0

Hello all,
I am having problems with this code. Whenever I attempt to test the login system with a valid username and password, it says this: You have successfully logged in!

Warning: Cannot modify header information - headers already sent by (output started at /Applications/XAMPP/xamppfiles/htdocs/ucairwebsite/facultykadrmas/kadrmaspages/login_1/login_LDDB.php:1) in /Applications/XAMPP/xamppfiles/htdocs/ucairwebsite/facultykadrmas/kadrmaspages/login_1/login_LDDB.php on line 213
The "You have successfully logged in is what I have echoed, but the rest I am not sure of the rest. I hope you guys can help. What is weird is it works just fine when it is the only code on the page when I attempt to apply it to an html template it has these problems. I change the file extension to php, but there is still this problem. I would appreciate any help. Thanks!
`

       <?php
//above is the start coding for any php page
//allow sessions to be passed so we can see if the user is logged in

//connect to the database so we can check, edit, or insert data to our users table
//$con sets the variable of connection and the three quotation marks are filled with the server, username, and password (localhost, root, and ucair in this case). If it does not connect, it will kill the connection with "die"
$con = mysql_connect('localhost', 'root', '') or die(mysql_error());
//This selects the specific database to access the tables and allow for data to be stored
$db = mysql_select_db('loginTut', $con) or die(mysql_error());

//include out functions file giving us access to the protect() function made earlier
//link to a bit of code to stop hackers
include "./functions.php";
 //the end tag for php
?>
      <?php

        //If the user has submitted the form
        if($_POST['submit']){
            //protect the posted value then store them to variables
            $username = protect($_POST['username']);
            $password = protect($_POST['password']);
            $password = md5($password);

            //Check if the username or password boxes were not filled in
            if(!$username || !$password){
                //if not display an error message
                //echo ""; is the most common method to display messages
                //else sets up alternate protocol
                echo "<center>You need to fill in a <b>Username</b> and a <b>Password</b></center>";
            }else{

                //select all rows from the table where the username matches the one entered by the user. * means all (asterisk means all)
                $res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."'");
                $num = mysql_num_rows($res);

                //check if there was not a match
                if($num == 0){
                    //if not display an error message
                    echo "<center>The <b>Username</b> you supplied does not exist</center>";
                }else{
                    //if there was a match continue checking

                    //select all rows where the username and password match the ones submitted by the user
                    $res = mysql_query("SELECT * FROM `users` WHERE `username` = '".$username."' AND `password` = '".$password."'");
                    $num = mysql_num_rows($res);

                    //check if there was not a match
                    if($num == 0){
                        //if not display error message
                        echo "<center>The <b>Password</b> you supplied does not match the one for that <b>username</b></center>";
                    }else{
                        //if there was continue checking

                        //split all fields fom the correct row into an associative array
                        $row = mysql_fetch_assoc($res);

                        //check to see if the user has not activated their account yet
                        if($row['active'] != 1){
                            //if not display error message
                            echo "<center>You have not yet <b>Activated</b> your account</center>";
                        }else{
                            //if they have log them in

                            //set the login session storing there id - we use this to see if they are logged in or not
                            $_SESSION['uid'] = $row['id'];
                            //show message
                            echo "<center>You have successfully logged in!</center>";

                            //update the online field to 50 seconds into the future
                            $time = date('U')+50;
                            mysql_query("UPDATE `users` SET `online` = '".$time."' WHERE `id` = '".$_SESSION['uid']."'");

                            //redirect them to the usersonline page. Here they can access the members areas and connect to the main features of the site
                            header('Location: usersonline.php');
                        }
                    }
                }
            }
        }

        ?>

`

3
Contributors
3
Replies
6
Views
5 Years
Discussion Span
Last Post by puneet bassi
0

To redirect a user to a new page, the server needs to send response headers.

Likewise, when you output content to the page, the server needs to send response headers.

Response headers can only be sent once.

On line 68, you're displaying the message "You have successfully logged in!" - thus, the response headers have been sent.

On line 75, you're trying to redirect the user... but wait, the response headers have already been sent. Ergo, the source of your error message.

To resolve, remove line 68 or 75.

0

I tried to remove the the echo line and no success. Same error message as before. I built around that problem from before and solved it. I removed the header to usersonline.php and it works great now! I appreciate the help though. Thanks!!

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.