please what is the problem with this php script. i need help with the coding. you can view the test run here www.gsmmoneymakerclub.com www.gsmmoneymakerclub.com
login Code.

<?php
// Connects to your Database
mysql_connect("dont border about this area" or die(mysql_error());
mysql_select_db("don't border about this area" or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directs you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'"or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: members.php";

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'"or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

//then redirect them to the members area
header("Location: members.php";
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40" size="20">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50" size="20">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>

Log out script

<?php
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past);
setcookie(Key_my_site, gone, $past);
header("Location: login.php";
?>

members area

<?php
// Connects to your Database
mysql_connect("dont border about this area" or die(mysql_error());
mysql_select_db("don't border about this area" or die(mysql_error());


//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'"or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php";
}

//otherwise they are shown the admin area
else
{
echo "Admin Area<p>";
echo "Your Content<p>";
echo "<a href=logout.php>Logout</a>";
}
}
}
else

//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php";
}
?>

register code

<?php
// Connects to your Database
mysql_connect("dont border about this area" or die(mysql_error());
mysql_select_db("don't border about this area" or die(mysql_error());

//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
die('You did not complete all of the required fields');
}

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'"
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}

// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match. ');
}

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
}

// now we insert it into the database
$insert = "INSERT INTO users (username, password)
VALUES ('".$_POST['username']."', '".$_POST['pass']."')";
$add_member = mysql_query($insert);
?>


<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
<?php
}
else
{
?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table>
</form>

<?php
}
?>

Is this a test or r u experiencing problems? If the latter, what is the error code you are getting? It would help for us to know.

Well, i visited the site but instead of seeing errors, i see one Mr, Okaformbah francis onuchukwu asking me to make payment to his account with firstinland bank

is that the trick?

@ webdezzi
NONONO, it was a mistake. i was about to be shut down from the internet connection in our office so i did not proofread what i posted. the right web address is this www.gsmmonymakerclub.com/login.php. register here www.gsmmoneymakerclub.com/add.php to be able to login to the member area inorder to log out and see the error code it is giving me which i pasted below.

@ yawa-ti-de
Actually, i am testn running the script to use it but got this message when a user tries to log out

Warning: Cannot modify header information - headers already sent by (output started at /home/gsmclub/public_html/logout.php:10) in /home/gsmclub/public_html/logout.php on line 13

Warning: Cannot modify header information - headers already sent by (output started at /home/gsmclub/public_html/logout.php:10) in /home/gsmclub/public_html/logout.php on line 14

Warning: Cannot modify header information - headers already sent by (output started at /home/gsmclub/public_html/logout.php:10) in /home/gsmclub/public_html/logout.php on line 15

Evrytin seems to be working, the register page, the login page but the log out code in the members page is not working. it is giving me the error i posted up there. You can check out the site at www.gsmmoneymakerclub.com/add.php to register then login at
www.gsmmoneymakerclub.com/login.php which will take you to the member's area where my challenge is.

I will appreciate you contributions and advise. Tanks in anticipation of your suggestions and solutions.

Try to make sure that on every single page that you have php codes that nothing (absolutely nothing, including blank spaces or lines) is sent to the browser.

@ Afam
Thanx. which of the pages do you think this problem would likely be on. One more thing is the code. Nothing is wrong with the log out codes or the login codes?

@charliebiz
In addition to what Afam has said, and this especially applies if you are using any kind of includes and/or session vars and/or trying to send any HTTP-HEADER stuff, make sure you do all that before your very first line of HTML code.

@ yawa-ti-de
I am grateful for your comments but you did not address my last post. My log out script was the only code i embedded in an HTML code. I just need more clearification from Afams last post.
Thanks.

@charliebiz
I will let Afam re-clarify himself, but I will also take a stab at what he is saying:

1) remove all blank spaces from your code from all pages. Again, if the functionality is the same, put that stuff in an include.

2) I can't say there is something wrong with your code until you fix the header problem. Once you fix that, re-run your code. If there are any errors at that point, post them here.

3) Looking at your code though, I am going to guess that it has to do with the "header" function. Please refer to http://us2.php.net/header for more information. Note on that page that you cannot have any HTML code b4 the call to header.

Thanks,

Post the complete code on the page in question.

