Author Topic: Session w/ $_POST? (Read 6724 times)

Steve · « **on:** July 28, 2008, 02:26:16 PM »

I have a login page (index.php) with a form that submits to process_memberlogin.php which then sends to user to the members page if successful. That works, login works, no problemo. Now im attempting to create a session variable which each member page checks to be valid. Also no big deal.

Problem is im getting the error "Cannot send session header already sent blah blah". I checked for whitespace, output, etc and everything is where it should be. Only thing i can figure is posting the variable from index to process_memberlogin is the problem. Am i right? I tried posting index to itsself and passing username and password via session as well, but made no difference.

index has this at the top

Code: [Select]

<?php session_start(); ?>
And then has the form, and posts to the process file. Process file contains

Code: [Select]

<?php
session_start();
/*

This file process's the member logins

Developers Note:

Need to add redirection to members home when ready.
Add check for wrong password
*/

include('Connections/establish_dbconn.php');

$username = $_POST['username'];
$password = $_POST['password'];

mysql_select_db("$database_ASA") or die(mysql_error());

$sql = "SELECT username , password FROM test_members WHERE username='$username' AND password='$password'";
$r = mysql_query($sql);
if(!$r) {
$err=mysql_error();
print $err;
}

$num_rows = mysql_num_rows($r);

if($num_rows > 0){
//echo ("successfully logged into system.");
//proceed to perform website&#8217;s functionality &#8211; e.g. present information to the user
$_SESSION['MM_Username'] = $username;
header("Location: member_home.php");
}
else{
//echo ("no such login in the system. please try again.");
$_SESSION['MM_Username'] = "";
header("Location: index.php");
}
?>

Which on successful routes to the member home, which has (at the top):

Code: [Select]

<?php session_start();

if (!(isset($_SESSION['MM_Username']) && $_SESSION['MM_Username'] != '')) {
header ("Location: login.php");
}
?>

ober · « **Reply #1 on:** July 28, 2008, 03:24:09 PM »

You have a print statement before the call to header().

Steve · « **Reply #2 on:** July 28, 2008, 03:45:03 PM »

The only one i see is encased in the if condition, and since theres no fail shouldnt that be ignored?

Mike · « **Reply #3 on:** July 28, 2008, 03:55:22 PM »

What does fiddler say?

Steve · « **Reply #4 on:** July 28, 2008, 04:05:11 PM »

Never heard of it, downloading now

Mike · « **Reply #5 on:** July 28, 2008, 04:11:24 PM »

http://www.entropysink.com/forums/index.php?topic=6217.0

Steve · « **Reply #6 on:** July 28, 2008, 04:28:43 PM »

Statistics:

Quote

Request Count:    1
Bytes Sent:    731
Bytes Received: 1,158

ACTUAL PERFORMANCE
--------------
Requests started at:   16:24:02:6498
Responses completed at:   16:24:02:9408
Total Sequence time:   00:00:00.2910000

RESPONSE CODES
--------------
HTTP/200:    1

RESPONSE BYTES (by Content-Type)
--------------
~headers:   179
text/html:   979

ESTIMATED WORLDWIDE PERFORMANCE
--------------
The following are VERY rough estimates of download times when hitting servers based in WA, USA.

US West Coast (Modem - 6KB/sec)
---------------
Round trip cost: 0.10s
Elapsed Time:    0.10s

Japan / Northern Europe (Modem)
---------------
Round trip cost: 0.15s
Elapsed Time:    0.15s

China (Modem)
---------------
Round trip cost: 0.45s
Elapsed Time:    0.45s

US West Coast (DSL - 30KB/sec)
---------------
Round trip cost: 0.10s
Elapsed Time:    0.10s

Japan / Northern Europe (DSL)
---------------
Round trip cost: 0.15s
Elapsed Time:    0.15s

China (DSL)
---------------
Round trip cost: 0.45s
Elapsed Time:    0.45s

================
Learn more about HTTP performance at http://www.fiddler2.com/redir/?id=HTTPPERF

Session Inspector:

Doesnt let me copy it, but the "text" view shows correct username and password so its passing correctly not sure what else to look at

Mike · « **Reply #7 on:** July 28, 2008, 04:43:20 PM »

Well make sure to look both sides of the house. Make sure that you are sending the information correctly and that the server is responding in a manner you think it should. For example do you see a Location: line in the response header?

