Header redirect produces error

I have a login script that redirects to a ratings.php page upon valid login. When I login, I get the following error:

Warning: Cannot modify header information - headers already sent by (output started at /home/content/31/6543031/html/hd_dev/login.php:1) in /home/content/31/6543031/html/hd_dev/login.php on line 18

Warning: Cannot modify header information - headers already sent by (output started at /home/content/31/6543031/html/hd_dev/login.php:1) in /home/content/31/6543031/html/hd_dev/login.php on line 19

Here is the relevant login code:


$err = "";
if (isset($_POST['user']) && $_POST['user'] != "") {
	if ($_POST['submit'] == "Sign-In") {
		$query = "INSERT INTO patrons (email, pass) VALUES ('" . $_POST['user'] . "', '". $_POST['pass'] . "')";
		$result = @mysql_query($query) or die ("<p>Errpr : " . mysql_error());
	$query = "SELECT * FROM patrons WHERE email = '". $_POST['user'] . "' AND pass = '". $_POST['pass'] . "'";
	$result = @mysql_query($query) or die ("<p>Errpr : " . mysql_error());
	if (!($row = mysql_fetch_array ($result))) {
		$err = "Invalid inputs, Can't post comment!";
	} else {
		$userID = $row['user_ID'];
		$hour = time() + 3600;
		setcookie('userID', $userID, $hour);
	    //  This is the code that causes an error.
		header("Location: rating.php?post=" . $_POST['post']);

I have attached the header file.

Thanks for any help and suggestions to fix this problem.

Its not so much a bug or problem with PHP, more so a misunderstanding of the technology on the developers part.

I forgot to mention that after whatever redirection method you end up using, you should also add a die(); after the redirect statement because otherwise the original script keeps on executing in the background which might also cause problems.

Kalon, I seem to have the problem fixed and wanted to get back to you. There seem to be three possible sources of this error: 1) white spaces before or after the php tags; 2) output before the headers; 3) starting and flushing the buffer. I tried all three of these in order. For my case, it seems that adding <?ob_start();?> at the top of the page and <?ob_flush();?> at the end of the page was the final fix.

Apparently, this problem has been around for a long time. I found a lengthy forum at http://www.daniweb.com/forums/thread88479.html that explained the problem well and included the fixes.

Thanks again for your help.

Note: You can’t have a XHTML 1.1. served like that… you need another meta to say that it is served as an application. Only XTHML 1.0 can exceptionally be served as text/html.

Thanks Kalon. Wasn’t clear about what “output” included. Since posting, I’ve continued googling to find answers. It look like white space can be quit a culprit. I’m going over the code in each of the relevant pages and correcting. If I can’t get it working, I’ll try your javascript suggestion.

All the headers have to be written to a http response before your script generates any output. Otherwise attempting to write a header after some output has already been made will result in an error.

Output can consist of echo statements, blank lines in your script above the header() and even traing blank chars after the ; at the end of a line.

Perhaps even the setcookie() before the header is the problem.

As a last resort you could use javascript to do the redirection.

echo '<script type="text/javascript">window.location.href="some_url"</script>;';