user2452165 user2452165 - 2 months ago 7
PHP Question

PHP login redirect results in headers already sent

I'm trying to create a login script, which generates a session after the user signed in, now the user would be redirected to a new url, sadly I receive the following error:

[Fri Sep 23 20:09:17.125738 2016] [fcgid:warn] [pid 27802] [client 91.97.73.183:12550] mod_fcgid: stderr: PHP Warning: Cannot modify header information - headers already sent by (output started at /var/www/vhosts/pr0b.com/httpdocs/index.php:109) in /var/www/vhosts/pr0b.com/httpdocs/handling/classes/user_login_class.php on line 74, referer: http://pr0b.com/


My code looks like the following:

Index.php

<?php
require_once('handling/classes/database_class.php');
require_once('handling/classes/site_config_class.php');
require_once('handling/classes/main_class.php');
$site_config = new site_config_class();
$site_informations = new main_class();
$site_informations_response = $site_informations->class_handler();
?>

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title><?php echo $site_config->site_title_home; ?></title>

<!-- Global stylesheets -->
<link href="https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700,900" rel="stylesheet" type="text/css">
<link href="assets/css/icons/icomoon/styles.css" rel="stylesheet" type="text/css">
<link href="assets/css/bootstrap.css" rel="stylesheet" type="text/css">
<link href="assets/css/core.css" rel="stylesheet" type="text/css">
<link href="assets/css/components.css" rel="stylesheet" type="text/css">
<link href="assets/css/colors.css" rel="stylesheet" type="text/css">
<link href="assets/css/stylesheet.css" rel="stylesheet" type="text/css">

<!-- Core JS files -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js"></script>
<script type="text/javascript" src="assets/js/core/libraries/bootstrap.min.js"></script>
<script type="text/javascript" src="assets/js/plugins/ui/nicescroll.min.js"></script>
<script type="text/javascript" src="assets/js/plugins/ui/drilldown.js"></script>
<script type="text/javascript" src="assets/js/pages/form_select2.js"></script>
<script type="text/javascript" src="assets/js/core/app.js"></script>
<script type="text/javascript" src="assets/js/plugins/forms/selects/select2.min.js"></script>
<script type="text/javascript" src="../assets/js/plugins/notifications/noty.min.js"></script>
</head>

<body class="navbar-top-md-md login-container">
<div class="navbar-fixed-top">
<div class="navbar navbar-inverse">
<div class="navbar-header">
<a class="navbar-brand" href="index.html"><div class="logo"></div></a>

<ul class="nav navbar-nav pull-right visible-xs-block">
<li><a data-toggle="collapse" data-target="#navbar-mobile"><i class="icon-tree5"></i></a></li>
</ul>
</div>

<div class="navbar-collapse collapse" id="navbar-mobile">

<ul class="nav navbar-nav navbar-right">
<li><a data-toggle="modal" data-target="#modal-registration"><i class="icon-users4 position-left"></i> Register Account</a></li>
<li><a data-toggle="modal" data-target="#modal-login"><i class="icon-user-lock position-left"></i> Log In</a></li>
<li><a data-toggle="modal" data-target="#modal-recover"><i class="icon-reply position-left"></i> Resend Credentials</a></li>
</ul>
</div>
</div>
<!-- /main navbar -->


<!-- Second navbar -->
<div class="navbar navbar-default" id="navbar-second">
<ul class="nav navbar-nav no-border visible-xs-block">
<li><a class="text-center collapsed" data-toggle="collapse" data-target="#navbar-second-toggle"><i class="icon-menu7"></i></a></li>
</ul>

<div class="navbar-collapse collapse" id="navbar-second-toggle">
<ul class="nav navbar-nav">
<li class="active"><a href="../index.html"><i class="icon-home position-left"></i> Home</a></li>
<li><a href="../index.html"><i class="icon-heart6 position-left"></i> Community</a></li>
</ul>

<ul class="nav navbar-nav navbar-right">
<li><a href="../index.html"><i class="icon-facebook2"></i></a></li>
<li><a href="../index.html"><i class="icon-twitter"></i></a></li>
<li><a href="../index.html"><i class="icon-youtube"></i></a></li>
</ul>
</div>
</div>
<!-- /second navbar -->
</div>
<!-- /fixed navbars wrapper -->

<!-- Page container -->
<div class="page-container">
<div class="page-content">
<div class="content-wrapper">

<div class="row">
<div class="col-lg-3">
<div class="panel bg-slate-400">
<div class="panel-body">
<div class="heading-elements">
<span class="heading-text badge bg-slate-300">Registered users</span>
</div>

<h3 class="no-margin"><?php echo $site_informations_response['registered_users']; ?></h3>
Registered users
</div>
</div>
</div>
<div class="col-lg-3">
<div class="panel bg-slate-400">
<div class="panel-body">
<div class="heading-elements">
<span class="heading-text badge bg-slate-300">Online users</span>
</div>

