table width="160" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="25" colspan="2" align="center" bgcolor="#FFFFFF" class="txt_fin_contenu "><img src="images/login_top.gif" width="123" height="25" /></td>
</tr>
<tr>
<td height="10" colspan="2" align="center" class="txt_fin_contenu "> </td>
</tr>
<tr>
<td align="right"><span class="txt_fin_contenu ">Login</span></td>
<td align="center"><input name="login" type="text" class="fields" id="login" size="15" maxlength="15"/></td>
</tr>
<tr>
<td height="25" align="right" class="txt_fin_contenu ">Password</td>
<td height="25" align="center" class="txt_fin_contenu "><input name="pwd" type="text" class="fields" id="pwd" size="15" maxlength="15" /></td>
</tr>
<tr>
<td height="3" colspan="2" align="center"></td>
</tr>
<tr>
<td height="30" align="center"></td>
<td height="30" align="center"><input name="Submit" type="submit" class="bt_valider" value="Submit" /></td>
</tr>
</table>
<img src="images/login_linespace.gif" width="160" height="2" />
</form>
</td>
<td width="100%" align="right" valign="top">
<table width="95%" height="25" border="0" align="center" cellpadding="0" cellspacing="0">
<tr> <td height="25"> </td></tr></table>
</td><td width="74" height="300" rowspan="2" valign="top"><img src="images/logo_right_bg.gif" width="74" height="272" /></td>
</tr> <tr>
<td align="right" valign="bottom"><table width="95%" height="275" border="0" align="center" cellpadding="3" cellspacing="0" class="txt_fin_contenu">
<tr>
<td align="left" bgcolor="#f5f5f5">
<?php session_start();
if(isset($POST['acces']))
{
if(eregi("[^'$()+<>?#\"{}\]",$POST['login']) OR eregi("[^'$()+<>?#\"{}\]",$POST['password']))
{
echo 'Pas de caractères spéciaux';
exit;
}
else
{
mysql_connect($host, $user,$passwd) or die("erreur de connexion au serveur");
mysql_select_db($bdd) or die("erreur de connexion a la base de donnees");// il faut changer les paramètres de connexion à la base mysql
$requete=mysql_query("SELECT COUNT(*) FROM members WHERE login='".$POST['login']."' AND password='".$POST['password']."'");
$r=mysql_fetch_row($requete);
if($r[0]==1)
{
$SESSION['login']=$_POST['login'];
header('location:index_mbr.php');
exit;
}
}
}
else
{
echo 'Vous n\etes pas inscrit.';
}
?>
</td>
</tr>

</table></td> </tr> </table>🙂

Thanks you for the help

Piranha

You have to send [man]session_start[/man] before anything is outputted to the browser, you can't even send a space first. In other words you have to set it where you have all your includes and everything else.

To make it easier to look at your code use [ php] and [ /php] without the spaces for your code. Please edit your post to do that.

HalfaBee

And to add to Piranha, you can't use header() after outputing anything.

youbi

i'm not lazy im still learning, it's not a shame

HalfaBee

Nobody was giving you a hard time, just explaining what was wrong.

We are all here to help. 🙂

youbi

I put all the code before every thing but i got the same error msgs

<?php

// fichier contenant les connections
include_once 'includes/connexion.php';
include_once 'includes/functions.php';
include_once 'admin/includes/ad_functions.php'; 
connexion_db('bouchind_db');
$host = "localhost";  
$user = "root";
$bdd = "bouchind_db";
$passwd  = "";

?>
<?php session_start();

if(isset($POST['acces']))
{
if(eregi("[^'$()+<>?#\"{}\]",$POST['login']) OR eregi("[^'$()+<>?#\"{}\]",$POST['password']))
{
echo 'Pas de caractères spéciaux';
exit;
}
else
{
mysql_connect($host, $user,$passwd) or die("erreur de connexion au serveur");
mysql_select_db($bdd) or die("erreur de connexion a la base de donnees");// il faut changer les paramètres de connexion à la base mysql
$requete=mysql_query("SELECT COUNT(*) FROM members WHERE login='".$POST['login']."' AND password='".$POST['password']."'");
$r=mysql_fetch_row($requete);
if($r[0]==1)
{
$SESSION['login']=$_POST['login'];
header('location:index_mbr.php');
exit;
}
}
}
else
{
echo 'Vous n\etes pas inscrit.';
}
?>

Piranha

Of course it is not a shame to be new and have questions and don't know exactly where to find the answers.

HalfaBee

Put the session_start() at the first <?php

any character sent will stop headers.

youbi

Perhaps i should but this code in my 'header.php' ?No?
This is called in an index.php with header and footer, u see?

HalfaBee

Yes,
any output will stop headers.

I think a bit more of php coding is needed.

Have a look at www.php.net/ob_start to resolve some of your problems.

youbi

i have to go deeper with php
Thanks for your help !

HalfaBee

<sigh> I can remember how lost I was when I first started a website and started using php & perl.
Luckily a life of machine code and C helped me sort it out.

Tezread

if there is one thing I have learned since my programming career started - being incremental is the key. What this means is take your pieces of code in stages. You have a headers already sent message which implies a character (even a whitespace) has been outputted. if you have hundreds of lines of code spotting the culprit is a nightmare so start you project again but this time do a few lines of code at a time- debug by echoing something then upload and test.

Just my 2 cents

By the way I sometimes forgot to do this myself when I am having a bad day and feeling impatient

pragan

Hey,

I wonder if you got your error fixed..but still posting my solution.I had this problem recently and I found that it should be all the way in the top(this is what many had suggested here)..if you have two PHP tags then the session start part should be the first one.Also keep in mind about the white space as mentioned.

I fixed my problem after reading some websites in the following way:

First I had my session start after html body tag and then I move it above my body tag but it did not work so I moved it all the way to the top even above
as below,
Example :

<?php
session_start();
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<?php
$SESSION['phone'] = $POST['somevalue'];
echo "views = ". $SESSION['somevalue'];
if (array_key_exists('check_submit', $POST))
{
...
..
}
?>
<some html code can appear here>
</body>
</html>

Thanks
Pragan

bradgrafelman

When posting PHP code, please use the board's
bbcode tags - they make the code much, much easier to read (as well as aiding the diagnosis of syntax errors). You should edit your post now and add these bbcode tags to help others in reading/analyzing your code.

HalfaBee wrote:
Have a look at www.php.net/ob_start to resolve some of your problems.

Just to correct you, HalfaBee, this doesn't resolve the problem, this provides a workaround to ignore the problem. A resolution would be to send headers before you output any data. The workaround of using ob_start() means the server has to cache the page in memory, using more resources than is necessary.

youbi - if you'll notice, you're still outputting data before the session_start() call:
```
?>
<?php session_start(); 
```
Here, you end the previous <?php tag, output a line break, and then start a new block of PHP code. The line break is what caused the server to send headers before you had a chance to modify them. Solution? Since they're both blocks of PHP code with nothing in between, there's no reason to close and re-open the <?php tags.
Your script is vulnerable to SQL injection attacks - you should never put user-supplied data directly into a SQL query without first sanitizig it with a function such as [man]mysql_real_escape_string/man. Search the boards or Google for more information about a SQL injection vulnerability.