Trouble with Headers conflicting with Sessions

[rogwilco]

Below is my first attempt at sessions. The code below is for a user login. Basically a check is made for the username and password and then a session is created at which the browser is redirected to my index page. However I keep getting 3 errors as below;

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at /home/fhlinux199/n/me.com/user/htdocs/authenticate.php:2) in /home/fhlinux199/n/me.com/user/htdocs/authenticate.php on line 27

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/fhlinux199/n/me.com/user/htdocs/authenticate.php:2) in /home/fhlinux199/n/me.com/user/htdocs/authenticate.php on line 27

Warning: Cannot modify header information - headers already sent by (output started at /home/fhlinux199/n/me.com/user/htdocs/authenticate.php:2) in /home/fhlinux199/n/me.com/user/htdocs/authenticate.php on line 31

Just in case this affects it, I have a header template and a footer template which can be seen being called, at the top and bottom of my code below. I have made sure that session_start() is before any output. Is this correct?


Code:
<?php

$username = $_POST['username'];
$password = $_POST['password'];
$self = $_SERVER['PHP_SELF'];
$referer = $_SERVER['HTTP_REFERER'];

# if either form field is empty return to the log-in page
if( ( !$username ) or ( !$password ) )
{ $msg = '<P>Please complete the fields</P>';
}

require_once('../mysql_connect.php'); //connect to the DB

#create the query
$sql = "select id, first_name from users where username=\"$username\" and password =\"$password\" ";

#execute the query
$result = mysql_query( $sql)
or die( "Could not execute query" );


$row = mysql_fetch_array ($result, MYSQL_NUM);
if ($row) {
//Start the session, register the values and redirect.
session_start();
$_session['first_name'] = $row[1];
$_session['id'] = $row[0];
header("Location:

http://"

. $_server['HTTP_HOST'].
dirname($_server['PHP_SELF']) . "/rogindex.php");
exit();
}else{
$msg .= '<P>The username and password are incorrect</P>';
}
mysql_close();

// Set the page title and include the HTML header.
$page_title = 'Me';
include ('./header.inc');
?>

<?php echo( $msg ); ?>
<p align="left">blah, blah, blah</a>.</p>
<p align="left">blah, blah, blah.</p>
</body>

</html>
<?php
include ('./footer.inc'); // Include the HTML footer.
?>
By the way header.inc and footer.inc have not had any alterations yet, re sessions. Would that cause the errors? Personnaly I don't think so. Also the page I am redirecting to (./rogindex.php) hasn't been altered either.

Thanks in advance.

Roger.

 

[kenrbnsn]

The session_start() statement has to be the FIRST PHP statement.

Ken

 

[rogwilco]

Ah so I just put,

session_start();
$_session['first_name'] = $row[1];
$_session['id'] = $row[0];

at the top under my other vars?

 

[sleipnir214]

Actually, the invocation of session_start() does not necessarily have to be the first line of your PHP script, but it does have to appear in the script before your script produces any output. The reason for this is discussed in section 1.4 of faq434-2999.

Looking at your code, I see no explicit output from your script, so session_start() should work where you have it. However, one common place for implicit output is blank lines which appear before your "<?php" tag. The text of the first error includes "output started at /home/fhlinux199/n/me.com/user/htdocs/authenticate.php:2", which tells us that you have output in line two of your script. I'd bet you have whitespace before your "<?php" tag.


Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[rogwilco]

Thanks Sleipnir, you were spot on. It was a line of whitespace which caused the error.