<h3 class="no-margin"><?php echo $site_informations_response['online_users']; ?></h3>
Online users
</div>
</div>
</div>
<div class="col-lg-3">
<div class="panel bg-slate-400">
<div class="panel-body">
<div class="heading-elements">
<span class="heading-text badge bg-slate-300">Male users</span>
</div>

<h3 class="no-margin"><?php echo $site_informations_response['male_users']; ?></h3>
Male users
</div>
</div>
</div>
<div class="col-lg-3">
<div class="panel bg-slate-400">
<div class="panel-body">
<div class="heading-elements">
<span class="heading-text badge bg-slate-300">Female users</span>
</div>

<h3 class="no-margin"><?php echo $site_informations_response['female_users']; ?></h3>
Female users
</div>
</div>
</div>
</div>

<div class="row">
<div class="col-md-12">
Content
</div>
</div>

<!-- Login form -->
<div id="modal-login" class="modal fade">
<div class="modal-dialog">
<div class="modal-content login-form">
<!-- Form -->
<form class="modal-body" method="post">
<div class="text-center">
<div class="icon-object border-slate-300 text-slate-300"><i class="icon-reading"></i></div>
<h5 class="content-group">Login to your account <small class="display-block">Your credentials</small></h5>
</div>

<div class="form-group has-feedback has-feedback-left">
<input type="text" class="form-control" placeholder="Username" name="username">
<div class="form-control-feedback">
<i class="icon-user text-muted"></i>
</div>
</div>

<div class="form-group has-feedback has-feedback-left">
<input type="text" class="form-control" placeholder="Password" name="password">
<div class="form-control-feedback">
<i class="icon-lock2 text-muted"></i>
</div>
</div>

<input type="hidden" name="action" value="login">

<div class="form-group">
<button type="submit" class="btn bg-slate-600 btn-block">Login</button>
<button type="button" class="btn btn-default btn-block" data-dismiss="modal">Cancel</button>
</div>

<span class="help-block text-center no-margin">By continuing, you're confirming that you've read our <a href="#">Terms &amp; Conditions</a> and <a href="#">Cookie Policy</a></span>
</form>
<!-- /form -->
</div>
</div>
</div>
<!-- /login form -->

<!-- Registration form -->
<div id="modal-registration" class="modal fade">
<div class="modal-dialog">
<div class="modal-content login-form">
<!-- Form -->
<form class="modal-body" method="post">
<div class="text-center">
<div class="icon-object border-slate-300 text-slate-300"><i class="icon-plus3"></i></div>
<h5 class="content-group">Create account <small class="display-block">All fields are required</small></h5>
</div>

<div class="content-divider text-muted form-group"><span>Your credentials</span></div>

<div class="form-group has-feedback has-feedback-left">
<input type="text" class="form-control" placeholder="Username" name="username">
<div class="form-control-feedback">
<i class="icon-user-check text-muted"></i>
</div>
</div>

<div class="form-group has-feedback has-feedback-left">
<input id="password" type="password" class="form-control" placeholder="Password" name="password">
<div class="form-control-feedback">
<i class="icon-user-lock text-muted"></i>
</div>
</div>

<div class="form-group has-feedback has-feedback-left">
<input id="password_confirm" type="password" class="form-control" placeholder="Repeat password" name="password_confirm">
<div class="form-control-feedback">
<i class="icon-user-lock text-muted"></i>
</div>
</div>

<div class="form-group">
<span id="password_status" class="help-block text-center no-margin"></span>
</div>

<div class="content-divider text-muted form-group"><span>Your privacy</span></div>

<div class="form-group has-feedback has-feedback-left">
<input type="text" class="form-control" placeholder="Email" name="email">
<div class="form-control-feedback">
<i class="icon-mention text-muted"></i>
</div>
</div>

<div class="form-group has-feedback has-feedback-left">
<input type="text" class="form-control" placeholder="Reset pin code" name="pin_code">
<div class="form-control-feedback">
<i class="icon-sync text-muted"></i>
</div>
</div>

<div class="form-group">
<select data-placeholder="Select a gender..." class="select" name="gender">
<option></option>
<option value="male">Male</option>
<option value="female">Female</option>
</select>
</div>

<div class="content-divider text-muted form-group"><span>Additions</span></div>

<div class="form-group">
<div class="checkbox">
<label>
<input type="checkbox" id="terms" class="styled" name="terms">Accept <a href="#">terms of service</a>
</label>
</div>
</div>

<input type="hidden" name="action" value="register">

<div class="form-group">
<button id="registerButton" type="submit" class="btn bg-slate-600 btn-block" disabled>Register account</button>
<button type="button" class="btn btn-default btn-block" data-dismiss="modal">Cancel</button>
</div>
<span class="help-block text-center no-margin">By continuing, you're confirming that you've read our <a href="#">Terms &amp; Conditions</a> and <a href="#">Cookie Policy</a></span>
</form>

<!-- /form -->
</div>
</div>
</div>

<script type="text/javascript">
$(document).ready(function() {
$("#password_confirm").keyup(validate);
});

