Comment Box Error - Can't Send Session Cookie (Headers Already Sent)

I’ve got a comment box that connects to a MySQL database. I’ve got this error message here when I use the PHP include function to call on this script on my main page

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at D:\\Hosting\\5612165\\html\\index.php:67) in D:\\Hosting\\5612165\\html\\shoutbox\\shout.php on line 4

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at D:\\Hosting\\5612165\\html\\index.php:67) in D:\\Hosting\\5612165\\html\\shoutbox\\shout.php on line 4

??? I don’t understand this error. What do I have to do? It says it can’t send session cookies. I’m eating cookies right now but I don’t think that will help.

Here’s the code for my script:


// calling session_start() the function which starts our authentication session

// connecting to mysql server
$l = mysql_connect  ( "999.999.999.999" , "inkzoid" , "999) or die("Error connecting:<BR><BR>".mysql_error());
mysql_select_db( "inkzoid" ) or die("Error getting db:<BR><BR>".mysql_error());

// defining getShouts() which is our function that gets all of our shouts
function getShouts()

	echo '<div align="center">
		<table width="150" border="0" cellspacing="0" cellpadding="0">
	$query = mysql_query("SELECT * FROM shouts ORDER BY id DESC LIMIT 10") or die(mysql_error());
	while ($row = mysql_fetch_array($query) )
		$name = stripslashes($row['Name']);
		$contact = stripslashes($row['Contact']);
		$shout = stripslashes($row['Shout']);
			echo '<p><span class="author">'.$name.'</span> - <span class="shout">'.$shout.'</span></p>';
		} else {
			echo '<p><span class="author"><a href="'.$contact.'" target="_blank">'.$name.'</a></span> - <span class="shout">'.$shout.'</span></p>';

		} // if empty contact
	} // while row mysqlfetcharray query
	echo '<br><br>';
	echo '
			<td height="10">&nbsp;</td>
			<form name="shout" method="post" action="shout.php">
			  <div align="center">
				<input name="name" type="text" id="name" value="Name" size="25" maxlength="10"><br>
				<input name="contact" type="text" id="contact" value="http://" size="25"><br>
				<input name="message" type="text" id="message" value="Message" size="25"><br>
				<input name="shout" type="submit" id="shout" value="Shout!">

} // function getshouts

// our processing if control statement
if ( isset ( $_POST['shout'] ) )
	$name = addslashes($_POST['name']);
	$contact = addslashes($_POST['contact']);
	$message =  $_POST['message'];
	if ( ( isset($name) ) && ( isset($message) ) )
		// getting smilie list
		$smilies = mysql_query("SELECT * FROM smilies") or die(mysql_error());
		while($get = mysql_fetch_array ($smilies))
			$alt = $get['Alt'];
			$smilie = $get['URL'];
			$message = str_replace( $get['Symbol'] , '<img src="smilies/'.$smilie.'" border="0" width="15" height="15" alt="'.$alt.'">' , $message);
			$themessage = addslashes($message);
			// replacing all smilies
		mysql_query("INSERT INTO shouts (Name, Contact, Shout) VALUES ( '$name' , '$contact' , '$message' )") or die(mysql_error());
		$_SESSION['has_posted'] = 'yes';
		header("Location: shout.php");
		// if required fields aren't empty, process into database
	} else {
		echo '<script>alert("Some fields were not filled out!");</script>';
		header("Location: shout.php");
		// if required fields were left empty, show an error dialog

}/* else {

	echo '<script>alert("Please follow the form to this page.");</script>';
	header("Location: shout.php");
	// if they weren't even referred from the form, show error dialog and redirect

} // if isset post shout


// starting the table

//displaying the shouts



Thanks for the replies. I’ll do a little more reading on tutorials for headers and the session start function.

I agree with you. ob_start() is used to hide the session error…

write this code at the top


So ob_start() can be used instead of session_start() at the top of my index.php page?

My comment box (currently lacking styles right now but I’ll get to that on my own later) is at the top of the page. So if I put ob_start(); at the top, that’s where it’ll go. What do I need to do in order to put the box somewhere down the page? If I don’t put it at the top then it’ll trigger the error I was talking about at the start of this post…

You should not print anything before the session is started, so you should put the session_start at the top as RNEL have suggested.

put session_start(); at the top of your index.php instead :slight_smile:

Messages posted have nothing to do, or are helping to clear the error that happened.

The error you are getting is related to either setting cookies or sending raw headers with header() function.

Reason why it happens is that headers have to be sent before you output ANYTHING to the browser.
Workaround exists, with ob_start() function, however you should know what happens before you use the work-around.

You’re getting errors because you’re using header(“Location”) directive AFTER you’ve echoed the data to the browser.

Fastest and simplest solution is to use ob_start() (output buffering) function at the start of your php and ob_end_clean() at the end of your php.

The proper solution is not to have header(“Location”) directive after you’ve echoed shouts or whatever. You’ll have to re-write your code a little bit to achieve that.
Also, one note: when using header(“Location”), the path to which to redirect should be FULL URL, meaning http://localhost/whatever.php instead just whatever.php

That code is not allowed before the session_start as the session_start must be the very first statement. Even if it were allowed it is just hiding the problem rather than fixing it.

The session start needs to be the first statement in the page before any includes so it belongs in index.php and not in shout.php