I have two php pages one a register page and the other a sign in page. The server is running php 5 as well.

Link to these two pages
http://www.steveoatman.me/gallery/sign_in.php
http://www.steveoatman.me/gallery/reg_form.php

When I sign in or register I receive an error

Warning: Cannot modify header information - headers already sent by (output started at /home/soatman/public_html/gallery/sign_in.php:2) in /home/soatman/public_html/gallery/sign_in.php on line 77

My problem is with the head() tag and the session_start() tag. From my research I need to have the session_start() at the very first line in the script. Okay I understand this and moved it to the very first line.

I moved the session_start() tag to the top of the page. It works fine in Firefox but IE6 it is just showing a blank screen after you submit the form. Strange if I refresh the page at this point it redirects to the correct page and you are logged in.

I believe this is a browser problem but can not find a way around this or a fix for this problem. This is a simple register and sign in script, so I am very confused. This same script did work about four months ago when I was in college.

This is a copy of just the sign in page at this time I can include the register page script as well if needed.

<?php session_start(); ?>
<?php ob_start(); //starts the output buffering ?>

<?php
//error reporting!
//Shows all possible problem!
ini_set ('display_errors', 1);
error_reporting (E_ALL & ~E_NOTICE);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Thomas A Oatman Sign In To Upload Images</title>
<link href="css/thomas.css" rel="stylesheet" type="text/css" />
</head>

<body class="oneColFixCtrHdr">
<div id="container">
<div id="header"> <a href="index.html"><img src="images/header.jpg" alt="Header Image" width="800" height="225" border="0" /></a>
<div id="nav">
<table id="" width="700" border="0" align="center" cellpadding="0" cellspacing="10" >
<tr align="center">
<td><a href="index.html" target="self">Home</a></td>
<td><a href="gallery2.html" target="self"> Image Gallery</a></td>
<td><a href="slideshow.php" target="self">Image Slide Show</a></td>
<td><a href="eulogy.php" target="self">Eulogy</a></td>
<td><a href="sign_in.php" target="_self">Upload Images</a></td>
</tr>
</table>
<!-- end #nav --></div>
<!-- end #header --></div>
<div id="mainContent">
<div id="signIn">
<h2>Our Sign In Form</h2>
<p><a href="reg_form.php">not registered</a>
<p>This is a secured area for user to register/sign in and upload images to this gallery and slide-show for Thomas A Oatman.</p>
<p>Once logged in you will be able to select an image on your computer and upload that image.<br />
That image will then be automatically added to the gallery and slide-show!<br />
Please use your Email and PassWord you choose when you registered!</p>

<?php //sign in page
// Check if the form has been submitted:

if (isset ($_POST['submit'])) { // Handle the form.

$loggedin = FALSE; // Not currently logged in.

// Open the file.
$fp = fopen ('users/users.txt', 'rb');

// Loop through the file.
while ( $line = fgetcsv ($fp, 100, "\t")) {

// Check the file data against the submitted data.
if ( ($line[0] == $POST['email']) AND ($line[1] == crypt ($POST['passWord'], $line[1]) ) ) {

$loggedin = TRUE; // Correct username/password combination.

// Stop looping through the file.
break;

} // End of IF.

} // End of WHILE.

fclose ($fp); // Close the file.

// Print a message.
if ($loggedin) {

	$_SESSION['email'] = $_POST['email'];
	$_SESSION['signin'] = TRUE; 
		ob_end_clean();
		header('Location: user.php');
		exit();

} else {
print '<p class="error" >The email and password you entered do not match those on file. Please try again, if you are still having problems, send an email to steve@steveoatman.me</p>';
?>
<form action="sign_in.php" method="post">
<table width="400" border="0" align="center" cellpadding="5">
<tr>
<td align="right">Email:</td>
<td align="left"><input type="text" name="email" size="40" /></td>
</tr>
<tr>
<td align="right">Password:</td>
<td align="left"><input type="password" name="passWord" size="20" /></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input type="submit" name="submit" value="Sign In" /></td>
</tr>
</table>
</form>
<?php
} // Display the form again if not validated

} else { // Display the form.

