1

I am creating a login system for a website I have created using PHP and MySQL. The database end I have already done and everything is working.

Here is my problem. My website works with includes. Basically I have index.php which is my template and I work off of id's to call the pages into the body of that page. (ie: index.php?id=about, index.php?id=admin, etc.)

My admin page (admin.php) has this on top, as instructed by login tutorials

<?php
session_start();
include_once 'dbconnect.php';

if(!isset($_SESSION['user']))
{
 header("Location: index.php");
}
$res=mysql_query("SELECT * FROM danusers WHERE user_id=".$_SESSION['user']);
$userRow=mysql_fetch_array($res);
?>

But because admin.php is loaded as index.php?id=admin (for the sake of using my template) I get this error:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/content/08/10038808/html/sites/danintra/index.php:28) in /home/content/08/10038808/html/sites/danintra/admin.php on line 2

The easiest way I see to solve this is to create another template file for all my admin pages and then include each respective page into that one, but is there a way to do this without those extra steps?

I really hope someone understands my question and once again I apologize if it has been answered many, many times. I literally have run out of search keywords to find what I am truly looking for.

index.php:

<?php
include 'dbconnect.php';

$sql = mysql_query ("SELECT * FROM `danintra` WHERE id='1'");
$row=mysql_fetch_array($sql);

?>

<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<link href='https://fonts.googleapis.com/css?family=Open+Sans:600' rel='stylesheet' type='text/css'>
<title><?php echo $row['title'];?> | <?php echo $row['subtitle'];?></title>
<style>
body {text-align:center;margin-top:27px;margin-bottom:27px;background-color:#C3C3C3;font-family: 'Open Sans', sans-serif;}
.wrap {width:90%;max-width:1200px;margin:0px auto;background-color:#FFFFFF;}
.header {width:100%;}
.main {width:100%;}
.page {padding:40px;margin-bottom:40px;}
.footer {width:100%;}
.button-add {color:#FFFFFF;background-color:#e2393e;text-transform:uppercase;text-decoration:none;font-weight:bold;padding:15px;float:right;margin-top:10px;margin-bottom:10px;}
.pdf {color:#FFFFFF;background-color:#e2393e;text-transform:uppercase;text-decoration:none;font-weight:bold;width:100px;padding:15px;margin-top:50px;}
</style>
</head>
<body>

<table class="wrap" border=0 cellpadding=0 cellspacing=0>
<tr><td class="header">
        <?php include ('header.php'); ?>
        </td>
</tr><tr>
<td class="main">
        <?php 
        $id=$_GET['id']; 
        if (!empty($id)) { 
        $page = $id. ".php"; 
        if(file_exists("$page")){ 
        include("$page"); 
        } 
        else { 
        include("error.php"); 
        } 
        } 
        else { 
        include("home.php"); 
        } ?>
        </td>
</tr><tr>
<td class="footer">
        <?php include ('footer.php'); ?></td>
</tr>
</table>

</body>
</html>
Jongware
  • 22,200
  • 8
  • 54
  • 100
Brooke
  • 13
  • 3
  • Googling your PHP warning led me to this [page](http://stackoverflow.com/questions/8812754/cannot-send-session-cache-limiter-headers-already-sent) which in case I think you've started `session_start()` somewhere else (index.php?) – Chay22 Apr 26 '16 at 09:26
  • So you're including *admin.php* page in *index.php* page based on url like *index.php?id=admin*, right? If that's the case, then remove this line `session_start()` from *admin.php* page and place it at the very top of your *index.php* page, right after the opening php tag like this ` – Rajdeep Paul Apr 26 '16 at 09:26
  • @chay22 That was my original thought but there is no session_start() on my index.php – Brooke Apr 26 '16 at 09:32
  • @RajdeepPaul That removes the error, but the page content is viewable even without logging in – Brooke Apr 26 '16 at 09:33
  • @Brooke Are you sure there is no more of it? How about put `ob_start()` before `session_start()` ? – Chay22 Apr 26 '16 at 09:35
  • @Brooke What's in the *index.php* page? Edit your question with the relevant code of *index.php* page. – Rajdeep Paul Apr 26 '16 at 09:37
  • @Brooke i think you have to start session_start(); only one time. you have to start only in main page not in include pages. – JYoThI Apr 26 '16 at 09:40
  • problem solved by moving session_start() from admin.php to top of index.php Thanks guys! – Brooke Apr 26 '16 at 09:49

3 Answers3

3

Try to put session_start(); at the very top of your index.php

  • That removes the error, but the page content is viewable even without logging in. – Brooke Apr 26 '16 at 09:34
  • 1
    SOLVED! I get the browser cache needed to be cleared first to realize the change. Thanks! – Brooke Apr 26 '16 at 09:48
  • Yep, have to watch for caching. Generally, I only do caching for JS and CSS files –  Apr 26 '16 at 13:02
1

I don't know what done in index.php. but something is strated to print before including admin.php or so on. you can try ob_start() to buffer it. just add this in index.php at top.

index.php

<?php ob_start();

I am sure it is workging

Rohit Goyani
  • 1,246
  • 11
  • 26
0

Try this:-

<?php
error_reporting(0);
session_start();
include_once 'dbconnect.php';

if(!isset($_SESSION['user']))
{
 //header("Location: index.php");
 echo "<scrip>window.location='index.php'</script>";
}
$res=mysql_query("SELECT * FROM danusers WHERE user_id=".$_SESSION['user']);
$userRow=mysql_fetch_array($res);
?>