Im trying to create a login page. I am using ob_start. I am still getting the following errors:
Warning: Cannot modify header information - headers already sent by (output started at xxxxxxx) in xxxxxxx on line 57
Warning: Cannot modify header information - headers already sent by (output started at xxxxxxx) in xxxxxxx on line 58
Warning: Cannot modify header information - headers already sent by (output started at xxxxxxx) in xxxxxxx on line 60
These are the lines where I am using the setcookie and header() function.
Please help me out. If there are errors in the code, please correct them and put the correct code in the comments. Please tell me if i have used ob_start and ob_end_flush in the right place.
There is no HTML before the setcookie and header.
I did not get these errors when I tested the form with xampp.
Is there any other way of setting a cookie with the same data?
I have to sent a cookie as all the other pages wont open if they cannot find the cookie.
Here is my code:
("user" is the table inside the database where the username and password is stored.)
<?php
// Connects to Database
mysql_connect("hostname", "username", "password") or die(mysql_error());
mysql_select_db("database") or die(mysql_error());
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: member1.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('<br><center>That user does not exist in our database. <a href=register.php>Click Here to Register</a></center>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
?>
<?php
ob_start(); ?>
<?php
// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
//then redirect them to the members area
header("Location: member1.php");
?>
<?php
}
}
}
else
{
// if they are not logged in
?>
<html>
<head>
<title>Login</title>
<STYLE type="text/css">
table {
background: #486FC9;
margin: 20px 20px 20px 20px;
padding: 8px 8px 8px 8px;
}
tr {
color: white;
background: #486FC9;
margin: 50px 50px 50px 50px;
padding: 12px 12px 12px 12px;
}
</STYLE>
</head>
<body bgcolor="#6B6B78" background="login2.jpg">
<center>
<br>
<br>
<br>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0" align="center">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="center">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
</center>
</body>
</html>
<?php
}
?>
<?php
ob_end_flush
?>