[thelist] Session cache limite and header information

Santilal Parbhu santilal at scorpioneng.co.nz
Mon Apr 10 04:47:23 CDT 2006


Hi Guys,

Php is certainly not easy.  I am working through a set of scripts to
password protect certain pages of my website.  I am making progress but it
seems that every corner has yet another snag.

I am now getting the following errors:

Warning: Cannot send session cache limiter - headers already sent (output
started at mysqlconnect.php:2) in c:/program files/abria
merlin/apache/htdocs/gameon/pages/alexbasketball/example.9-9.php on line 62

Warning: Cannot add header information - headers already sent by (output
started at mysqlconnect.php:2) in c:/program files/abria
merlin/apache/htdocs/gameon/pages/alexbasketball/example.9-9.php on line 105

The script is below, and Line 62 is the one starting - session_start(), and
Line 105 is the one starting - header("Location: example.9-8.php");

I thought you only got these errors if you try to send header information
after the HTML head statement has run.  This script does not have any HTML
in it.  Obviously there is yet another thing I don't follow.  Can anyone
help??

Thanks.

Full script:

<?
/*
Source code example
*/
?>
<?php
include ('mysqlconnect.php');
include ('clean.php');
include ('error.php');
//include 'db.inc';
//include ('mysqlconnect.php');include 'error.inc';

function authenticateUser($connection,
                          $username,
                          $password)
{
  // Test that the username and password
  // are both set and return false if not
  if (!isset($username) || !isset($password))
    return false;

  // Get the two character salt from the username
  $salt = substr($username, 0, 2);

  // Encrypt the password
  $crypted_password = crypt($password, $salt);

  // Formulate the SQL query find the user
  $query = "SELECT password FROM users
               WHERE user_name = '$username'
               AND password = '$crypted_password'";


  // Execute the query
  $result = @ mysql_query ($query,
                           $connection)
  or showerror();

  // exactly one row? then we have found the user
  if (mysql_num_rows($result) != 1)
    return false;
  else
    return true;

}


// Main ----------

session_start();

  $authenticated = false;

  // Clean the data collected from the user
  $appUsername =
    clean($HTTP_POST_VARS["formUsername"], 10);
  $appPassword =
    clean($HTTP_POST_VARS["formPassword"], 15);

  // Connect to the MySQL server
  $connection = @ mysql_connect($hostName,
                                $dbUserName,
                                $dbPassword)
  or die("Cannot connect");

  if (!mysql_selectdb($databaseName, $connection))
     showerror();

  $authenticated = authenticateUser($connection,
                                    $appUsername,
                                    $appPassword);

  if ($authenticated == true)
  {
    // Register the customer id
    session_register("authenticatedUser");
    $authenticatedUser = $appUsername;

    // Register the remote IP address
    session_register("loginIpAddress");
    $loginIpAddress = $REMOTE_ADDR;
  }
  else
  {
    // The authentication failed
    session_register("loginMessage");
    $loginMessage =
      "Could not connect to the winestore " .
      "database as \"$appUsername\"";
  }

  // Relocate back to the login page
 header("Location: example.9-8.php");

?>

Santilal Parbhu
Scorpion Engineering Limited
PO Box 171
Alexandra

Phone 03 448 5421
Fax 03 448 5421
Mobile 021 265 5991
Web www.scorpioneng.co.nz





More information about the thelist mailing list