session - PHP $_SESSION Error - Headers already sent -
this question has answer here:
i trying learn php , keep running php errors. here link site http://projects.jeremyohmann.com/homework. possible take @ code see did wrong? think error somewhere in head.php in login.php. user keeps getting logged out right after page refresh assuming has php session.
the exact errors getting are:
warning: session_start() [function.session-start]: cannot send session cookie - headers sent (output started @ /home/jeremyohmann/www/projects/homework/head.php:2) in /home/jeremyohmann/www/projects/homework/classes/login.php on line 30 warning: session_start() [function.session-start]: cannot send session cache limiter - headers sent (output started @ /home/jeremyohmann/www/projects/homework/head.php:2) in /home/jeremyohmann/www/projects/homework/classes/login.php on line 30 head.php
<html> <?php require_once ('config/config.php'); require_once ('config/db.php'); require_once ('classes/login.php'); $login = new login(); ?> <head> <title>homework managment project</title> <link rel="stylesheet" type="text/css" href="reset.css"> <link rel="stylesheet" type="text/css" href="style.css"> </head> <div id="wrapper"> <div id="header"><h1>homework management project</h1></div> <div id="nav"> <ul id="nav"> <li><a href="index.php">home</a></li> <li><a href="register.php">register</a></li> <li><a href="about.php">about</a></li> <li><a href="classes.php">classes</a></li> <?php //ask user logged in. if($login->isuserloggedin()==true){ //show if user logged in. include('views/show-username.php');} else{ //show if user isn't logged in. include('views/nav-login-form.php');} ?> </ul> </div> <div id="content"> login.php
<?php /** * class login * handles user login/logout/session * * @author panique <panique@web.de> * @version 1.2 */ class login { private $db_connection = null; // database connection private $user_name = ""; // user's name private $user_email = ""; // user's email private $user_password_hash = ""; // user's hashed , salted password private $user_is_logged_in = false; // status of login public $errors = array(); // collection of error messages public $messages = array(); // collection of success / neutral messages /** * function "__construct()" automatically starts whenever object of class created, * know, when "$login = new login();" */ public function __construct() { // create/read session session_start(); // check possible login actions: // 1. logout (happen when user clicks logout button) // 2. login via session data (happens each time user opens page on php project after has sucessfully logged in via login form) // 3. login via post data, means logging in via login form. after user has submit login/password successfully, // logged-in-status written session data on server. typical behaviour of common login scripts. // if user tried log out if (isset($_get["logout"])) { $this->dologout(); } // if user has active session on server elseif (!empty($_session['user_name']) && ($_session['user_logged_in'] == 1)) { $this->loginwithsessiondata(); // if user submitted login form } elseif (isset($_post["login"])) { $this->loginwithpostdata(); } } private function loginwithsessiondata() { // set logged in status true, because checked this: // !empty($_session['user_name']) && ($_session['user_logged_in'] == 1) // when called method (in constructor) $this->user_is_logged_in = true; } private function loginwithpostdata() { // if post data (from login form) contain non-empty user_name , non-empty user_password if (!empty($_post['user_name']) && !empty($_post['user_password'])) { // create database connection, using constants config/db.php (which loaded in index.php) $this->db_connection = new mysqli(db_host, db_user, db_pass, db_name); // if no connection errors (= working database connection) if (!$this->db_connection->connect_errno) { // escape post stuff $this->user_name = $this->db_connection->real_escape_string($_post['user_name']); // database query, getting info of selected user $checklogin = $this->db_connection->query("select user_id,user_name, user_email, user_password_hash, first_name, last_name users user_name = '".$this->user_name."';"); // if user exists if ($checklogin->num_rows == 1) { // result row (as object) $result_row = $checklogin->fetch_object(); // using php's crypt function // (afaik) best way check passwords in login processes php/sql if (crypt($_post['user_password'], $result_row->user_password_hash) == $result_row->user_password_hash) { // write user data php session [a file on server] $_session['user_id'] = $result_row->user_id; $_session['user_name'] = $result_row->user_name; $_session['user_email'] = $result_row->user_email; $_session['first_name'] = $result_row->first_name; $_session['last_name'] = $result_row->last_name; $_session['user_logged_in'] = 1; // set login status true $this->user_is_logged_in = true; } else { $this->errors[] = "wrong password. try again."; } } else { $this->errors[] = "this user not exist."; } } else { $this->errors[] = "database connection problem."; } } elseif (empty($_post['user_name'])) { $this->errors[] = "username field empty."; } elseif (empty($_post['user_password'])) { $this->errors[] = "password field empty."; } } /** * perform logout */ public function dologout() { $_session = array(); session_destroy(); $this->user_is_logged_in = false; $this->messages[] = "you have been logged out."; } /** * return current state of user's login * @return boolean user's login status */ public function isuserloggedin() { return $this->user_is_logged_in; } } index.php
<?php include('head.php') ?> <p>this test site homework grade checker... please check see if more progress has been made.</p> <?php include('foot.php') ?>
you can't start session after you've sent output browser.. put <html> tag above <head> tag.
<?php require_once ('config/config.php'); require_once ('config/db.php'); require_once ('classes/login.php'); $login = new login(); ?> <html> <head>
Comments
Post a Comment