PHP Login page error

General PHP Help
#1

servicemontoer.dk.linux61.unoeuro-server.com

When i open my site i get these errors:

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /var/www/servicemontoer.dk/public_html/index.php:1) in /var/www/servicemontoer.dk/public_html/index.php on line 4

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /var/www/servicemontoer.dk/public_html/index.php:1) in /var/www/servicemontoer.dk/public_html/index.php on line 4

This is my code:

[php]

<?php // Start the session session_start(); // Defines username and password. Retrieve however you like, $username = "[email protected]" || "[email protected]" || "[email protected]" || "[email protected]" || "[email protected]" || "[email protected]" || "[email protected]"; $password = "123"; // Error message $error = ""; // Checks to see if the user is already logged in. If so, refirect to correct page. if (isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] == true) { $error = "success"; header('Location: forside.php'); } // Checks to see if the username and password have been entered. // If so and are equal to the username and password defined above, log them in. if (isset($_POST['username']) && isset($_POST['password'])) { if ($_POST['username'] == $username && $_POST['password'] == $password) { $_SESSION['loggedIn'] = true; header('Location: forside.php'); } else { $_SESSION['loggedIn'] = false; $error = "Invalid username and password!"; } } ?> servicemontør.dk <?php echo $error; ?>

Servicemontør.dk

Husk mig! 

  </form>
</div>
[/php]
#2

session start sets the phpsessid cookie, which it cannot do if you have started outputting data (doctype). I suggest you move the PHP code logic up to the top of the file, and then have the html output at the bottom. Note you will still have php code looping over arrays, echoing data etc in the bottom HTML part, but you are better off keeping the grunt php work separated to itself

#3

FYI - The vast majority of PHP Login scripts uses MySQL via mysqli or PDO (My recommendation).

#4

OK, I fooled around with it for a little bit and while it’s not completely finished I think it’s a really good start. Though this is really really screaming Database Table.
[php]<?php
// Start the session
/* Turn on error reporting */
ini_set(‘display_errors’, 1);
ini_set(‘display_startup_errors’, 1);
if (filter_input(INPUT_SERVER, ‘SERVER_NAME’, FILTER_SANITIZE_URL) == “localhost”) {
error_reporting(-1); // -1 = on || 0 = off
} else {
error_reporting(0); // -1 = on || 0 = off
}
session_start();
$remember_me = “no”; // Don’t Remember Login Credentials:
$user_record = \NULL; // Initial $user_record variable to NULL:

/*

  • Dummy Records of users.
    */
    $data = [
    0 => [
    “username” => “[email protected]”,
    “password” => “DetroitTigers”
    ],
    1 => [
    “username” => “[email protected]”,
    “password” => “ClevelandIndians”
    ],
    2 => [
    “username” => “[email protected]”,
    “password” => “NewYorkYankees”
    ],
    3 => [
    “username” => “[email protected]”,
    “password” => “HoustonAstros”
    ]
    ];

//echo “

” . print_r($data, 1) . “
”;
/*
  • Hash Passwords in dummy records using password_hash() function.
    */
    $num = 0;
    foreach ($data as $records) {
    foreach ($records as $key => $value) {
    if ($key == “password”) {
    $data[$num][$key] = password_hash($value, PASSWORD_DEFAULT);
    }
    }
    $num++;
    }
    //echo “
    ” . print_r($data, 1) . “
    ”;

/*

  • Check to see if user has submitted form
    /
    if (isset($_POST[‘action’]) && htmlspecialchars($_POST[‘action’]) === ‘login’) {
    /

    • Get User’s inputs
      /
      $username = htmlspecialchars($_POST[‘username’]);
      $password = htmlspecialchars($_POST[‘password’]);
      $remember_me = htmlspecialchars($_POST[‘remember_me’]);
      //echo $username . “
      ”;
      /
    • Check to see if username is in dummy records,
    • if it is then store that user’s stored record into the $user_record which
    • creates an array.
      */
      foreach ($data as $records) {
      if (in_array($username, $records)) {
      $user_record = $records;
      }
      }

    /*

    • If is an array then check user’s password against the $user_record[‘password’] to
    • see if it matches.
      */
      if (is_array($user_record)) {
      if (isset($password) && password_verify($password, $user_record[‘password’])) {
      echo “Congratulations you have successfully login!
      ”;
      echo “
      ” . print_r($user_record, 1) . “
      ”;
      } else {
      echo “Sorry either the username or password is incorrect, please re-enter
      ”;
      }
      } else {
      echo “Sorry either the username or password is incorrect, please re-enter
      ”;
      }
      }
      ?>
servicemontør.dk * { box-sizing: border-box; } body { padding: 0; margin: 0; } .login { width: 100%; max-width: 800px; height: auto; background-color: lightblue; padding: 20px; margin: 20px auto; } form#login { width: 100%; max-width: 600px; height: auto; background-color: #F9F6F0; padding: 10px; margin: 10px auto; } form#login fieldset { border: 2px solid #2e2e2e; padding: 20px; } form#login legend { font-family: "Palatino Linotype", "Book Antiqua", Palatino, serif; font-size: 1.8em; padding: 0 5px; } form#login label { float: left; display: block; width: 100%; max-width: 150px; height: 30px; font-family: Arial, Helvetica, sans-serif; font-size: 1.2em; line-height: 30px; text-transform: capitalize; } form#login input[type=text], form#login input[type=password] { outline: none; clear: right; display: block; width: 100%; max-width: 250px; height: 30px; padding: 0 5px; margin-bottom: 10px; } form#login input[type=checkbox] { width: 30px; height: 20px; } form#login label.remember_me { display: block; float: left; width: 90px; height: 50px; line-height: 30px; text-transform: none; } form#login input[type=submit] { cursor: pointer; border: none; outline: none; background-color: #2e2e2e; clear: both; display: block; width: 100%; max-width: 100px; height: 40px; font-family: Arial, Helvetica, sans-serif; font-size: 1.4em; color: #fff; text-transform: capitalize; }
Servicemontør.dk email address password Husk mig! 
</body>
[/php]
#5

