Login System

musbah · April 21, 2011, 1:31pm

hey guys i have created a login system (most of it works) but i get : Cannot modify header information (lines are the setcookie after login and the header that redirects after login)
I’v searched on the net but everything was useless, any help would be appreciated, here’s the code:

[php]<?php
require_once (‘Data/mysql_connect.php’);

//Checks if there is a login cookie
if(isset($_COOKIE[‘ID_my_site’]))

//if there is, it logs you in and directes you to the members page
{
$username =mysql_real_escape_string ($_COOKIE[‘ID_my_site’]);
$pass = mysql_real_escape_string ($_COOKIE[‘Key_my_site’]);
$check = mysql_query(“SELECT * FROM users WHERE username = ‘$username’”)or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info[‘password’])
{
}
else
{
header(“Location: Members.php”);

}
}
}
if (isset($_POST[‘submit’])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST[‘username’] | !$_POST[‘pass’]) {
echo “<font color=“red”>You did not fill in a required field.
\n”;
exit;
}

// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST[‘email’] = addslashes($_POST[‘email’]);
}
$check = mysql_query(“SELECT * FROM users WHERE username = '”.mysql_real_escape_string($_POST[‘username’])."’")or die(mysql_error());

//Gives error if user dosen’t exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
echo “<font color=“red”>That user does not exist in our database. Click Here to Register
\n”;
exit;
}

while($info = mysql_fetch_array( $check ))
{
$_POST[‘pass’] = stripslashes($_POST[‘pass’]);
$info[‘password’] = stripslashes($info[‘password’]);
$_POST[‘pass’] = sha1($_POST[‘pass’]);

//gives error if the password is wrong
if ($_POST[‘pass’] != $info[‘password’]) {
echo “<font color=“red”>Incorrect password, please try again.
\n”;
exit;
}

else
{

// if login is ok then we add a cookie
$_POST[‘username’] = stripslashes($_POST[‘username’]);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST[‘username’], $hour);
setcookie(Key_my_site, $_POST[‘pass’], $hour);

//send me ip and last login info
$username = $_POST[‘username’];
$ip=$_SERVER[‘REMOTE_ADDR’];
$lastlog=date(“d-m-y h:i:s”); //date time
$query = “UPDATE users SET lastlogin =’$ip $lastlog’ WHERE username = ‘$username’”;
$result=mysql_query($query);

//then redirect them to the members area
header(“Location: Members.php”);
}
}
}
else
{
// if they are not logged in
}
?>[/php]

Would greatly appreciate help.

smokeys_13 · April 21, 2011, 3:50pm

Hi there,

setcookie() and header() can only be called before any output. This information is all sent and cannot be modified as soon as content is parsed. This would be erroring in your case here, because you are echoing text. You will need to find a workaround within your script to make sure nothing is outputted before these are called.

musbah · April 21, 2011, 4:28pm

The thing is the error keeps appearing even without any echo’s and this code is actually something I’m using on a different website and it works fine there so couldn’t it be occurring because of something else as well?

Appreciate your help haven’t been using php for long so this question might be stupid…