0

i am having a problem with creating a page which have login with without a database, it seems like everything is fine except when i login i get this error Warning: Cannot modify header information - headers already sent by (output started at C:\AppServ\www\index.php:25) in C:\AppServ\www\index.php on line 65

i wonder what is the problem ? it is a very simple webpage with a login form in it, if the username and password are right the user should see a welcome msg + logout, which does not appear because of the header error.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head lang="en">
 <meta http-equiv="content-type" content="text/html;charset=UTF-8">
 <title>Login To Your Account</title>
 <!-- Framework CSS -->
 <link rel="stylesheet" href="assets/blueprint-css/screen.css" type="text/css" media="screen, projection">
 <link rel="stylesheet" href="assets/blueprint-css/print.css" type="text/css" media="print">
 <!--[if lt IE 8]><link rel="stylesheet" href="assets/blueprint-css/ie.css" type="text/css" media="screen, projection"><![endif]-->
 <link rel="stylesheet" href="assets/blueprint-css/plugins/fancy-type/screen.css" type="text/css" media="screen, projection">
 <style type="text/css" media="screen">
  p, table, hr, .box { margin-bottom:25px; }
  .box p { margin-bottom:10px; }
 
 </style>
</head>



<body>
 <div class="container">
 
  <h3 class="center alt"> Welcome.</h3>
  
  <hr>
<?php

$username = 'username';
$password = 'password';

$random1 = 'secret_key1';
$random2 = 'secret_key2';

$hash = md5($random1.$pass.$random2); 

$self = $_SERVER['REQUEST_URI'];




if(isset($_GET['logout']))
{
 unset($_SESSION['login']);
}




if (isset($_SESSION['login']) && $_SESSION['login'] == $hash) {

 ?>
   
  <p>Hello <?php echo $username; ?>, you have successfully logged in!,</p>
  <a href="?logout=true">Logout</a>
   
 <?php
}


else if (isset($_POST['submit'])) {

 if ($_POST['username'] == $username && $_POST['password'] == $password){
 
  //IF USERNAME AND PASSWORD ARE CORRECT SET THE LOG-IN SESSION
  $_SESSION["login"] = $hash;
  header("Location: $_SERVER[PHP_SELF]");
  
 } else {
  
  display_login_form();
  echo '<p>Username or password is invalid</p>';
  
 }
} 

else { 

 display_login_form();

}


function display_login_form(){ ?>

 <form action="<?php echo $self; ?>" method='post'>
 <label for="username">Username:  </label>
 <input type="text" name="username" id="username">
        <br>
<br>
 <label for="password">Password:  </label>
 <input type="password" name="password" id="password">
<br>
<br>
 <input type="submit" name="submit" value="Submit">
<br>
 </form> 
<?php } ?>


<br>
<hr>
<p>&nbsp;</p>
<p>Copyright © 2015 -</p> 
  
  
  <hr class="space">
 </div><!-- end div .container -->

</body>
Mũhâmmễd Ähmêd
  • 3
  • 2

2 Answers2

0

You cannot have any output before using the header() function.

You need to do your login check /redirect before any content is sent to the browser.

user2959229
  • 1,360
  • 2
  • 11
  • 21
-1

Please set the session at the top of the page. 

session_start();
William Madede
  • 727
  • 4
  • 8