john.woolley Posted April 16, 2014 Share Posted April 16, 2014 Warning: Cannot modify header information - headers already sent by (output started at ... etc ------- Hi everyone I think I'm being thick, or not understanding this properly; but I'm modifying the registration script to have a couple of phases. So firstly username, password, email address, then if that's all ok a second page for more information. Once registration has passed (and the fields are put into the mySQL database) then the second page continues with more info that I can link into the other tables. Problem is I'm trying to pass the unique email address or the user_ID (don't care at this stage which until I can get it working). I'd like to open a session ideally once the user has submitted the form and the data has been written to the database. That's when the WARNING comes. Note - it even does it if it's line 1 of the code. I am being thick aren't I? Can someone explain a little further please? Thanks Link to comment Share on other sites More sharing options...
HartleySan Posted April 16, 2014 Share Posted April 16, 2014 Please show the relevant code, and format it by using the <> button in the editor. Link to comment Share on other sites More sharing options...
john.woolley Posted April 16, 2014 Author Share Posted April 16, 2014 <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title></title> <!--[if lt IE 9]> <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> <![endif]--> </head> <body> <? // Check for form submission: session_start(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { require ('../includes/mysqli_connect_dating.php'); // connect to the DB $errors = array(); // Initialize an error array. // Check for a useralias name: if (empty($_POST['useralias'])) { $errors[] = 'You forgot to enter your Screen Name.'; } else { $ua = mysqli_real_escape_string($dbc, trim($_POST['useralias'])); } // Check for a first name: if (empty($_POST['firstname'])) { $errors[] = 'You forgot to enter your first name.'; } else { $fn = mysqli_real_escape_string($dbc, trim($_POST['firstname'])); } // Check for a last name: if (empty($_POST['lastname'])) { $errors[] = 'You forgot to enter your last name.'; } else { $ln = mysqli_real_escape_string($dbc,trim($_POST['lastname'])); } // Check for an email address: if (empty($_POST['email'])) { $errors[] = 'You forgot to enter your email address.'; } else { $e = mysqli_real_escape_string($dbc, trim($_POST['email'])); } // Check for an GENDER: if (empty($_POST['gender'])) { $errors[] = 'You forgot to enter your Gender.'; } else { $g = mysqli_real_escape_string($dbc, trim($_POST['gender'])); } //TRY IT THIS WASY if ($_POST['udobdate'] == '' && $_POST['udobmonth'] == '' && $_POST['udobyear'] == '') { $errors[] = 'You forgot to enter your Date of Birth.'; } else { $udob = $_POST['udobyear'] . '/' . $_POST['udobmonth'] . '/' . $_POST['udobdate']; $dob = mysqli_real_escape_string($dbc, $udob); } // Check for a password and match against the confirmed password: if (!empty($_POST['pass1'])) { if ($_POST['pass1'] != $_POST['pass2']) { $errors[] = 'Your password did not match the confirmed password.'; } else { $p = mysqli_real_escape_string($dbc, trim($_POST['pass1'])); //USE THE ESCAPE PIECE TO SECURE THE USER INPUT } } else { $errors[] = 'You forgot to enter your password.'; } if (empty($errors)) { // If everything's OK. // Register the user in the database... require ('../includes/mysqli_connect_dating.php'); // Connect to the db. // Make the query: $_SESSION['useremail'] = $_POST['email']; $q = "INSERT INTO users (useralias, firstname, lastname, email, gender, dob, password, registration_date) VALUES ('$ua', '$fn', '$ln', '$e', '$g', '$dob', SHA1('$p'), NOW() )"; $r = @mysqli_query ($dbc, $q); // Run the query. if ($r) { // If it ran OK. // Start a session and go to the next page ? - Print a message: echo '<h1>Thank you! ' . $_SESSION['user_email'] . '</h1> //<p>You are now registered. In Chapter 12 you will actually be able to log in!</p><p><br /></p>'; } else { // If it did not run OK. // Public message: echo '<h1>System Error</h1> <p class="error">You could not be registered due to a system error. We apologize for any inconvenience.