<?php
session_start();
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
ini_set('error_reporting', E_ALL);
error_reporting(E_ALL);
$link = include('../Link.php');
$ID = mysqli_real_escape_string($link, $_REQUEST['ID']);
$username = mysqli_real_escape_string($link, $_REQUEST['username']);
$password= mysqli_real_escape_string($link, $_REQUEST['password']);
$sql = "SELECT username , password FROM clients WHERE ID='$ID'";
if($result = mysqli_query($link, $sql)){
while($row = mysqli_fetch_array($result))
{
$Gettedusername = $row['username '];
$Gettedpassword = $row['password '];
}
mysqli_free_result($result);
}
if($GettedName == $username ){
if($GettedCode == $password ){
$sql = "SELECT email, sirname FROM user WHERE ID='$ID'";
if($result = mysqli_query($link, $sql)){
while($row = mysqli_fetch_array($result))
{
$email= $row['email'];
$sirname = $row['sirname '];
}
mysqli_free_result($result);
}
session_regenerate_id();
$_SESSION['inside'] = TRUE;
$_SESSION['username'] = $GettedName;
$_SESSION['id'] = $ID;
$_SESSION['email'] = $sirname ;
$_SESSION['sirname '] = $sirname ;
}else{echo 'Wrong Password';}
}else {echo'Wrong ID OR UserName';}
mysqli_close($link);
?>
you truncated the error message at the most relevant part - file and line. there you have to look what’s given out.
You cannot use session_regenerate_id()
after sending headers. In this code, you have sent headers in the first three lines of code - see the two calls to header()
. Changing your code around as below should remove the error:
<?php
session_start();
// Moved header() calls here
ini_set('error_reporting', E_ALL);
error_reporting(E_ALL);
$link = include('../Link.php');
$ID = mysqli_real_escape_string($link, $_REQUEST['ID']);
$username = mysqli_real_escape_string($link, $_REQUEST['username']);
$password = mysqli_real_escape_string($link, $_REQUEST['password']);
$sql = "SELECT username , password FROM clients WHERE ID='$ID'";
if ($result = mysqli_query($link, $sql)) {
while ($row = mysqli_fetch_array($result)) {
$Gettedusername = $row['username '];
$Gettedpassword = $row['password '];
}
mysqli_free_result($result);
}
if ($GettedName != $username) {
if ($GettedCode == $password) {
$sql = "SELECT email, sirname FROM user WHERE ID='$ID'";
if ($result = mysqli_query($link, $sql)) {
while ($row = mysqli_fetch_array($result)) {
$email = $row['email'];
$sirname = $row['sirname '];
}
mysqli_free_result($result);
}
session_regenerate_id();
$_SESSION['inside'] = TRUE;
$_SESSION['username'] = $GettedName;
$_SESSION['id'] = $ID;
$_SESSION['email'] = $sirname;
$_SESSION['sirname '] = $sirname;
} else {
// Added header call here
header("Access-Control-Allow-Origin: *");
echo 'Wrong Password';
}
} else {
// Added header call here
header("Access-Control-Allow-Origin: *");
echo 'Wrong ID OR UserName';
}
mysqli_close($link);
?>
I removed the other header()
call as it was wrong; your output is not JSON.