Php Forum Help!!!

**mattiepoo** · Jun 9, 2007 01:20

so I need some help...

im making a forum for catalystyc.org (youth church) and in the forums, im having some trouble.

Whenever someone posts a reply, the page shows this message:

Warning: Cannot modify header information - headers already sent by (output started at /homepages/8/d202110066/htdocs/beheard/replytopost.php:9) in /homepages/8/d202110066/htdocs/beheard/replytopost.php on line 102

now line 101-103 is this:
//redirect user to topic
header("Location: showtopic.php?topic_id=".$_POST["topic_id"]);
exit;

I don't know whats going on... the reply to the topic gets posted... but the error message wont go away. If you need to get a good look at it here's the link to the forum..

http://www.catalystyc.org/beheard/sh...php?topic_id=1

here's the complete script of the php:

<?php
//connect to server
$mysqli = mysqli_connect("XXXX");

//check to see if we're showing the form or adding the post
if (!$_POST) {
// showing the form; check for required item in query string
if (!isset($_GET["post_id"])) {
header("Location: topiclist.php");
exit;
}

//still have to verify topic and post
$verify_sql = "SELECT ft.topic_id, ft.topic_title FROM forum_posts AS fp LEFT JOIN forum_topics AS ft ON fp.topic_id = ft.topic_id WHERE fp.post_id = '".$_GET["post_id"]."'";

$verify_res = mysqli_query($mysqli, $verify_sql) or die(mysqli_error($mysqli));

if (mysqli_num_rows($verify_res) < 1) {
//this post or topic does not exist
header("Location: topiclist.php");
exit;
} else {
//get the topic id and title
while($topic_info = mysqli_fetch_array($verify_res)) {
$topic_id = $topic_info['topic_id'];
$topic_title = stripslashes($topic_info['topic_title']);
}

echo "
<html>
<head>
<title>Post Your Reply in ".$topic_title."</title>
</head>
<body>
<p><strong>Post Your Reply in $topic_title</strong></p>
<form method=\"post\" action=\"".$_SERVER["PHP_SELF"]."\">
<p><strong>Your Name

/strong><br/>
<input type=\"text\" name=\"post_owner\" size=\"40\" maxlength=\"150\"></p>

<p><strong>Post Text

/strong><br/>
<textarea name=\"post_text\" rows=\"8\" cols=\"40\" wrap=\"virtual\"></textarea>

<input type=\"hidden\" name=\"topic_id\" value=\"$topic_id\">
<P><input type=\"submit\" name=\"submit\" value=\"Add Post\"></p>

</form>
</body>
</html>";
}

//free result
mysqli_free_result($verify_res);

//close connection to MySQL
mysqli_close($mysqli);

} else if ($_POST) {
//check for required items from form
if ((!$_POST["topic_id"]) || (!$_POST["post_text"]) || (!$_POST["post_owner"])) {
header("Location: topiclist.php");
exit;
}

//add the post
$add_post_sql = "INSERT INTO forum_posts (topic_id,post_text,post_create_time,post_owner) VALUES ('".$_POST["topic_id"]."', '".$_POST["post_text"]."', now(), '".$_POST["post_owner"]."')";
$add_post_res = mysqli_query($mysqli, $add_post_sql) or die(mysqli_error($mysqli));

//close connection to MySQL
mysqli_close($mysqli);

//redirect user to topic
header("Location: showtopic.php?topic_id=".$_POST["topic_id"]);
exit;
}
?>

any help would be great.

THANKS!

**logic_earth** · Jun 9, 2007 01:28

It would be of great help to wrap your code in [php] or [highlight=php] tags for next time.

One moment while I try to make heads or tails of this code.