// Leave PHP and display the form.
?>

<form action="sign_in.php" method="post">
<table width="400" border="0" align="center" cellpadding="5">
<tr>
<td align="right">Email:</td>
<td align="left"><input type="text" name="email" size="40" /></td>
</tr>
<tr>
<td align="right">Password:</td>
<td align="left"><input type="password" name="passWord" size="20" /></td>
</tr>
<tr>
<td>&nbsp;</td>
<td align="left"><input type="submit" name="submit" value="Sign In" /></td>
</tr>
</table>
</form>

<?php
}// End of SUBMIT IF.
?>

<!-- end of #signIn--></div>
<!-- end #mainContent --></div>

<div id="footer">
<p>Copyright © 2009 [SteveOatman.me]. All rights reserved.<br />
WEB DESIGNING DONE BY www.SteveOatman.me
</p>
<!-- end #footer --></div>
<!-- end #container --></div>
</body>
</html>

    Something is being sent to the browser first which is causing the headers to be sent. Check your code to make sure that there isn't even a single space before your PHP code.

      scrupul0us

      Are you recommending to remove ob_end_clean(); or just move it to another line?

      Ashley Sheridan

      I have checked to make sure there is not space at all. The script is listed above.

      Thanks

        Something is definitely being sent to the browser. What happens if you call this

        echo (headers_sent())?'sent':'not sent';

        just before you call the session_start();

          ob_end_clean flushes the cache to the browser, immediately following you are trying to call headers... this is more than likely the cause

          i would recommend commenting it out temporarily or moving it after the header call to see if it resolves the issue

            Thank you both but no luck.

            This is a browser problem, with no changes to the script they work in Firefox and IE 7, but like always IE 6 is what I am using. As a web developer, I believe IE 6 is the hardest to code for so I try and code for IE 6, then I know most of the code works with all the other browsers or most of them.

            I have tryed and commented out the ob_end_clean as well as moving it to a line right after the header() tag. Still no luck. I also tryed and added in the script echo (headers_sent())?'sent':'not sent'; no luck either.

            With some of these change things have changed a little. If I have the session_start() in the first line any linked page to this page just shows a blank page when clicked and dose not go to the correct page. So the session_start() in the first line is not working at all.

            Could this be a PHP 5 and PHP 4 problem?

            I have looked for other scripts for login and register scripts but most of them use a database but this project dose not need one it is not large enough.

              as php is server side its browser independent, is it still the same error "Warning: Cannot modify header information - headers already sent by" ?

                Dagon,

                Yes, i understand that and I have the session_start() in the first line as needed. After the page is submited the header('Location:user.php') dose not open it stays on the same page but with a blank screen. if I refresh the page then i am directed to the user page.

                  comment out that header("Location line. That's in the middle of your script, AFTER output to the browser. That is what is causing the error. You can't use header() after ANY content has been sent to the browser.

                    Your output is started right here:

                    <?php session_start(); ?>
<?php ob_start(); //starts the output buffering ?>

                    between the two "?>..<?php" tags there is a line break, which is output to the browser (and thus causes HTTP headers to be sent). Other comments...

                    soatman wrote:

                    From my research I need to have the session_start() at the very first line in the script.

                    Absolutely false. Any HTTP header-modifying function (e.g. session_start, header, setcookie, etc.) must be placed before any output - this doesn't necessarily have to be the first line of code.

                    Also, don't depend on output buffering to fix this type of error. I don't consider using output buffering a solution for this error message, but rather a cheap workaround. Simply move the part of your code that modifies HTTP headers above any output; there's no need to make the server hold your output in memory just to make up for some sloppy code!

                      Hello,

                      Every thing is working fine in FF and IE 7 but not in IE6.

                      Moving the session_start() to the first line okay that fix some problems the errors but now there is this one but with no errors.

                      When you use a link to either the sign in page or the register page from say the index page it dose not go it stays on the index page with a blank screen.
                      When I refresh the page then it moves on to the appropriate page.

