1

I can see this topic has been discussed numerous times and I have basic understanding of the theory here but I just can't see where the problem is in my code.

I am working on a project that has some processes that require a user login (by site administrators) so am working on a login function. The way my Pages is structured roughly is the user navigates to what I am calling the parent page:
http://phzfitness.com/Site_Admin.php (username: CraigB Password: password).

This page has a number of included php files (child pages) one of which is the Admin Console (../inc/adminConsole.inc.php) which contains an if statement that should either display the admin console (a few links to things like add new admin user, upload photos and create blog entry) if the user is logged in else another php file (grandchild page) is included which contains the log in form.

So when I land on my page I am presented with the login form, when I log in I have set it to redirect using to the same page and thats when I get the following message:

Warning: Cannot modify header information - headers already sent by (output started at /home2/titch77/public_html/phzfitness.com/Site_Admin.php:13) in /home2/titch77/public_html/phzfitness.com/inc/login_new.php on line 14


line 13 refers to a seemingly unrelated code <?php opening tag for the first include (child page) which is the navigation menu.

Here is the code for the parent page:

<?php
    require_once 'core/init.php';
?>
<HTML>
<head>
<link href="CSS/dark.css" rel="stylesheet" type="text/css">
<title>Admin Console</title>
</head>
<body>
<div id="wrapper">
<!--###  Navigation  ###-->
<div id="navigation">
<?php
include_once('inc/nav.inc.php');
include_once('inc/social.inc.php');
?>
  </div>
<!--###  Header  ###-->
  <div id="header">
<?php 
      include_once('inc/head.inc.php');
      include_once('inc/promo.inc.php');
?>
  </div>
  <div id="main">
<?php 
      include_once('inc/adminConsole.inc.php');
?>
  </div>
<!--Right Menu-->
  <div id="Right" style="min-height:600">
<?php 
      include_once('inc/twit.inc.php');
?>
  </div>
  <div id="footer">
<?php 
      include_once('inc/footer.inc.php');
?>
  </div>
</div>
</body>
</HTML>

code that goes into adminConsole.inc.php

<?php
$user = new user();
if($user->isLoggedIn()) {
?>  
        "<p>Admin Console</p>";
        Welcome <?php escape($user->data()->user_username); ?>  You are logged in!<br>

        <ul>
        <li><a href="../blogpost.inc.php" target="_blank">Crete a new blog  entry</a></li>
        <li><a href="../add_user.php" target="_blank">Register new user</a></li>
        </ul>
        echo '';
<?php
} else {
    //include_once('inc/loginform.inc.php');
    include_once('inc/login_new.php');
    }

Finally the code that goes into login_new.php (This is where it starts to go wrong)

<?php
if(input::exists()) {
    if(Token::check(input::get('token'))){
        $validate = new Validate();
        $validation = $validate->check($_POST, array(
            'username' => array('required' => true),
            'password' => array('required' => true)
        ));
        if($validation->passed()) {
            // log user in  
            $user = new user();
            $login = $user->login(input::get('username'), input::get('password'));
            if($login) {
                header('Location: '.$_SERVER['PHP_SELF']);
                //redirect::to('Site_Admin.php');       
            } else {
                echo 'failed to log in!';
            }
        } else {
            foreach($validation->errors() as $error) {
                echo $error, '<br>';
            }
        }
    }
}
?>
<link href="../CSS/Forms.css" rel="stylesheet" type="text/css">
<form class="dark-matter" action="" method="post">
        <h1>Admin Log in
        <span>You need to log in to use these features!</span>
        </h1>
        <div class="field">
        <label for="username"><span>Username  :</span>
        <input type="text" name="username" id="username" placeholder="Username" autocomplete="off">
        </label>
        </div>

        <div class="field">
        <label for="password"><span>Password  :</span>
        <input type="password" name="password" id="password" placeholder="Password" autocomplete="off">
        </label>
        </div>
        <input type="hidden" name="token" value="<?php echo Token::generate(); ?>"
        <label> <span>&nbsp;</span><input type="submit" name="button" value="Login" class="button button-primary"></label>
</form>

There are a number classes contained within other php files but wasn't sure if necessary at this stage. Thanks in advance for any assistance.

Craig Davison
  • 37
  • 4
  • 1
    Went through this yet => http://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php - Question stands at being closed. – Funk Forty Niner Sep 12 '14 at 15:27
  • I am looking for a bit more help than this (yes I have gone through it). I appreciate the question has been asked and answered in numerous ways. however none of those answers pertain to my specific scenario. Maybe it is the way I have nested my pages. Maybe I am missing something in my code. It could be somet as simple as a typo I don't know. Maybe it's not what is done here but I am looking for someone to run through my code and to point out exactly what is wrong and where. If I am asking to much I will gracefully bow out and look for assistance elsewhere. Thanks – Craig Davison Sep 13 '14 at 00:48
  • Triple-check "everything", includes/requires the whole 9 yards. Anything above header such as an echo, HTML, a space, a cookie, an error, JS etc. is considered as output. Go through your structure and storyboard it, following each step the directives make. – Funk Forty Niner Sep 13 '14 at 00:51
  • Within that include there is no output before the header other than setting a session but this is a modified version of a youtube tutorial now I appreciate my modifications could have broken this and likely have but the only thing that comes to mind is the session (my understanding is, would create a cookie?) but that is no different than the video. – Craig Davison Sep 13 '14 at 01:00
  • There is no white space There is no closing PHP tags in any includes There is no echo (not in the include) There is no JS Scripts Not in the include (login_new.php) in that if statement. Now if you look at the parent page which is where the error apparently starts there is plenty of output and maybe that is it. This is where I am stuck, I just feel like I am constantly chasing my tail. – Craig Davison Sep 13 '14 at 01:05
  • Try it without the session, without the include etc. and you'll be able to tell if that's causing it. Sessions create session cookies, yes. My style of troubleshooting is, I'll comment out/delete a block of code starting from the bottom-up. I know it sounds strange but it works for me. You'll need to figure out where. It could be in one file, or a combination of. It's the best advice I can give you. – Funk Forty Niner Sep 13 '14 at 01:07
  • Thanks, I appreciate the assist, to be honest I am not entirely knew to coding so have had plenty of experience in debugging but PHP is new as well as modern web development as a whole. I worked around it sort of with the below suggestion of using ob_clean but I think I will take a new approach tomorrow by rebuilding the functionality without all the page content and then build the page around it and see if I can spot where it all goes wrong. – Craig Davison Sep 13 '14 at 01:39
  • You're welcome. Take it one step at a time and apply what you already know in debugging techniques. Debugging is debugging, but PHP can be quite touchy when it comes to things like this. If you build too fast without testing as you go, is where the problems start and gets harder to pinpoint where it went wrong. All the best, *cheers* – Funk Forty Niner Sep 13 '14 at 01:51

2 Answers2

1

You cannot use headers after you outputed something.

Use javascript instead.

<script type="text/javascript">
  <!--
    window.location = "http://www.google.com/"
  //-->
</script>
mariobgr
  • 2,143
  • 2
  • 16
  • 31
0

If you want to force a redirect after you've outputted content, you can clear the buffer and send your headers.

ob_clean();
if(!headers_sent()) {
    header('Location: http://www.google.com');
}
phpisuber01
  • 7,585
  • 3
  • 22
  • 26
  • Thanks, this sort of worked as a work around except my page reloads with the login form visible, I have to do a physical refresh to get the page to load output the content in the true section of my if statement. – Craig Davison Sep 13 '14 at 01:42