**logic_earth** · Jun 9, 2007 01:45

Cleaned Up version, Also you should test this:

Code php:

// connect to server
$mysqli = mysqli_connect('XXXX');
 
// check to see if we're showing the form or adding the post
if (!isset($_POST['topic_id'])) {
 
    // showing the form; check for required item in query string
    if (!isset($_GET['post_id'])) {
        header('Location: topiclist.php');
        exit;
    }
 
    // still have to verify topic and post
    #! This is very very bad fix it or be faced with SQL Injection
    $verify_sql = 'SELECT ft.topic_id, ft.topic_title FROM forum_posts AS fp LEFT JOIN forum_topics AS ft ON fp.topic_id = ft.topic_id WHERE fp.post_id = "' . $_GET['post_id'] . '"';
 
    $verify_res = mysqli_query($mysqli, $verify_sql) or die(mysqli_error($mysqli));
 
    if (mysqli_num_rows($verify_res) < 1) {
        // this post or topic does not exist
        header('Location: topiclist.php');
        exit;
    } else {
 
        // get the topic id and title
        while($topic_info = mysqli_fetch_array($verify_res)) {
            $topic_id = $topic_info['topic_id'];
            $topic_title = stripslashes($topic_info['topic_title']);
        }
 
        echo <<<HTML
<html>
    <head>
        <title>Post Your Reply in $topic_title</title>
    </head>
    <body>
        <p><strong>Post Your Reply in $topic_title</strong></p>
 
        <form method="post" action="{$_SERVER['PHP_SELF']}">
            <input type="hidden" name="topic_id" value="{$topic_id}">
 
            <p><strong>Your Name/strong><br/><input type="text" name="post_owner" size="40" maxlength="150"></p>
            <p><strong>Post Text/strong><br/><textarea name="post_text" rows="8" cols="40" wrap="virtual"></textarea></p>
 
            <p><input type="submit" name="submit" value="Add Post"></p>
        </form>
    </body>
</html>
HTML;
 
    }
 
    mysqli_free_result($verify_res);
    mysqli_close($mysqli);
 
} else if (isset($_POST['topic_id'])) {
 
    // check for required items from form
    if (!isset($_POST['topic_id']) || !isset($_POST['post_text']) || !isset($_POST['post_owner'])) {
        header('Location: topiclist.php');
        exit;
    }
 
    // add the post
    #! This is very very bad fix it or be faced with SQL Injection
    $add_post_sql = 'INSERT INTO forum_posts (topic_id, post_text, post_create_time, post_owner) VALUES ("' . $_POST['topic_id'] . '", "' . $_POST['post_text'] . '", now(), "' . $_POST['post_owner'] . '")';
 
    $add_post_res = mysqli_query($mysqli, $add_post_sql) or die(mysqli_error($mysqli));
 
    mysqli_close($mysqli);
 
    // redirect user to topic
    header('Location: showtopic.php?topic_id=' . $_POST['topic_id']);
    exit;
}

**nameslot** · Jun 9, 2007 02:12

In Most cases try and find the whitespace after the ?> tag in the included files.

It will solve the problem.

It did happened to me in past.

**logic_earth** · Jun 9, 2007 02:16

Originally Posted by nameslot

In Most cases try and find the whitespace after the ?> tag in the included files.

It will solve the problem.

It did happened to me in past.

Or better yet if the files just contain PHP just remove "?>" or do something like this perhapes.

Code php:

<?php
 
# Start of Include File
// Some PHP...
 
?>
 
<!-- HTML... -->
 
<?php
 
# End of Include File

Then whitespace at the end will not be a problem.

**mattiepoo** · Jun 9, 2007 18:36

hey... the script actually didn't work... it said it had an error on line 107.

any other suggestions?

**kaon** · Jun 9, 2007 18:51

Checkout line number 102 or anyother place where output has already started.
The error says that it has sent HTTP header for redirect but the normal output was already sent. Now that output can be whitespace or newline or anyother HTML. Please check for that.

User Tag List

Thread: Php Forum Help!!!

Thread Tools

Display

Php Forum Help!!!

Bookmarks

Bookmarks

Posting Permissions