</p>'; // Debugging message: echo '<p>' . mysqli_error($dbc) . '<br /><br />Query: ' . $q . '</p>'; } // End of if ($r) IF. mysqli_close($dbc); // Close the database connection. // Include the footer and quit the script: exit(); } else { // Report the errors. echo '<h1>Error!</h1> <p class="error">The following error(s) occurred:<br />'; foreach ($errors as $msg) { // Print each error. echo " - $msg<br />\n"; } echo '</p><p>Please try again.</p><p><br /></p>'; } // End of if (empty($errors)) IF. } // End of the main Submit conditional. ?> <h1>Register</h1> <form action="register.php" method="post"> <fieldset> <legend>Enter Your Details</legend> <p>Screen Name: <input type="text" name="useralias" size="15" maxlength="20" value="<?php if (isset($_POST['useralias'])) echo $_POST['useralias']; ?>" /></p> <p>First Name: <input type="text" name="firstname" size="15" maxlength="20" value="<?php if (isset($_POST['firstname'])) echo $_POST['firstname']; ?>" /></p> <p>Last Name: <input type="text" name="lastname" size="15" maxlength="40" value="<?php if (isset($_POST['lastname'])) echo $_POST['lastname']; ?>" /></p> <p>Email Address: <input type="text" name="email" size="20" maxlength="60" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /> </p> <p>Gender: (<input type="radio" name="gender" value="<?php if (isset($_POST['gender'])) echo $_POST['gender']; ?>Male"> Male) (<input type="radio" name="gender" value="<?php if (isset($_POST['gender'])) echo $_POST['gender']; ?>Female"> Female)</p> <!--<p>Date of Birth: (DD/MM/YY)<input type="date" name="udob" value="<?php if (isset($_POST['dob'])) echo $_POST['udob']; ?>"/></p> --> <p>Date of Birth: (Date) <select name="udobdate"><?php for ($day = 1; $day <=31; $day++) { echo "<option value=\"$day\">$day</option>\n"; } echo '</select>'; ?> (Month) <select name="udobmonth"><option value="01">January</option><option value="02">February</option><option value="03">March</option><option value="04">April</option><option value="05">May</option><option value="06">June</option><option value="07">July</option><option value="08">August</option><option value="09">September</option><option value="10">October</option><option value="11">November</option><option value="12">December</option></select> Year <select name="udobyear"><?php date_default_timezone_set('GMT'); for ($year = DATE(Y); $year >= 1900; $year--) { echo "<option value=\"$year\">$year</option>\n"; } echo '</select>'; ?> <p>Password: <input type="password" name="pass1" size="10" maxlength="20" value="<?php if (isset($_POST['pass1'])) echo $_POST['pass1']; ?>" /></p> <p>Confirm Password: <input type="password" name="pass2" size="10" maxlength="20" value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>" /></p> <p><input type="reset" name"clear" action"clear" value="clear"/> <input type="submit" name="submit" value="Register" /></p> </fieldset> </form> </body> </html> Link to comment Share on other sites More sharing options...
HartleySan Posted April 16, 2014 Share Posted April 16, 2014 Yep, the problem is exactly as I thought. You are outputting HTML before the session_start function call, which you cannot do because the session_start function modifies the HTTP headers, which can't be done after content is output to the browser. The solution is to move all of your PHP logic to somewhere before any HTML is output. Make sense? 1 Link to comment Share on other sites More sharing options...
john.woolley Posted April 16, 2014 Author Share Posted April 16, 2014 I missed the obvious Hartley, thanks. I've now put the session start right at the top it's the opening line before the <html> tag. I'm guessing now that I can declare session variables throughout the script and then terminate that particular session when the registration is complete right? Link to comment Share on other sites More sharing options...
Larry Posted April 17, 2014 Share Posted April 17, 2014 I'm guessing now that I can declare session variables throughout the script and then terminate that particular session when the registration is complete right? Yes, exactly. Only the session_start() needs to be before anything goes to the browser. Link to comment Share on other sites More sharing options...
Recommended Posts