$('#terms').change(function(){
$("#registerButton").prop('disabled', !$(this).is(':checked'));
});

function validate() {
var password1 = $("#password").val();
var password2 = $("#password_confirm").val();

if(password1 == password2) {
$("#password_status").text("Passwords match!");
}
else {
$("#password_status").text("Passwords do not match!");
}
}
</script>
<!-- /registration form -->

<!-- Password recovery form -->
<div id="modal-recover" class="modal fade">
<div class="modal-dialog">
<div class="modal-content login-form">
<!-- Form -->
<form class="modal-body" action="index.html">

<div class="text-center">
<div class="icon-object border-slate-300 text-slate-300"><i class="icon-spinner11"></i></div>
<h5 class="content-group">Password recovery <small class="display-block">We'll send you instructions in email</small></h5>
</div>

<div class="form-group has-feedback has-feedback-left">
<input type="text" class="form-control" placeholder="Username">
<div class="form-control-feedback">
<i class="icon-user-check text-muted"></i>
</div>
</div>

<div class="form-group has-feedback has-feedback-left">
<input type="text" class="form-control" placeholder="Reset pin code">
<div class="form-control-feedback">
<i class="icon-sync text-muted"></i>
</div>
</div>

<input type="hidden" name="action" value="recover">

<button type="submit" class="btn bg-slate-600 btn-block">Reset password</button>
<button type="button" class="btn btn-default btn-block" data-dismiss="modal">Cancel</button>
</form>
<!-- /form -->
</div>
</div>
</div>
<!-- /password recovery form -->
<?php
if(!empty($_POST)){
$action = $_POST['action'];

switch ($action) {
case 'login':
require_once('handling/classes/user_login_class.php');
$user_login = new user_login_class($_POST['username'], $_POST['password']);
$user_login_response = $user_login->class_handler();
echo $user_login_response;
break;
case 'register':
require_once('handling/classes/register_class.php');
$register_account = new register_class($_POST['username'], $_POST['password'], $_POST['password_confirm'], $_POST['email'], $_POST['pin_code'], $_POST['gender']);
$register_account_response = $register_account->class_handler();
echo $register_account_response;
break;
case 'recover':
#code
break;
}
}
?>
</div>
</div>
</div>
<!-- /Page container -->
<!-- Footer -->
<div class="footer text-muted text-center">
<?php echo $site_config->site_footer; ?>
</div>
<!-- /footer -->
</body>
</html>


user_login_class

<?php
class user_login_class extends database_class {

// Class constructor
function __construct($username, $password) {
$this->username = $username;
$this->password = $password;
$this->salt = 'zWorlDs4lt';
$this->hashed_password = md5($this->salt.$this->password);
}

// Function to check the user credentials
function check_user_credentials() {
$this->connect();
$result = $this->execute_query("SELECT password FROM Users WHERE username = '" . $this->username . "'");

while($row = mysqli_fetch_assoc($result)) {
$response = $row['password'];
}

if($response !== $this->hashed_password) {
return false;
}else {
return true;
}
}

// Function to check the account status
function get_account_status() {
$this->connect();
$result = $this->execute_query("SELECT status FROM Users WHERE username = '" . $this->username . "'");

while($row = mysqli_fetch_assoc($result)) {
$response = $row['status'];
}

return $response;
}

// Function to update user informations
function update_user_variables() {
$this->connect();
$result = $this->execute_query("UPDATE Users SET ip = '" . $_SERVER['REMOTE_ADDR'] . "', online = '1' WHERE username = '" . $this->username . "'");

if(!$result) {
return false;
}else {
return true;
}
}

// Function to execute the class
function class_handler() {
if(!$this->username) {
return 'Error: Username is required. Please enter a valid username.';
}else if(!$this->password) {
return 'Error: Password is required. Please enter a valid password.';
}else {
$check_account_status = $this->get_account_status();
if($check_account_status == 1) {
return 'Error: This account was banned. Please contact our support.';
}else {
$check_user_credentials_resonse = $this->check_user_credentials();
if($check_user_credentials_resonse == false) {
return 'Error: Wrong credentials. Please try again.';
}else if($check_user_credentials_resonse == true) {
$update_user = $this->update_user_variables();
if($update_user == false) {
return 'Error: Wrong credentials. Please try again.';
}else if($update_user == true) {
session_start();
$_SESSION['logged_in'] = true;
$_SESSION['username'] = $this->username;
header('Location: /zworld');
exit();
}
}
}
}
}

}
?>


But yea, it would not redirect the user, does anyone know why? I would appreciate any kind of help, cause I have no clue where to search.

Answer

at the very top of your script, put ob_start()

<?php
    ob_start();
    require_once('handling/classes/database_class.php');
    require_once('handling/classes/site_config_class.php');
    require_once('handling/classes/main_class.php');
    $site_config = new site_config_class();
    $site_informations = new main_class();
    $site_informations_response = $site_informations->class_handler();
    ...
    ?>