Headers All ready SENT!!!

Hi!

I got a problem with “Headers all ready sent”…

I am using a small script phpAuth for login into the members area. I tested it on my localhost, everything works fine. But when I upload to my webserver everything crashed and i get “Headers all ready sent”.

localhost: IIS6, php5.1.2
webserver: Apache/1.3.34 (Unix) PHP/4.4.2

I searched the net for possible solutions and found some. I checked for extra lines,spaces before ob_start() - none. I checked for the output_buffering to be turned On. It is On.

But still i get the error message. I dont know WHY? I am going crazy about it, i don’t know what to do… Please someone Help??

maybe this will help,

Try to find in your php code the header what is causing it. (just look for source text “header” in your php code and delete it)

this causes the error in most cases.

if using php code, the first line should start with php(session start; etc) most cases, if you have other content before the php session start etc this can also cause the problem.

maybe you can post the code, more information etc, if this does not help.

Thomas

Here is more info abotu my problem.

Got 3 files:

1. Login Page:

[php]<?
ob_start();
include “phpAuth_functions.php”;
phpAuth_chk();
//Checking is the user did no loggged in already
?>

<SELECT class=legalese id="Select Country" onchange=location.href=this.options[selectedIndex].value size=1 name=select-country> 
....
</SELECT>

</form>
</div>

<!--HERE GOES THE INFORMATION, ALL THE ARTICLES AND NEWS-->
<div class="ContentContainer">

</div>

<div style="height: 1px; overflow: hidden; clear: both"></div>

	include "phpAuth_config.php";
	$filename = $database_name;
	
if (!file_exists($filename)) {
		
		echo "No database exists. Please check your config file.";
		
} else {
	
	$handler = fopen($filename,'r');
	$members = file_get_contents($filename);
	// get username and password
	$users_array = explode ("n",$members);
	
	foreach ($users_array as $users) {
		if ($users != "" || $users != NULL) {
	
			// break username and password string into seperate variables.
			list($username,$password) = explode("t",$users);
				
			if ($_POST["phpAuth_usr"] == trim($username) && md5($_POST["phpAuth_pwd"]) == trim($password)) {	

				$logged_in = 1;
				break;
				
			} else {
					
				$logged_in = 0;
					
			}
				
		} else {
		
			break;
		
		}
		
	} // end foreach
	
	if ($logged_in != 1) { // IF USER IS NOT LOGGED IN
		
		echo "Error! Incorrect Details. <a href="".$_SERVER['HTTP_REFERER']."">Go Back</a>";
	
	} else { // ELSE LOGGED IN			
				
		session_start();
		$_SESSION["phpAuth_username"] = $_POST["phpAuth_usr"];
		$_SESSION["phpAuth_password"]  = $_POST["phpAuth_pwd"];
		
			if ($_POST["phpAuth_rm"] == 1) {
				setcookie("phpAuth_username",$_POST["phpAuth_usr"],time()+3600);
			}
		
		header('Location: '.$login_redirect.'');
	}	

} // END IF FILE EXISTS

the error message “Headers all ready sent” there should be more information in the message like “Headers all ready sent on line 15” etc. Php should say where the error is. And checking the line, you can recover the line in your php code and fix it.

also the error can be if before the php, the one line in the header is empty, like

2.<?php session start?>
3.
4.

On your LOGIN Page. You check check if the user is already logged in. If they are you redirect them (via the isset and header in the phpAuth_functions.php file). If they are not logged in you then present them with the rest of the login page. Here is the problem. In the rest of the login page, you include phpAuth_inc.php. which apparently has the login menu. However, you send the ob_start AGAIN and html has already been sent.

Additionally you are sending Doctype and html and head tags AGAIN. If this is a standalone page then it probably would not be a problem, however, since it’s an included page, I think this is a good place to start.

reciever - The error message doesn’t give a lot of info, since on my webserver php.ini the error_display is turned Off, I use the following code to check the headers:
[php]
function g_redirect($url,$mode,$session)
/* It redirects to a page specified by “$url”.

• $mode can be:
• LOCATION: Redirect via Header “Location”.
• REFRESH: Redirect via Header “Refresh”.
• META: Redirect via HTML META tag
• JS: Redirect via JavaScript command
  */
  {
  if (strncmp(‘http:’,$url,5) && strncmp(‘https:’,$url,6)) {

 $starturl = ($_SERVER["HTTPS"] == 'on' ? 'https' : 'http') . '://'.
             (empty($_SERVER['HTTP_HOST'])? $_SERVER['SERVER_NAME'] :
             $_SERVER['HTTP_HOST']);

 if ($url[0] != '/') $starturl .= dirname($_SERVER['PHP_SELF']).'/';

 $url = "$starturl$url";

}

switch($mode) {

 case 'LOCATION': 

   if (headers_sent()) exit("Headers already sent. Can not redirect to $url");

   echo header("Location: $url");
   exit;

 case 'REFRESH': 

   if (headers_sent()) exit("Headers already sent. Can not redirect to $url");

   header("Refresh: 0; URL="$url""); 
   exit;

}

}
[/php]
For the extra lines and spaces I checked and rechecked the script… i don’t know many hundred times, with differente application notepad,notepad++, rapidphp, html_pad, frontpage, etc. I didn’t find any…

I check ur 2 advice. I deleted the Doctype html and head tags. Left just the body. No changes.

I got a question… In my php.ini I got the output_buffering On, just for the local value. But the Master Value is “no value”. Could this be the problem? Is the local value overrided by the Master Value?

Your LOGIN PAGE contains the problem. It’s NOT the checking to see if anyone is logged in at the beginning. It’s the Menu Generation later on in tje included page of phpAuth_inc.php. This include page also has an ob_start function.

Unfortunately if you removed the ob_start() (and the checking for logged in) at the beginning of the login page, I think you made the problem worse.

I don’t use the output buffering, I try to make sure I have sent all my headers stuff first, but I suspect by removing the ob_start on the login page and then leaving the ob_start on the included page, you have created a different issue.

My logic would be that (as it was before you changed it)

1. output buffering enabled/started
2. Function checks for login and redirects if user is logged in to login area.
3. otherwise login page shown.
4. Login page “includes” login menu from phpAuth_inc.php
5. phpAuth_inc.php contains ANOTHER ob_start. This ob_start FLUSHES the first ob_start releasing the html already in the buffer. Now no more header info can be sent.
6. ob_start in phpAuth_inc.php would seem to indicate that more header information needs be sent. – ERROR!

Now that you have changed it, you get part of the login page (sent as HTML) and then you “Include” phpAuth_inc.php which has an ob_start which would seem to indicate that more header information needs be sent. – ERROR!

I would put your login check BACK in the login page.
Remove the ob_start in phpAuth_inc.php

As a final note, I would actually recommend that you put ALL your session stuff (cookies, login checks, etc), in an included sessions file at the beginning of your page and not nested in to some other page. Then based on some variables set in the session (which are accessible to the other pages) you could then make logic decisions.

Finally i managed to solve the problem.
At the end the problem was that my webserver did not turn on the “mbstring” support. I discovered this while editing and uploading the original “phpAuth_inc.php” which was encoded in ANSI, and I reencoded it in UTF-8. Everything worked fine when I was using the original file (ANSI), but if I was using the UTF-8 encoded file, everything would stop working.

I guess the problem was that the UTF-8 enconding adds some extra bytes at the beginnning of the plain-text file. And these extra byteS cause the ob_start () function to fail.

Thank you All!!!

HAPPY CHRISTMAS & HAPPY NEW YEAR!!!