i have written a code for checking whether there is a session or not.
if not it has to be replaced with the time() value.
but it is displaying the error as Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\shopping1\session.php:9) in C:\xampp\htdocs\shopping1\session.php on line 27
below is my code…
mysql_connect("localhost","root","") or die("mysql_error()");
mysql_select_db("shopping") or die("mysql_error()");
$result = mysql_query("SELECT * from login WHERE username='" . $_POST['username'] . "' AND password='" . $_POST['password'] . "'");
echo "UserId : ".$_SESSION['username'];
echo "Set the username";
$_SESSION['username'] = time();
if ($rows > 0)
$_SESSION['username'] = $_POST['username'];
I already told you.
Just look at the code you posted. There are two echoes before the script reaches the header() instructions. You can’t send headers if you already have output. So you’ll have to eliminate those echoes.
In PHP you will consistently receive errors if send any output (as with the ‘echo’ command) before executing the ‘header’ call.
As I follow the FLOW OF LOGIC in your code, there is a chance that one of the ‘echo’ commands will be executed (in that ‘if’ block) before your call to ‘header’.
Rethink the flow of your program to avoid this.
Going back to your original code:
In the places where you wish to ECHO some output, instead, assign that to a string variable.
Then, after the header, display the contents of that variable (with an ‘echo’ command).
Yes it is. You can assign an empty string (called $message for example) at the start, so that you can perform your header work and add messages to the $message string. After you have finished doing your header work, it is then safe to output what you have stored in $message.
if you UNSET $_SESSION[‘username’]… you are essentially unsettling the session for someone who is actually logged in. you probably realized this and followed it up with the $_SESSION[‘username’]=time(); but then that means there will be session even if no one is logged in ( I just cant wrap my head as to why you would one to do this…
Additionally … you leave yourself wide open for $message being “user:”.timestamp ( again i dont see why you would want this). Maybe there is a greater purpose for all of this, but I thought that I would point it out.