Hey I have a slight problem here, I got my php login script, But it doesn't do what I want it, anyways when I enter details into the login box, if it is invalid I want it to refresh the page and say invalid login, but all it does, is open another user and password entry to the bottom of the page, where if I then enter the correct login it carries me to a page. When using the first login box it doesn't carry me to any page, it just refreshes the page with an empty form. I also cant seem to start any sessions because of these two errors :
But I would really like to enable these sessions so I can detect if the user is logged in or not to be able to add things to the cart and or purchase anything from the site.

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\chapter7\Login.php:11) in C:\xampp\htdocs\chapter7\Login.php on line 67

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\chapter7\Login.php:11) in C:\xampp\htdocs\chapter7\Login.php on line 67

<form name="login" method="post" "<?php echo $PHP_SELF;?>">
<table border="0" width="225" align="center">
    <tr>
        <td width="219" bgcolor="#999999">
            <p align="center"><font color="white"><span style="font-size:12pt;"><b>Login</b></span></font></p>
        </td>
    </tr>
    <tr>
        <td width="219">
            <table border="0" width="220" align="center">
                <tr>
                    <td width="71"><span style="font-size:10pt;">Username:</span></td>
                    <td width="139"><input type="text" name="username"></td>
                </tr>
                <tr>
                    <td width="71"><span style="font-size:10pt;">Password:</span></td>
                    <td width="139"><input type="password" name="password"></td>
                </tr>
                <tr>
                    <td width="71">&nbsp;</td>
                        <td width="139">
                            <p align="right"><input type="submit" name="submit" value="Login"></p>
                        </td>
                </tr>
            </table>
        </td>
    </tr>
    <tr>
        <td width="219" bgcolor="#999999"><font color="white">Not Registered? </font><a href="register.php" target="_self"><font color="white">Register</font></a><font color="white"> </font><b><i><font color="white">Now!</font></i></b></td>
    </tr>
</table>
</form>
</body>
</html>
<?php

// Load PEAR DB
require 'DB.php';
// Load the form helper functions

$db = DB::connect('mysql://root@localhost/login');
if (DB::isError($db)) { die ("Can't connect: " . $db->getMessage()); }

// print a message and quit on future database errors

$db->setErrorHandling(PEAR_ERROR_DIE);

// Login & Session example by sde
// auth.php
 
// start session
session_start();
 
// convert username and password from _POST or _SESSION
if($_POST){
  $_SESSION['username']=$_POST["username"];
  $_SESSION['password']=$_POST["password"];  
}
 
// query for a user/pass match
$result=mysql_query("select * from users 
  where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");
 
// retrieve number of rows resulted
$num=mysql_num_rows($result); 
 echo "index.html";
// print login form and exit if failed.
if($num < 1){
  echo "You are not authenticated.  Please login.<br><br>
 
  <form method=POST action=index.html target=new>
  username: <input type=text name=\"username\"><br />
  password: <input type=password name=\"password\">
  <input type=submit>
  </form>";
 
  exit;
}
?>

Make sure all PHP code which deals with sessions, cookies or such is above any output, for example; you have HTML above the PHP code, which will cause the headers to be sent, after which you cannot do session_start();.

Always initiate sessions as the first line of the file (after the PHP tags obviously)

As an additional note, it is not recommended to use plain text passwords, these should be hashed at a minimum before putting them in cookies or sessions, however, you should ideally not include password hashes in any sessions or cookies.

i was even having somewhat similar error....
itz bcoz of server changes...
u need to add "@" before session_start()
for eg:
@session_start();


cannot find cookies and headers problem will go.

session_start(); must be on top of page. i.e. there should not any echo ot HTML code above session_start(); function.
And php code should be also at top and then html form, tables. Its not necessary but its a good practice.
You forget to add action=" in form.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.