[RESOLVED] Whitespace Question when setting Cookies

everythingis

I have a feeling that I'm getting an error because my cookies need to be set immediately at the top of the page, but I'm not sure how to fix this because I'm using an include file to set my cookies. The error comes when clicking the "remember me" checkbox:

Warning: Cannot modify header information - headers already sent by- (lines 59-61 on my login_script.inc.php page).

So, here is the header for my login.php page:

<?php session_start(); ?>
<?php include('includes/scripts/login_script.inc.php');?>
<?php include('includes/scripts/pagetitle.inc.php');?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> 

<head>
<title>so.did.we <?php if (isset($pagetitle)) echo "&#124; {$pagetitle}"; ?> - where strangers become friends</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="Description" content="Welcome to so.did.we - where strangers become friends" />
<meta name="Keywords" content="welcome, landing page, sodidwe, so.did.we, social networking, friends, connections, profile, community, events, event calendar, calendar, matching, matches, interactive, daily organizer, schedule, organize, interests, groups, dating, business, sports, politics, work, jobs" />
<link rel="stylesheet" href="css/style.css" type="text/css" />
<link rel="stylesheet" href="css/calendarstyle.css" type="text/css" />
<link rel="shortcut icon" href="images/sodidwe4.ico" />
</head>

And, here is my included login_script.inc.php
Getting errors on the 4 lines where my cookies are:

<?php

//***********THIS FILE MUST GO ABOVE HEADER*****************

//If username is not blank, then check database 
if (isset($_POST['username'])) {


include_once "includes/scripts/connect_to_mysql.php";


$username = $_POST['username'];
$password = $_POST['password'];
$rememberme = $_POST['rememberme']; // Added for the remember me feature



$username = mysql_real_escape_string($username);
$rememberme = mysql_real_escape_string($rememberme);


// Add MD5 Hash to the password variable
$password = md5($password); 





//looks in database where there is a username & password and the account has been activated
$sql = mysql_query("SELECT * FROM member_profile WHERE username='$username' AND password='$password' AND email_activated='1'"); 
$login_check = mysql_num_rows($sql);



//if the database check is good, it creates Sessions
	if($login_check > 0){ 

	while($row = mysql_fetch_array($sql)){ 

  	  $user_id = $row["user_id"];   
 	  $_SESSION['user_id'] = $user_id;

 	  $firstname = $row["firstname"];   
  	  $_SESSION['firstname'] = $firstname;

 	  $lastname = $row["lastname"];   
  	  $_SESSION['lastname'] = $lastname;

  	  $username = $row["username"];   
  	  $_SESSION['username'] = $username;

  	  mysql_query("UPDATE member_profile SET last_log_date=now() WHERE user_id='$user_id'"); 
	} // close while



// Remember Me Section Addition... if member has chosen to be remembered in the system
	if($rememberme == "yes"){
		setcookie("idCookie", $user_id, time()+2592000, "/", ".sodidwe.com"); // 30 days; 24 hours; 60 mins; 60secs
		setcookie("firstnameCookie", $firstname, time()+2592000, "/", ".sodidwe.com"); // 60 days; 24 hours; 60 mins; 60secs
		setcookie("userCookie", $username, time()+2592000, "/", ".sodidwe.com"); // 60 days; 24 hours; 60 mins; 60secs
		setcookie("passCookie", $password, time()+2592000, "/", ".sodidwe.com"); // 60 days; 24 hours; 60 mins; 60secs
	}


   $msgToUser = "<h2>Welcome Back, $firstname!</h2>
   				<p class=\"content\">You are Logged In, check out your matching events to see if anyone else has entered new events that are the same as yours!" ;

   include_once 'user_message.php'; 

   exit ();

}  else {
 			//VALIDATIONS
			if($login_check == 0){
				$errorLogin = "Your Login information is not correct.";
			}

		} //CLOSE ELSE
}// CLOSES IF FORM IS SUBMITTED
?>

Weedpacket

And it's not telling you which line of which file caused the headers to be sent ("output started on...")?

everythingis

Here's the header error:

Warning: Cannot modify header information - headers already sent by (output started at /hermes/bosweb/web146/b1467/ipw.everythingis/public_html/phpsessions/includes/scripts/connect_to_mysql.php:7)

Not sure exactly what this means, but I thought this only came out if the script was run after the html header, or there was whitespace, and my script is definitely above the header.

bradgrafelman

everythingis wrote:
Not sure exactly what this means

Not sure what... the error message means? It's rather clear:

"output started at... connect_to_mysql.php:7", or slightly more verbose: "output started on line #7 of connect_to_mysql.php".

everythingis wrote:
I thought this only came out if the script was run after the html header, or there was whitespace

It has nothing to do with an HTML header/<head> section (since PHP doesn't even know what one is) - it simply has to do with output. If you have any output (e.g. text outside of <?php .. ?> tags), then PHP sends the HTTP headers and outputs that data.

You also have output here:

<?php session_start(); ?>
<?php include('includes/scripts/login_script.inc.php');?>

Weedpacket

everythingis wrote:
...html header...

HTTP [man]header[/man].

everythingis

Ok, but I'm still unclear on what the resolution is to correct the error message.

The script runs perfectly except when the "remember me" checkbox is used to set cookies, so, I'm not understanding how looking at my connect_to_mysql.php file is giving me any hint as to correcting the login_script.inc.php file, because that's the file where the error lies.

So what I'm really looking for is help in identifying the reason why the remember me Cookies are causing the error, and what I might do to correct it.

bradgrafelman

everythingis wrote:
Ok, but I'm still unclear on what the resolution is to correct the error message.

Since the error is caused by output on line #7, the resolution is... remove the output from line #7.

everythingis wrote:
m not understanding how looking at my connect_to_mysql.php file is giving me any hint as to correcting the login_script.inc.php file, because that's the file where the error lies.

No, it's not. The error is caused by the output on line #7 of connect_to_mysql.php.

everythingis

Ok, my apologies, there was a whitespace problem in my connect_to_mysql file. There was a space after the PHP closing tag. I don't know why that didn't have an effect any other script on my entire site except the cookies, which is why I was so confused about your post.

However, now that it works, when I log out, then log back in, I'm getting a similar error that the headers have already been sent. So, I think there's an isssue on my logout file, which I'll work on & see if I can figure it out.

Weedpacket

That's why the error message reports the line on which it started to produce output (you can't send HTTP response headers when you've already started sending the response body).