Warning: Cannot modify header information - headers already sent by....

@GlenRogers

Warning: Cannot modify header information - headers already sent by....

It means whitespace issue.

From this:

header( 'Location: admin.php' ) ;

To this:

header("Location: admin.php");

Overall it should look like this:

while($info = mysql_fetch_array( $data )){  
if($auser == $info['username'] && $apass == $info['password']){
header("Location: admin.php");
}
else{
echo "<span class='span1'>";
echo "Wrong password and(or) username. Check and try again";
echo "</span>";
}
}

As soon as you send any HTML or echo anything to the DOM you can no longer do a header re-direct or you will get this error.

       header( 'Location: admin.php' ) ;  

Cannot go where you placed it.

On a security side not, I would never use $_REQUEST, use the appropriate $_POST, $_GET, $_COOKIE, $_SESSION instead

Thanks for the reply, but I'm still getting it!...................

@GlenRogers

Thanks for the reply, but I'm still getting it!..

You are getting the same error? That is wierd

Something in the connect.php is writing to the DOM. What's I'm that file?

Yesterday i came accross with same like problem as u mention in the question i solve it in the following manner. from your code m doing so, so that you can understand. hope this will help you.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Admin login</title>
<link href="../css/submit.css" rel="stylesheet" type="text/css" />
<link href="../css/template.css" rel="stylesheet" type="text/css" />
<body>

<?php
include 'connect.php';
if (isset($_POST['submit'])){
if (!empty($_REQUEST['user'])){
$auser = $_REQUEST['user'];
}
else{
$auser = NULL;
echo 'Enter username';
echo "<br />";
}
if (!empty($_REQUEST['pass'])){
$apass = $_REQUEST['pass'];
}
else{
$pass = NULL;
echo 'Enter password';
}
if ($auser && $apass){
if (isset($_POST['submit'])){
$data = mysql_query("SELECT * FROM reptile_admin");
while($info = mysql_fetch_array( $data )){
if($auser == $info['username'] && $apass == $info['password']){
header("Location: admin.php") ;
}
else{
echo "<span class='span1'>";
echo 'Wrong password and(or) username. Check and try again';
echo"</span>";
}
}
}
}
}
?>


<img alt="full screen background image" src="../images/background.jpg" id="full-screen-background-image" />
<a href='../php/index.php'><span class="adminlinks">Home</span></a>
<form class="form" action="login.php" method="post" enctype="multipart/form-data" name="login_form" id="login_form" style="margin-bottom:0px;">
<h1 style="margin-bottom: 0px">Admin Login</h1>
<p><input type=text name="user" /> <b>User Name</b></p>
<p><input type=text name="pass" /> <b>Password</b></p>
<input type="submit" name="submit" value="Login" />
<input name="login_form" type="hidden" id="login_form" value="login_form" />
</form>
</body>
</html>

Try setting ob_start(); at the top or after your include.

Do your php stuff before any html output and save any php output (if there is any) to variables to be echoed out further down the page in the html.

Sorry freind you have to terminate your script on any of the error occuring because if an error occure that say the username is empty according to your script you echo error msg and that doesn't stop you code from continuing execution try this

include 'connect.php';
if (isset($_POST['submit'])){
    if (!empty($_REQUEST['user'])){
        $auser = $_REQUEST['user'];
    }
    else{
        $auser = NULL;
        echo 'Enter username';
        echo "<br />";

        //terminate
        exit();
    }
    if (!empty($_REQUEST['pass'])){
        $apass = $_REQUEST['pass'];
    }
    else{
        $pass = NULL;
        echo 'Enter password';

        //terminate
        exit();
    }
....

OR you can better write the code by storing all the errors in an array then check it length if is 0 or is not set then run you query see

<?php
include 'connect.php';
if (isset($_POST['submit']))
{

    //error holder
    $errors = array();

    if (!empty($_REQUEST['user'])){
        $auser = $_REQUEST['user'];
    }
    else{

        $errors[] = "Enter username <br />";

    }

    if (!empty($_REQUEST['pass'])){
        $apass = $_REQUEST['pass'];
    }
    else{

        $errors[] = "Enter password <br />";
    }


    if( count($errors) == 0 )
    {
        if(!$data = mysql_query("SELECT * FROM reptile_admin WHERE username='$auser' AND password='$apass'")) die("error ".mysql_error() );

        if(mysql_num_rows( $data ) == 1)
        {       
            header( 'Location: admin.php' ) ;
        }

    }
    else
    {

        echo "<span class='span1'>";

        foreach( $error as $error)
        {
            echo $error;
        }

        echo"</span>";
    }
}
?>

hop it helps

I had a similar problem in my project ( which I still working on it ), first thing try to put:

header("Location: admin.php") ;

in the first line same for:

session_start();

if you working with sessions, second thing dont save your files with UTF-8 encoding because it will cause many problems, trust me I've solved this problem lately.

Please use above ob_start() function

Thanks everyone for the helpful replies.

I did try ob_start() but still got the error.

I used some javascript and seem to have it working now.

I used this line of js in place of the header

echo "<script>location.href='admin.php'</script>";

Is there going to be any problems with this?

Thanks.................

js redirect is not the way to go. I can't see how you can't get this to work. As long as you don't output anything to the screen (or have any html) prior to calling the header(), you'll be fine. hakeem gave an example for the error handling - no need to echo everything out immediately.