Steve · « **Reply #8 on:** July 28, 2008, 05:02:09 PM »

dont see that anywhere. i tried to access the member_home php file directly to trip any errors and it says 404 not found even tho its on the server. fucking weird shit man

Steve · « **Reply #9 on:** July 30, 2008, 01:06:32 PM »

Is it possible that the Location call is doing it? I ask because the errors have changed. The first two reference the session_start the third is line 33 which is the first header() call shown below.

Quote

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/content/i/y/q/iyq2havfun/html/CM/process_memberlogin.php:1) in /home/content/i/y/q/iyq2havfun/html/CM/process_memberlogin.php on line 2

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/content/i/y/q/iyq2havfun/html/CM/process_memberlogin.php:1) in /home/content/i/y/q/iyq2havfun/html/CM/process_memberlogin.php on line 2

Warning: Cannot modify header information - headers already sent by (output started at /home/content/i/y/q/iyq2havfun/html/CM/process_memberlogin.php:1) in /home/content/i/y/q/iyq2havfun/html/CM/process_memberlogin.php on line 33

Row 29-40

Code: [Select]

if($num_rows > 0){
//echo ("successfully logged into system.");
//proceed to perform website’s functionality – e.g. present information to the user
$_SESSION['MM_Username'] = $username;
header("Location: member_home.php");
}
else{
//echo ("no such login in the system. please try again.");
$_SESSION['MM_Username'] = "";
header("Location: index.php");
}
?>

ober · « **Reply #10 on:** July 30, 2008, 01:25:38 PM »

Are you sure you're not including this file in another one??

Steve · « **Reply #11 on:** July 30, 2008, 02:06:39 PM »

positive. The only files included globally is the db_conn file. For everything else i use indivdual files. For example this one is process_memberlogin and for clubs i have process_clublogin, and so on.

ober · « **Reply #12 on:** July 30, 2008, 02:54:35 PM »

This may be your problem:

Quote

Note: HTTP/1.1 requires an absolute URI as argument to » Location: including the scheme, hostname and absolute path, but some clients accept relative URIs. You can usually use $_SERVER['HTTP_HOST'], $_SERVER['PHP_SELF'] and dirname() to make an absolute URI from a relative one yourself

You're using a relative path.

Steve · « **Reply #13 on:** July 30, 2008, 02:59:30 PM »

Wait....do what? I ran a test1 and test2 php file where i declared a session and variable, gave it a value, sent it to test2 the same way and echod it out and it worked. But for w/e reason it doesnt work in actual use.

If im reading that right your saying i am using a relative path (w/e that is) and i need to use an absolute.....wtf does that mean?

Mike · « **Reply #14 on:** July 30, 2008, 03:10:25 PM »

Absolute: http://www.entropysink.com/index.php
Relative: /index.php

EntropySink

News:

Author Topic: Session w/ $_POST? (Read 6724 times)

Steve

Session w/ $_POST?

ober

Re: Session w/ $_POST?

Steve

Re: Session w/ $_POST?

Mike

Re: Session w/ $_POST?

Steve

Re: Session w/ $_POST?

Mike

Re: Session w/ $_POST?

Steve

Re: Session w/ $_POST?

Mike

Re: Session w/ $_POST?

Steve

Re: Session w/ $_POST?

Steve

Re: Session w/ $_POST?

ober

Re: Session w/ $_POST?

Steve

Re: Session w/ $_POST?

ober

Re: Session w/ $_POST?

Steve

Re: Session w/ $_POST?

Mike

Re: Session w/ $_POST?