                      The same thing when you submit the sign in or register page form they do not move on to the header('Location:...') page they stay on the original page but with a blank screen as well. No error and they are set to show, when I refresh the page then it moves on to the appropriate page.

                      I have been researching and I find that this is a IE 6 bug but can not find what it is. I have found many more comments on the net about this but no real solution.

                      Thanks for everyones input.
                      Any more?

                        Your logic is all wrong. You are trying to use header("Location AFTER you've already sent output to the browser. That's not allowed, and will break things, as you've seen.

                          As been previously stated, you can't send headers, ANY header, after you've sent any other output. So, either you send your location header before any output has been sent, and this header reaches ALL browsers, or you try sending it too late and it does not reach any browser.

                          So, if it does indeed redirect some browsers, but not all, the header is indeed being sent (unless you also do redirects in some other fashion, such as meta tag or javascript). Your original code would not send the location header since you tried doing it after any other output, but I don't know what your current script looks like.

                          Since I've never tried doing something like you do, I do not know for sure what the spec says, but sending a location header without sending a status header for which the location header would make sense seems like dubious practice to me. Perhaps IE6 doesn't care about a location header when it get's a 200 response (neither would I), while other browsers might be more forgiving.

                            Okay,

                            I would to say thank you to everyone that responded to my script but, sorry to say the only thing that I did change was moving the session_start to the top/ first line that solved one major problem with the sessions. This still did not solve another problem of the pages not opening with out using the refresh button. Once I filled out the registration form and submit it was not redirecting to the next page, it was showing a blank page then once you refresh the page it would come up. Looked all over the net as well as the responses here.

                            I solved the problem which sound a little strange because I did not find this anywhere on the internet. I just removed different parts of the code and see if that worked, after days of working. The meta data tag was causing the problem.

                            <?php ob_start(); //starts the output buffering ?>
                            <?php session_start();?>
                            <html>
                            <head>
                            <title>Thomas A Oatman A Remembrance of Him and His Life</title>
                            <link href="css/thomas.css" rel="stylesheet" type="text/css" />
                            </head>

                            <?php
                            ini_set ('display_errors', 1);//Shows all possible problem!
                            error_reporting (E_ALL & ~E_NOTICE);//error reporting!
                            ?>

                            <body class="oneColFixCtrHdr">

                            The above script is part of the script that is working fine now . I had to drop some of the header tags from the page like the whole <html xmlns .....> I change to just <html>
                            I remove the whole<!DOCTYPE....> and removed the meta tage. Now after testing it was just the meta tag that was stopping this from working correctly.

                            <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
                            <html xmlns="http://www.w3.org/1999/xhtml">
                            <head>
                            <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
                            <title>Thomas A Oatman A Remembrance of Him and His Life</title>
                            <link href="css/thomas.css" rel="stylesheet" type="text/css" />
                            </head>

                            Can I get other input about this if any has had this problem, dose PHP 5 have problems with some of the tags listed above?

                            Thanks again!

                              soatman wrote:

                              The meta data tag was causing the problem.

                              Erm... well, you must've inadvertently changed something else, because that's impossible. The PHP interpreter doesn't read or care about any of the HTML code in your script above - it just outputs it straight to the browser without processing any of it. The only thing that the PHP interpreter actually parses and executes is code between the <?php ... ?> tags.

                              I still suggest fixing your code so that it doesn't rely on ob_start() at all - there's no need for it. Just move any function that modifies HTTP headers (such as session_start(), setcookie(), header(), etc.) before any output (e.g. HTML) and you'll be fine.

                                bradgrafelman,

                                Thanks for your help and I will check into working with out the 0b_start() tag.

                                OutPut Buffering collects all the data together before it is sent to the browser helping to work around the proper sequence of scripting.

                                From what I understand making sure the script is organized correctly and you do not need this, it is used by beginners (me).

                                They were used in my classes and my books for those classes. I will work on dropping this out.

                                Thank you again.

                                  Write a Reply...