Login page help

Hiya people.

I'm having trouble doing this login page. What do these errors mean?

Warning: Cannot send session cookie - headers already sent by (output started at c:\program files\apache group\apache\htdocs\validate.php:6) in c:\program files\apache group\apache\htdocs\validate.php on line 14

Warning: Cannot send session cache limiter - headers already sent (output started at c:\program files\apache group\apache\htdocs\validate.php:6) in c:\program files\apache group\apache\htdocs\validate.php on line 14

Thanx

This has been discused here alot...Try this link if it dosen't help ask here again and we will do our best
Check this post

your headers are being outputted early, so to stop this, you should use

ob_start();

at the very beggining of each page that is called in the browser.

Hiya,

I tried everything but it still won't work. I'm not even sure where the ob_start(); functions should be put in.
Can u please tell me what's wrong with the code??


Thanx

here is one of my login scripts. use it if you like




Kepp in mind sara_lauren that this all happens before any html gets output.

Hiya!

Thanx a lot Taelo for the login code but I got these error messages though.What exactly should config.inc.php and functions.inc.php have in them? And why do I always get these errors when the include command is used?


Warning: Failed opening '../config.inc.php' for inclusion (include_path='.;c:\php4\pear') in c:\program files\apache group\apache\htdocs\alogin.php on line 3

Warning: Failed opening 'functions.inc.php' for inclusion (include_path='.;c:\php4\pear') in c:\program files\apache group\apache\htdocs\alogin.php on line 4

PS Oh and just wanna make sure bout this but the php.ini file...where exactly is it supposed to be?Does it have to be where I put the MSVCRT.DLL file( in system32) or can it be placed anywhere?

ok,...you are getting the first 2 errors cause you don't have the files,

config.inc.php and
functions.inc.php

I have all my user selectable stuff, and my database connection code in config.inc.php.

so Just remove those 2 lines

As for the php.ini. Mine is in C:\WINNT\php.ini

Hope that helps

As i said before, you need to place that function at the START of each page.

Hiya!

Okay I stopped getting any errors...but I don't have anything showing on the screen...

is this code correct?


<?php



$connection = @mysql_connect("localhost", "root", "")
or die(mysql_error());

if ($connection) {

$msg = "SUCCESS!";

}



if($_POST['submit'])
{
$errors = '';

if(empty($_POST['username']) || empty($_POST['password']))
$errors = "Please Specify both a Username and a Password";

$check_user = mysql_query("SELECT a_id, uName, password FROM admin WHERE uName = '{$_POST['username']}' AND password = '{$_POST['password']}'");
if(mysql_num_rows($check_user) == 0)
$errors = "Incorrect Login Information";

if($errors != '')
{?>
<script language="javascript">
alert("<?php echo $errors; ?>");
</script>
<?}
else
{
$user = mysql_fetch_row($check_user);

$check_user_rights = mysql_query("SELECT * FROM admin_rights WHERE FK_a_id = '$user[0]'");
$user_rights = mysql_fetch_row($check_user_rights);

$_SESSION['a_id'] = $user[0];
$_SESSION['uName'] = $user[1];

$_SESSION['add_user'] = $user_rights[1];
$_SESSION['edit_user'] = $user_rights[2];
$_SESSION['delete_user'] = $user_rights[3];
$_SESSION['view_logs'] = $user_rights[4];

logit($_SESSION['uName'], $_CONF['datetime'], $_CONF['user_ip'], $_CONF['function'][1]);

header("Location: index.php");
}
}

?>

well a couple of things,...I offered that up as instructional/sample code

if you wanna use it, you are going to have to modify it to suit your needs.

like my 'logit' function won't work cause you don't have my functions file.

and unless you set your tables and fields up like mine, that won't work at all.

Sara, the reason your first script wouldn't work (validate.php) was because you sent HTML tags to the browser before you opened the script (<?php). After you do this, you can't send any more headers.

Just a quick warning to those who don't already know: whitespace counts as browser output.

So, if you have blank lines or spaces, tabs, etc before your PHP opening tag, you can't send headers - because you've already outputted text to the browser. ob_start() won't fix this.

Make sure you've no gaps between the start of your document and the <?php. The first character in your document should be the <, if you intend to send headers.

Hi all!
I started again with a login form but I don't know what's wrong with it!!

Not matter what values I enter it still won't go through...
PLEASE tell me what's wrong with my script.I'm getting really desperate in my project.

[show_login.html]

<HTML>
<HEAD>
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<H1>Login to secret area</H1>
<FORM METHOD="POST" ACTION="do_authuser.php">
<P><STRONG>Username:</STRONG><BR>
<INPUT TYPE="text" NAME="username" SIZE=25 MAXLENGTH=25></p>
<P><STRONG>Password:</STRONG><BR>
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></p>
<P><INPUT TYPE="SUBMIT" NAME="submit" VALUE="Login"></P>
</FORM>
</BODY>
</HTML>

[do_authuser.php]

<?php

if ( (!$_POST[username]) || (!$_POST[password]) )
{ header("Location: http://localhost/show_login.html");
exit;}

$db_name = "testDB";
$table_name = "auth_users";

$connection = @mysql_connect("localhost", "root", "") or die(mysql_error());

$db = @mysql_select_db($db_name, $connection) or die(mysql_error());

$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";

$result = @mysql_query($sql,$connection) or die(mysql_error());

$num = mysql_num_rows($result);

if ($num != 0) {
$msg = "<P>Congratulations, you're authorized!</p>";
} else {
header("Location: http://localhost/show_login.html");
exit;
}

?>

<HTML>
<HEAD>
<TITLE>Secret Area</TITLE>
</HEAD>
<BODY>
<?php echo "$msg"; ?>
</BODY>
</HTML>

Are you getting errors? If so, which I believe you are, post them. I believe you are getting errors because this is wrong ->

Now, if your script still isn't working, remove the error supression ( @ ) from your mysql function calls and see what the error is and post the errors here so we can give you a quick fix...

Hi all!
I did what u told me to do and I got this error:

Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in c:\program files\apache group\apache\htdocs\do_authuser.php on line 13


Line 13 is this:
$sql = "SELECT * FROM $table_name WHERE username = '$_POST['username']' AND password = password('$_POST['password']')";

What's wrong with the code above?? Thanx

Hi sara_lauren,

Change your line 13 to:

$sql = "SELECT * FROM $table_name WHERE username = '$_POST[username]' AND password = password('$_POST[password]')";

In other words remove the quotes inside the brackets of the $_POST array.

Regards