Problem with headers

Ben_Wilkins · November 2, 2012, 9:53am

Error code:

Warning: Cannot modify header information - headers already sent by (output started at /home/acemta/public_html/ucp/includes/header.php:123) in /home/acemta/public_html/ucp/changepw.php on line 21

I have about 5 differant files where I use Location: Header and they all produce the same error with header.php

This used to work before, but now I have switched to a new VPS, its giving out the error. I did find I could use <meta refresh> and it will work but that is a buggy fix, and would prefer to use Header: Location in php.

Thanks guys.

Header.php:

http://pastebin.com/fS0yGLrp

<?php
	session_start();
	
	
	require_once('config.php');
	
	{
		$session=$_SERVER['REMOTE_ADDR']; ;
		
if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {


//  - GUESTS -



$time=time();
$time_check=$time-500;

$sql="SELECT * FROM user_online WHERE session='$session'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count=="0"){
$sql1="INSERT INTO user_online(session, time)VALUES('$session', '$time')";
$result1=mysql_query($sql1);
}
else {
$sql2="UPDATE user_online_name SET time='$time' WHERE session = '$session'";
$result2=mysql_query($sql2);
}

$sql4="DELETE FROM user_online WHERE time<$time_check";
$result4=mysql_query($sql4);


}

//  - MEMBERS -

else {
	


	$timenow = time();
	$account = $_SESSION['SESS_FIRST_NAME'];
	$url = basename($_SERVER['REQUEST_URI']);
	$time = time();
	$time_check=$time-500;
	

$sql6="DELETE FROM user_online WHERE time<$time_check";
$result6=mysql_query($sql6);

$sql5="DELETE FROM user_online WHERE session = '$session'";
$result5=mysql_query($sql5);


	 $sql = "UPDATE accounts SET onlineucptime = '$timenow', onlineucppage = '$url' WHERE username = '$account'";
			if (!mysql_query($sql))
		  {
			  die('Error: ' . mysql_error());
			  }

  }
 }




?><head>

<meta name="Description" content="A fully intergrated system for the Multi Theft Auto roleplay server. AceMTA.com:22003" />
<meta name="Keywords" content="AceMTA, Ace, MTA, Roleplay, Server, GTA, San Andreas, Community, Gaming, Multi Theft Auto RP, Red County RP, Forums, " />
<meta name="robots" content="all,follow" />
<meta name="author" content="Ben Wilkins" />
<meta name="copyright" content="AceMTA.com 2012" />

<meta http-equiv="Content-Script-Type" content="text/javascript" />

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<!-- CSS -->
<link rel="stylesheet" href="css/style.css" type="text/css" media="screen, projection, tv" />
<link rel="stylesheet" href="css/style-print.css" type="text/css" media="print" />

<link rel="shortcut icon" href="./img/favicon.ico" type="image/x-icon" />

<title>AceMTA - Server UCP</title>
</head>
<!-- Header -->
	<div id="header">
		
		<!-- Your website name  -->
		<h1><a href="./index.php"><img src="./img/acemtahead.png" height="130" border="0"></a></h1>
		<!-- Your website name end -->
		
			<!-- Your slogan -->
			<h2></h2>
			<!-- Your slogan end -->
		
		<!-- Search form -->	
			<form class="searching" action="">
			<fieldset>
				<label></label>
					<div id="picture-input">
						<input type="text" class="search" onfocus="if(this.value==this.defaultValue)this.value=''"
						onblur="if(this.value=='')this.value=this.defaultValue" value="Search AceMTA&hellip;" />
					</div>
						<input class="hledat" type="image" src="img/search-button.gif" name="" value="Search" alt="Search" />
			</fieldset>
			</form>
			<!-- Search form end -->
	
	<div id="rss-block"><a id="rss-icon" href="#">Data</a></div>		
	</div>
	<!-- Header end -->
	