@ Yawa-ti-de n Afam
Mmmua, mmua,mmmmmmmmmmua. thank you for replying as quick as possible. right now i am online and i am trying your suggestions out. I have added you to my list of reliable forumite coders. I am don't saying i don't take suggestions from others or read their comments but there are some forumites whose post i look up to. My2cent was one of them but i pray he is ok because i have not read or seen any of his post lately. Thank once more. You are really acting as an IYA .


This is the code i use for the login page, the log out page, members area and the registeration page. sorry the codes are long.

[b]login Code.

<?php
// Connects to your Database
mysql_connect("don't border about this area" or die(mysql_error());
mysql_select_db("don't border about this area" or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directs you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'"or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: members.php";

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'"or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);

//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);

//then redirect them to the members area
header("Location: members.php";
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40" size="20">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50" size="20">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>

Log out script

<?php
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past);
setcookie(Key_my_site, gone, $past);
header("Location: login.php";
?>

members area

<?php
// Connects to your Database
mysql_connect("don't border about this area" or die(mysql_error());
mysql_select_db("don't border about this area" or die(mysql_error());


//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'"or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php";
}

//otherwise they are shown the admin area
else
{
echo "Admin Area<p>";
echo "Your Content<p>";
echo "<a href=logout.php>Logout</a>";
}
}
}
else

//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php";
}
?>

register code

<?php
// Connects to your Database
mysql_connect("don't border about this area" or die(mysql_error());
mysql_select_db("don't border about this area" or die(mysql_error());

//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
die('You did not complete all of the required fields');
}

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'"
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}

// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match. ');
}

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
}

// now we insert it into the database
$insert = "INSERT INTO users (username, password)
VALUES ('".$_POST['username']."', '".$_POST['pass']."')";
$add_member = mysql_query($insert);
?>


<h1>Registered</h1>
<p>Thank you, you have registered - you may now login</a>.</p>
<?php
}
else
{
?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="0">
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="pass2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table>
</form>

<?php
}
?>[/b]

@charliebiz
Again, have you tried the header link I sent earlier? Also, do you have any html code before your first line of PHP code? If so, that is the problem. You need to remove all HTML code before the call to header(). If you really need the HTML code there, then I would suggest you move your header() to the top of the file and add your HTML code after that.

Do you have any code like below in your file, before the call to header()?

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html><head>

If so, that is the reason you are getting those errors. You need to place your call to header() directly above such a line above.

In conclusion, make sure there are no HTML codes above any of your PHP code snippets and you should be good to go.

Paste the complete information you see when you want to view the source of the relevant pages.

Your codes may be perfect but without seeing how they interact with html it is impossible to pinpoint the issue you are having right now.

yep and that means that if you have anything in includes, you need to paste the contents of such files as well.

i thank you very much you wont hear from me until i have put to use all your suggestion and solutions. Thanks again.You've made part of my day.

charliebiz:


Warning: Cannot modify header information - headers already sent by (output started at /home/gsmclub/public_html/logout.php:10) in /home/gsmclub/public_html/logout.php on line 13

Warning: Cannot modify header information - headers already sent by (output started at /home/gsmclub/public_html/logout.php:10) in /home/gsmclub/public_html/logout.php on line 14

Warning: Cannot modify header information - headers already sent by (output started at /home/gsmclub/public_html/logout.php:10) in /home/gsmclub/public_html/logout.php on line 15

the solution

Afam:

Try to make sure that on every single page that you have php codes that nothing (absolutely nothing, including blank spaces or lines) is sent to the browser.

check line 10 of the logout.php file. I'll advice to use an accurate line numbering software like dreamweaver(and not the Nairaland award winning notepad)

there is a character you are outputing to the browser on that line OUTSIDE OF THE PHP TAG (character includes, spaces and tabs)

i assume this is your logout script

<?php
$past = time() - 100;
//this makes the time in the past to destroy the cookie
setcookie(ID_my_site, gone, $past);
setcookie(Key_my_site, gone, $past);
header("Location: login.php";
?>

if this is the first script on the logout.php page, then the error should have said

in /home/gsmclub/public_html/logout.php on line 6

instead of

in /home/gsmclub/public_html/logout.php on line 13

and if you have an include file on line 10, open up the include file and and remove all characters from the OUTSIDE of the php opening and closing tag.

php hates to modify sessions and cookies after something has been sent out to the browser, he hates it a lot