Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Session-based Login System Help

session login

  • Please log in to reply
5 replies to this topic

#1 Hunter100

Hunter100

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 292 posts
  • Programming Language:C, C++, PHP, Python, Delphi/Object Pascal, Assembly
  • Learning:Python, Assembly, Bash

Posted 26 March 2011 - 07:35 PM

Hello all,

I've been working on a login system for my website for ages now. I've just finished modifying the UI and decided to get back to work on the login system.

I have a problem. To access the session variables (i.e. starting the session) I use the

session_start();

function, however, it returns these two errors:

Warning: session_start() [
FUNCTION.SESSION-START
]: Cannot send session cookie - headers already sent by (output started at /home/brezerd1/public_html/index.php:2) in /home/brezerd1/public_html/template.php on line 3

Warning: session_start() [
FUNCTION.SESSION-START
]: Cannot send session cache limiter - headers already sent (output started at /home/brezerd1/public_html/index.php:2) in /home/brezerd1/public_html/template.php on line 3

Even though, I'm running session_name before it. The session is being set by login_success.php (which occurs if checklogin.php validates the login).

Basically, I'm trying to keep the user logged in for all pages (until they log out of course).

I'd appreciate some help on this one, as it's been bugging me for a while.

Thanks.
  • 0

#2 Orjan

Orjan

    CC Mentor

  • Moderator
  • 2918 posts
  • Location:Karlstad, Sweden
  • Programming Language:C, Java, C++, C#, PHP, JavaScript, Pascal
  • Learning:Java, C#

Posted 27 March 2011 - 11:26 AM

session_start() needs to be ran before anything is echoed, printed or any html is sent to the browser. what is your code?
  • 0

I'm a System developer at XLENT Consultant Group mainly working with SugarCRM.
Please DO NOT send mail or PM to me with programming questions, post them in the appropriate forum instead, where I and others can answer you.


#3 Upstream

Upstream

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 98 posts
  • Location:Netherlands
  • Programming Language:C, C++, PHP, (Visual) Basic, JavaScript, Perl, Bash, Others
  • Learning:Others

Posted 27 March 2011 - 12:27 PM

And the same holds true for the use of header() and settig cookies. I good article on creating a secure login with, sessions/session checking and a remeber user function can be found here:

PHP - Creating a Secure PHP Login Script - Dev Shed
  • 0

#4 Upstream

Upstream

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 98 posts
  • Location:Netherlands
  • Programming Language:C, C++, PHP, (Visual) Basic, JavaScript, Perl, Bash, Others
  • Learning:Others

Posted 27 March 2011 - 12:32 PM

And the same is true for header() and setting cookies. I found this tutorial PHP - Creating a Secure PHP Login Script - Dev Shed very useful on secure login scripts with sessions/session checking and remember me function.
  • 0

#5 Hunter100

Hunter100

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 292 posts
  • Programming Language:C, C++, PHP, Python, Delphi/Object Pascal, Assembly
  • Learning:Python, Assembly, Bash

Posted 27 March 2011 - 07:04 PM

Well, I'm opening my PHP
<?php

Then, I'm running
session_start();

Then I'm echoing some stuff.

So basically, That is the first thing I'm doing on every page!

Besides HTML comments, however I've tried moving them to no help.

I'll check out that tutorial.
  • 0

#6 null

null

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 128 posts

Posted 27 March 2011 - 07:08 PM

session_name
doesn't have to be called before you set the session. Code before
session_start()
is obviously the problem here. Have you checked that you have not sent ANY output to the browser, including HTTP headers. Check all your usages of
session_start()
and try to find any code before it. If you are using a
include('')
check if there is any code being outputted before this. Also remember that
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
counts as well.
  • 0





Also tagged with one or more of these keywords: session, login

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download