<body>
<div id="main">

Changepw.php:

http://pastebin.com/UG1bC0kS

<?php
include "./includes/header.php";

include "./includes/menu.php";



if(isset($_POST['changepw'])){
    $oldpw = md5($_POST['oldpassword']);
    $newpw = md5($_POST['newpassword']);
	$id = $_SESSION['SESS_MEMBER_ID'];

    $sql = mysql_query("SELECT * from accounts WHERE id = '$id' AND password = '$oldpw'");
    $sql_c = mysql_num_rows($sql);
	if ($sql_c > 0) {
	
	mysql_query("UPDATE accounts SET password = '$newpw' WHERE id = '$id'")
	or die(mysql_error());

		
       header("Location: ./changepw-done.php"); }

     else {
	
	header("Location: ./changepw-error.php"); }
}
?>



	
<hr class="noscreen" />

<div id="skip-menu"></div>
	
	<div id="content">
	
		<div id="content-box">
		
			<!-- Left column -->
			<div id="content-box-in-left">
				<div id="content-box-in-left-in">
					
					<p><center>
					
					
					<form id="changepw" name="changepw" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<table align="center" border="0" width="65%" height="128">
  <tr>
      <td width="45%" height="19"><strong><font color="#888888" size="3">Current Passwod: </font></strong><br /><br /></td>
    <td width="55%" height="19"><input maxlength="25" name="oldpassword" type="text" value="" size="31"><br /><br /></td>

  </tr>


   <tr>    <td><input type="hidden" name="gamename"  value="{$user->gamename}"/></td>    </tr>

  <tr>
      <td width="45%" height="19"><strong><font color="#888888" size="3">New Password:</font> </strong></td>
    <td width="55%" height="19"><input maxlength="25" name="newpassword" type="text" value="" size="31"><br /><br /></td>
  </tr>
  <tr>
<td colspan="2" align="center" width="45%" height="47"><input type="submit" name="changepw" id="changepw" value=" Change Password " /></td>
  </tr>
</table>
  </form>


					
					</center></p>
						
				</div>
			</div>
			<!-- Left column end -->

<hr class="noscreen" />
			
<?php
include "./includes/leftside.php";
?>

		</div>
	</div>

<hr class="noscreen" />
	
<?php
include "./includes/footer.php";
?>

cpradio · November 2, 2012, 11:21am

You have HTML output in your header.php, so you can’t call header() in your changepw.php file. Think of header() as issuing a command to the browser. Once you start output, the browser is no longer able to execute commands issued by header(), it is already past that stage and in the stage of rendering the page output.

All of your header() calls MUST be executed prior to ANY output (including Warnings, Notices, and Errors).

Ben_Wilkins · November 2, 2012, 11:29am

Thanks for the reply.

What do you propose that I do to get around this?

cpradio · November 2, 2012, 11:35am

Rearrange your code in changepw.php

<?php 
if(isset($_POST['changepw'])){  
    $oldpw = md5($_POST['oldpassword']); 
    $newpw = md5($_POST['newpassword']); 
    $id = $_SESSION['SESS_MEMBER_ID'];  
     
    $sql = mysql_query("SELECT * from accounts WHERE id = '$id' AND password = '$oldpw'"); 
    $sql_c = mysql_num_rows($sql); 
    if ($sql_c > 0) { 
     
    mysql_query("UPDATE accounts SET password = '$newpw' WHERE id = '$id'") 
    or die(mysql_error());   

         
       header("Location: ./changepw-done.php"); } 
        
     else { 
     
    header("Location: ./changepw-error.php"); } 
} 

// moved the included files to after your header calls.
include "./includes/header.php"; 

include "./includes/menu.php"; 
?>

joseninogarcia · November 3, 2012, 5:25am

I also got a problem before, whenever I received that error, I just remove the extra spaces before the session_start().

felgall · November 3, 2012, 8:45am

Any content that forms part of the page, even a single space or a byte order mark, MUST come after the headers and so once that character is written you can no longer add headers.
Having a single character before the <?php is often the cause of this particular error.

joseninogarcia · November 5, 2012, 12:43am

Exactly and as a best thing for that, I shouldn’t give any spaces on it.