Whats wrong with this?

phphelpme · #1 (**permalink**) 07-22-10, 01:10 AM

hey every one im making a login page and i keep getting this message

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\newsite\index.php:41) in C:\xampp\htdocs\newsite\index.php on line 74

here is the script :

PHP Code:


			
<?php session_start();?>




<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>(sitename)</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<body><img src="formtop.gif">
<!--TopPan-->
<div id="topPan">
    <ul>
        <li class="home">Login</li>
        <li class="menupadding"><a href="#">Register</a></li>
        <li class="menupadding"><a href="#">contact</a></li>
    </ul>
    <h1>adfad</h1><p>
      <br>
      <br>
      <br>
     Email :
     <br>
     <br>
     <br>
     Password :
    </p>
    <form action="index.php" method="post">
        <h2>Login</h2>
        <table>
    <tr><td><input type="text" name="myusername" maxlength="30" />
    <tr><td><input name="mypassword" type="password" maxlength="30" />
    <tr><td>

        <input name="Submit" type="submit" class="button" value="" />
    </form></table>
<?php
ob_start();
$host="localhost"; // Host name
$username="CLASIFIED"; // Mysql username
$password="CLASIFIED"; // Mysql password
$db_name="checklogin"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>
    </table></div>
    <div id="toplinkPan">
    <div id="toplinkfastPan">
        <p>ddddddddddddd</p>
        <a href="">&nbsp;</a>
        
    </div>
    <div id="toplinksecondPan">
    <p>Phasellus felis</p>
        <a href="">&nbsp;</a>
    </div>
    
    <div id="toplinkthirdPan">
        <p>Phasellus felis</p>
        <a href="">&nbsp;</a>
    </div>
    </div>
</div>
<!--TopPan Close-->

</body>
</html>

IS THERE ANYTHING WRONG ? PLEASE HELP ME!

Nico · #2 (**permalink**) 07-22-10, 03:37 AM

First off, don't use session_register(). This function is deprecated. Use this instead:

PHP Code:


			
$_SESSION['key'] = 'value';

As for the error, you cannot send header() redirects after sending output to the browser. You have to send those headers before you output anything, that includes white spaces as well.

phphelpme · #3 (**permalink**) 07-22-10, 07:45 PM

Where do i put that?

job0107 · #4 (**permalink**) 07-23-10, 02:16 AM

Keep your PHP and HTML separated as much as possible and you will encounter fewer errors.
Also try to keep your code as organized as possible so you don't have unnecessary opening or closing tags that don't do anything.
And don't forget to close your <td>'s an <tr>'s when you are creating tables.

Your logic if fairly sound, I'll give you that.
But you must remember that PHP and HTML are different entities.
Keep practicing, you will learn.

Try it like this:

PHP Code:


			
<?php
session_start();
if(!empty($_POST["Submit"]))
{
 ob_start();
 $msg="";
 $host="localhost"; // Host name
 $username="CLASIFIED"; // Mysql username
 $password="CLASIFIED"; // Mysql password
 $db_name="checklogin"; // Database name
 $tbl_name="members"; // Table name

 // Connect to server and select databse.
 mysql_connect("$host", "$username", "$password")or die("cannot connect");
 mysql_select_db("$db_name")or die("cannot select DB");

 // Define $myusername and $mypassword and protect MySQL injection (more detail about MySQL injection)
 $myusername = mysql_real_escape_string(stripslashes($_POST['myusername']));
 $mypassword = mysql_real_escape_string(stripslashes($_POST['mypassword']));

 $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
 $result=mysql_query($sql);

 // If result matched $myusername and $mypassword, table row must be 1 row
 if(mysql_num_rows($result)){
  // Register $myusername, $mypassword and redirect to file "login_success.php"
  $_SESSION["myusername"] = $myusername;
  $_SESSION["mypassword"] = $mypassword;
  header("location:login_success.php");
 }
 else{
  $msg = "Wrong Username or Password<p>";
 }
 ob_end_flush();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>(sitename)</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<?php echo $msg; ?>
<img src="formtop.gif">
<!--TopPan-->
<div id="topPan">
 <ul>
  <li class="home">Login</li>
  <li class="menupadding"><a href="#">Register</a></li>
  <li class="menupadding"><a href="#">contact</a></li>
 </ul>
 <h1>adfad</h1>
 <form action="#" method="post">
  <h2>Login</h2>
  <table>
   <tr><td align="right">Email : </td><td><input type="text" name="myusername" maxlength="30" /></td></tr>
   <tr><td>Password : </td><td><input name="mypassword" type="password" maxlength="30" /></td></tr>
   <tr><td colspan="2" align="center"><input name="Submit" type="submit" class="button" value="Submit" /></td></tr>
  </table>
 </form>
 <div id="toplinkPan">
  <div id="toplinkfastPan">
   <p>ddddddddddddd</p>
   <a href="">&nbsp;</a>
  </div>
  <div id="toplinksecondPan">
   <p>Phasellus felis</p>
   <a href="">&nbsp;</a>
  </div>
  <div id="toplinkthirdPan">
   <p>Phasellus felis</p>
   <a href="">&nbsp;</a>
  </div>
 </div>
</div>
<!--TopPan Close-->
</body>
</html>

job0107 · #5 (**permalink**) 07-23-10, 02:42 AM

Why don't you post your login_success.php page and we will see what we can do?