Warning: session_register()

Here is the error I’m getting:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\index.php:11) in C:\xampp\xampp\checkLog.php on line 2

Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\index.php:11) in C:\xampp\checkLog.php on line 35

Here is the code form both files:

index.php:

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="css/main.css">
<link rel="shortcut icon" href="favicon.ico"> 
</head>

<body>
<div id="wrap">
<header><?php include("header.php");?></header><!-- End header -->
<section id="content"><?php include("pages.php");?></section><!-- End content -->
<div class="sp3"></div><!-- Give me some space -->
<footer><?php include("footer.php");?></footer><!-- End footer -->
</div>
</body>
</html>

checkLog.php:

<?php
session_start(); 
ob_start();
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name=""; // Database name 
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "logSuccess.php"
session_register("myusername");
session_register("mypassword"); 
header("location:index.php");
}
else {
echo "Wrong Username or Password";
}

ob_end_flush();
?>

Can you post the code for header.php

The reason is you have used session_start() in header.php file which is normally invalid because session_start() function has to be used before any HTML outputs sent to the headers.

here is the header.php:

<div class="login"><a href="index.php?regForm">create an account</a>, or <a href="index.php?logForm">login</a> now</div>
<div class="logo"><a href=""><img src="img/logo.png"></a></div>
<div class="nav">	
<ul class="menu">
<li><a href="index.php?home" class="inhouse">home</a></li>
<li><a href="index.php?conference" class="inconf">conference</a></li>
<li><a href="index.php?downloads" class="indown">downloads</a></li>
</ul>
</div>

Are you sure that there is no PHP code (session_start()) in header.php file?

Put:


<?php
session_start();
?>

at the top of index.php and your problem will be solved.

Also keep in mind that session_register is deprecated and the manual advises to use $_SESSION.

to rajug: nope that is all of the code that I’m using right now.

to TomB: Thanks it worked! two question thou:

  1. If I want to have the session start after user login do how do I prevent the session start till the conformation of the user log in?

  2. How can I i get the redirect to go to the index.php?“pagename” ?

You need the session_start at the very top in order to support sessions at all in the page. All session_start says is that this page supports sessions - it is there to allow the page to handle any session variables that already exist as they get passed to the browser in the headers.

What you do when the person logs in is to create a session variable that identifies that they are logged in. Test for that variable in determining whether they have logged in yet.

my redirect is not work at all it displays the test but it dose not go to the appointed page.

<? 
session_start();
if(!session_is_registered(myusername)){
header("location:home.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>

also since I’m including all the files into one main container index.php will I need to include a session_start on every page?

You need session start at the top of all pages that reference sessions.

The session field you are trying to check in that second line is $_SESSION[‘myusername’] and it should be referenced as such. The long dead is_registered function should not be used.

my redirect is not going to the page it’s just staying on the same on the logSuccess.php page

You must call the session method as the very first thing before even a single space is sent to the web browser

Have you tried checking if $_SESSION['‘myusername’] exists and what it contains so as to make sure that it is actually being set properly in the first place.

I’m looking into the session issue right now.

I changed my code a bit and now I’m getting this error:

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\checkLog.php on line 16
That user doesn’t exist!

<?php

// Define $myusername and $mypassword 
$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{

// Connect to server and select databse.
$connect = mysql_connect("", "", "")or die("Couldn't connect"); 
mysql_select_db("federalview")or die("Couldn' find db");

$query = mysql_query("SELECT * FROM users WHERE username='$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{

	while ($row = mysql_fetch_assoc($query))	
	{	
	$dbusername = $row['username']; 
	$dbpassword = $row['password'];	
	}	
	// Check to see if they match!	
	if ($username==$dbusername&&$password==$dbpassword)	
	{	
		echo "You're in!";	
		}
	else
		echo "Incorrect password!";
	
}
else
	die("That user doesn't exist!");

}
else
	die("Please enter a username ans a password!");
	

	
?>

still getting an error:

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\checkLog.php on line 17
That user doesn’t exist!

Here is the updated code with sessions:

<?php
session_start(); 

// Define $myusername and $mypassword 
$username = $_POST['username'];
$password = $_POST['password'];

if ($username&&$password)
{

// Connect to server and select databse.
$connect = mysql_connect("localhost", "root", "dagmrg")or die("Couldn't connect"); 
mysql_select_db("federalview")or die("Couldn' find db");

$query = mysql_query("SELECT * FROM users WHERE username='$username'");

$numrows = mysql_num_rows($query);

if ($numrows!=0)
{

	while ($row = mysql_fetch_assoc($query))	
	{	
	$dbusername = $row['username']; 
	$dbpassword = $row['password'];	
	}	
	// Check to see if they match!	
	if ($username==$dbusername&&$password==$dbpassword)	
	{	
		echo "You're in! <a href='index.php?member'>Click</a> here to enter.";	
		$_SESSION['username']=$username;
	}
	else
		echo "Incorrect password!";
	
}
else
	die("That user doesn't exist!");

}
else
	die("Please enter a username ans a password!");
	

	
?>

Your getting that error because:

$query = mysql_query("SELECT * FROM users WHERE username='$username'");

the query has failed, so mysql_num_rows doesn’t receive a result set. echo out the query, is the username being received ok?

so how do I fix it?

Is this just a bad query?

$numrows = mysql_num_rows($query);

No that line just tests how many rows have been returned from a successful query.

The query itself in being called in the prior line and since the only variable used in the query is $username and the rest of the query is valid the error must be in the contents of that variable.

The actual error therefore is earlier in the script where you are not setting $username to a valid value.

I’m sorry I’m still new to this and I’m a little confused as to which lie of code you are talking about. I’m assuming it’s this one:

$username = $_POST['username'];