Ok, I goofed around with this some more ;D ;D ;D :
[php]<?php
// Start the session
/* Turn on error reporting */
ini_set(‘display_errors’, 1);
ini_set(‘display_startup_errors’, 1);
if (filter_input(INPUT_SERVER, ‘SERVER_NAME’, FILTER_SANITIZE_URL) == “localhost”) {
error_reporting(-1); // -1 = on || 0 = off
} else {
error_reporting(0); // -1 = on || 0 = off
}
session_start();
if (!isset($_SESSION[‘remember_me’])) {
$_SESSION[‘remember_me’] = false; // Remember Me:
}

$user_record = \NULL; // Initial $user_record variable to NULL:
$error = NULL;
/*

  • Dummy Records of users.
    */
    $data = [
    0 => [
    “username” => “[email protected]”,
    “password” => “DetroitTigers”
    ],
    1 => [
    “username” => “[email protected]”,
    “password” => “ClevelandIndians”
    ],
    2 => [
    “username” => “[email protected]”,
    “password” => “NewYorkYankees”
    ],
    3 => [
    “username” => “[email protected]”,
    “password” => “HoustonAstros”
    ]
    ];

//echo “

” . print_r($data, 1) . “
”;
/*
  • Hash Passwords in dummy records using password_hash() function.
    */
    $num = 0;
    foreach ($data as $records) {
    foreach ($records as $key => $value) {
    if ($key == “password”) {
    $data[$num][$key] = password_hash($value, PASSWORD_DEFAULT);
    }
    }
    $num++;
    }
    //echo “
    ” . print_r($data, 1) . “
    ”;

/*

  • Check to see if user has submitted form
    */
    $action = filter_input(INPUT_POST, ‘action’, FILTER_SANITIZE_FULL_SPECIAL_CHARS);

if (isset($action) && $action === ‘login’) {
/*
* Get User’s inputs
*/
$username = htmlspecialchars($_POST[‘username’]);
$password = htmlspecialchars($_POST[‘password’]);
$remember_me = htmlspecialchars($_POST[‘remember_me’]);

if ($remember_me === 'yes') {
    $_SESSION['remember_me'] = true;
}
//echo $username . "<br>";
/*
 * Check to see if username is in dummy records,
 * if it is then store that user's stored record into the $user_record which
 * creates an array.
 */
foreach ($data as $records) {
    if (in_array($username, $records)) {
        $user_record = $records;
    }
}

/*
 * If is an array then check user's password against the $user_record['password'] to 
 * see if it matches.
 */
if (is_array($user_record)) {
    if (isset($password) && password_verify($password, $user_record['password'])) {
        //echo "<pre>" . print_r($user_record, 1) . "</pre>";
        $_SESSION['status'] = $user_record['username'];
        header("Location: login_01.php");
        exit();
    } else {
        $error = "Sorry either the username or password is incorrect, please re-enter<br>";
    }
} else {
    $error = "Sorry either the username or password is incorrect, please re-enter<br>";
}

}
if (isset($action) && $action === “logout”) {
// Use both for compatibility with all browsers
// and all versions of PHP.
session_unset();
session_destroy();
header(“Location: login_01.php”);
exit();
}
?>

servicemontør.dk * { box-sizing: border-box; } body { padding: 0; margin: 0; } .login, .logout { width: 100%; max-width: 800px; height: auto; background-color: lightblue; padding: 20px; margin: 20px auto; } .error { font-family: "Palatino Linotype", "Book Antiqua", Palatino, serif; font-size: 1.4em; color: red; } form#login, form#logout { width: 100%; max-width: 600px; height: auto; background-color: #F9F6F0; padding: 10px; margin: 10px auto; } form#login fieldset { border: 2px solid #2e2e2e; padding: 20px; } form#login legend { font-family: "Palatino Linotype", "Book Antiqua", Palatino, serif; font-size: 1.8em; padding: 0 5px; } form#login label, form#logout label { float: left; display: block; width: 100%; max-width: 150px; height: 30px; font-family: Arial, Helvetica, sans-serif; font-size: 1.2em; line-height: 30px; text-transform: capitalize; } form#logout label { display: inline-block; line-height: 40px; max-width: 340px; } form#login input[type=text], form#login input[type=password] { outline: none; clear: right; display: block; width: 100%; max-width: 250px; height: 30px; padding: 0 5px; margin-bottom: 10px; } form#login input[type=checkbox] { width: 30px; height: 20px; } form#login label.remember_me { display: block; float: left; width: 90px; height: 50px; line-height: 30px; text-transform: none; } form#login input[type=submit], form#logout input[type=submit] { cursor: pointer; border: none; outline: none; background-color: #2e2e2e; clear: both; display: block; width: 100%; max-width: 100px; height: 40px; font-family: Arial, Helvetica, sans-serif; font-size: 1.4em; color: #fff; text-transform: capitalize; } form#logout input[type=submit] { clear: none; } form#login input[type=submit]:hover, form#logout input[type=submit]:hover { background-color: blue; } <?php if (!$_SESSION['remember_me'] || $error) { ?>

<?php echo ($error) ? $error : NULL; ?>

Servicemontør.dk email address password Husk mig!
<?php } else { ?>
You are login as <?= $_SESSION['status']; ?>!
<?php } ?> [/php]
Sponsor our Newsletter | Privacy Policy | Terms of Service