Warning: Cannot modify header information - headers already sent by
HejsaJeg har virkelig brug for en der banker det ind med syv tommer søm, hvorfor jeg får denne fejl og hvordan jeg løser den. Fejlen har jeg lavet en hurtig video af: https://www.youtube.com/watch?v=CpQP3Ga0J5o
Hvis man har set videoen, så virker mit login, men når jeg prøver at logge ind igen, så kommer fejlen:
You have been logged out!
Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/logintest/index.php:16) in /Applications/MAMP/htdocs/logintest/login.php on line 46
Jeg har noteret linjerne i koden. Der står jo meget omkring det på nettet, og jeg har læst så meget, men jeg forstår det stadigvæk ikke. Jeg håber der er en som har tid til at hjælpe mig med at løse problemet?
mvh Mads
index.php
<?php
$error='';
if( !isset( $_SESSION ) ) session_start();
if( isset( $_GET['todo'] ) && $_GET['todo'] == 'logout'){
//Session leeren
session_unset();
//Session zerstören
session_destroy();
//Session neu aufesetzen
// jetzt ist alles, was mit dem User zu tun hatte weg
session_start();
//Meldung
echo 'You have been logged out!'; <!-- Linje 16 -->
}
if( !isset( $_SESSION['username'])) include('login.php');
else exit( header('Location: home.php') );
?>
<!doctype html>
<html>
<head>
<meta charset='utf-8'>
<title>PHP Login Form with Session</title>
<link rel='stylesheet' href='style.css' type='text/css' />
</head>
<body>
<h1>PHP Login Form with Session</h1>
<div class='loginBox'>
<h3>Login Form</h3>
<br><br>
<form method='post' action=''>
<label>Username:</label><br>
<input type='text' name='username' placeholder='username' /><br><br>
<label>Password:</label><br>
<input type='password' name='password' placeholder='password' /><br><br>
<input type='submit' name='submit' value='Login' />
</form>
<div class='error'><?php echo $error;?></div>
</div>
</body>
</html>
login.php
<?php
/* login.php */
if( !isset( $_SESSION ) ) session_start();
include('dbconfic.inc.php' );
$error = '';
if( $_SERVER['REQUEST_METHOD']=='POST' && isset( $_POST['submit'] ) ) {
if( empty( $_POST['username'] ) || empty( $_POST['password'] ) ){
$error = 'Both fields are required.';
} else {
/*
Use prepared statements - mitigates agsint sql injection.
Use placeholders in the sql which are used by the `bind_param` statement
*/
$sql='SELECT `u_id` FROM `login` WHERE `username`=? AND md5( `password` )=? limit 1 ';
$stmt=$mysqli->prepare( $sql );
if( !$stmt ) exit('Failed to prepare sql statement');
/*
md5 is not recommended for password hashing as it is generally considered to be broken
bind the variables to the placeholders & execute the sql
*/
$username=$_POST['username'];
$password=md5( $_POST['password'] );
$stmt->bind_param('ss', $username, $password );
$res=$stmt->execute();
/* bind the result of the query to a variable */
$stmt->bind_result( $login_user );
while( $stmt->fetch() ){
/* go through recordset ( 1 record ) */
$_SESSION['username'] = $login_user;
}
$stmt->close();
$mysqli->close();
if( isset( $_SESSION['username'] ) ) exit( header( 'location: home.php' ) ); <!-- Linje 46 -->
else $error='Incorrect username or password.';
}
}
?>
home.php
<?php include 'header.php'; ?>
<a href="index.php?todo=logout" style="font-size:18px">Logout?</a>
<a href="test.php">test</a>
</body>
</html>
header.php
<?php
if( !isset( $_SESSION ) ) session_start();
if( !isset( $_SESSION['username'] ) ) exit( header('Location: index.php') );
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Home</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>
<h1 class="hello">Hello, <em><?php echo $_SESSION['username'];?>!</em></h1>
<br><br><br>