Login script help

woodplease

i have a log in script, but when the user enters their username and password and presses submit, it comes up with the following errors, and i dont understand what the problem is. any help would be great.

Errors:

Warning: Cannot modify header information - headers already sent by (output started at /berw/ugrad1/base/a/agd8/public_html/quizdom/login.php:8) in /berw/ugrad1/base/a/agd8/public_html/quizdom/login.php on line 74

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><link rel="stylesheet" type="text/css" href="sheet1.css" />
	<meta http-equiv="content-type" 
		content="text/html;charset=utf-8" />
	<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Add a new admin user</title>
</head>

<body>

<?php 
// Connects to your Database 
$db = pg_connect("host=database.dcs.aber.ac.uk
port=5432 dbname=****user=*****password=*****"); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_quizdom']))

//if there is, it logs you in and directes you to the members page
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site'];
$check = pg_query("SELECT * FROM users WHERE username = '$username'")or die(pg_error());
while($info = pg_fetch_array( $check )) 
{
if ($pass != $info['password']) 
{
}
else
{
header("Location: admincontrol.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = pg_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(pg_error());

//Gives error if user dosen't exist
$check2 = pg_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = pg_fetch_array( $check )) 
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else 
{ 

// if login is ok then we add a cookie 
$_POST['username'] = stripslashes($_POST['username']); 
$hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['pass'], $hour);	

//then redirect them to the members area 
header("Location: admincontrol.php"); 
} 
} 
} 
else 
{	

// if they are not logged in 
?> 
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
<table border="0"> 
<tr><td colspan=2><h1>Login</h1></td></tr> 
<tr><td>Username:</td><td> 
<input type="text" name="username" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input type="password" name="pass" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>

</body>

</html>

Thanks

halojoy

You can not display anything before setcookie()
Any echo or HTML will send an header.
If any header was sent before setcookie(), you get those errors.

You have this output before setcookie()

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><link rel="stylesheet" type="text/css" href="sheet1.css" />
	<meta http-equiv="content-type" 
		content="text/html;charset=utf-8" />
	<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Add a new admin user</title>
</head>

<body>

The solution is to put any HTML or echo output AFTER setcookie.
Like this.
I have moved HTML where your <form> is

<?php 
// Connects to your Database 
$db = pg_connect("host=database.dcs.aber.ac.uk
port=5432 dbname=agd8 user=agd8 password=csgroup5"); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_quizdom']))

//if there is, it logs you in and directes you to the members page
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site'];
$check = pg_query("SELECT * FROM users WHERE username = '$username'")or die(pg_error());
while($info = pg_fetch_array( $check )) 
{
if ($pass != $info['password']) 
{
}
else
{
header("Location: admincontrol.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = pg_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(pg_error());

//Gives error if user dosen't exist
$check2 = pg_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = pg_fetch_array( $check )) 
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else 
{ 

// if login is ok then we add a cookie 
$_POST['username'] = stripslashes($_POST['username']); 
$hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['pass'], $hour);	

//then redirect them to the members area 
header("Location: admincontrol.php"); 
} 
} 
} 
else 
{	

// if they are not logged in 
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><link rel="stylesheet" type="text/css" href="sheet1.css" />
	<meta http-equiv="content-type" 
		content="text/html;charset=utf-8" />
	<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Add a new admin user</title>
</head>

<body>


<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> 
<table border="0"> 
<tr><td colspan=2><h1>Login</h1></td></tr> 
<tr><td>Username:</td><td> 
<input type="text" name="username" maxlength="40"> 
</td></tr> 
<tr><td>Password:</td><td> 
<input type="password" name="pass" maxlength="50"> 
</td></tr> 
<tr><td colspan="2" align="right"> 
<input type="submit" name="submit" value="Login"> 
</td></tr> 
</table> 
</form> 
<?php 
} 

?>

</body>

</html>

djjjozsi

Its a usually problem, when something precedes yout header().
try to organize your code not to make output before you send header!

woodplease

thanks very much, problem sloved