Hello,
I’ve working on a site that isn’t going to be hosted on the usual servers we use. I’m having abit of difficulty with the login script we use to make member areas.
Its giving me the warning on a successful attempt to login:
Warning: Cannot modify header information – headers already sent by (output started at /home/11293/domains/[B]xxxxxx[B]xxxxxx
the whole page code is this:
[code=php]<?
session_start();
include ‘inc/connect.php’;
?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
<title>Admin 0.1</title>
<link href=”css/style.css” rel=”stylesheet” type=”text/css” />
<style type=”text/css”>
#loginbox{
width:300px;
margin:150px auto 50px auto;
padding:20px;
text-align:center;
}
#beta{
position: absolute;
top: 20px;
right: 20px;
}
</style>
</head>
<body>
<?
$username = htmlspecialchars($_POST[‘username’]);
$password = htmlspecialchars($_POST[‘password’]);
if($_POST[‘login’] == “true”){
$check = mysql_query(‘SELECT * FROM user_info WHERE username=”‘ . $username . ‘”‘);
if(!$check){ echo “<p>Database Error</p>”;
}
while ($row = mysql_fetch_array($check)) {
$realpassword = $row[‘password’];
$id = $row[‘id’];
$username = $row[‘username’];
}
if($password == $realpassword) {
if(!$realpassword == “”){
header(‘Location: dashboard.php’);
$_SESSION[‘login’]=”ok”;
}
} else {
echo ‘oops’;
}
}
?>
<div id=”loginbox”>
<form action=”index.php” method=”post” enctype=”application/x-www-form-urlencoded”>
Username:<br />
<input name=”username” type=”text” id=”username” tabindex=”1″/><br />
Password:<br />
<input name=”password” type=”password” tabindex=”2″/>
<br />
<input name=”login” type=”hidden” value=”true” />
<input type=”submit” name=”button” id=”button” value=”Submit” tabindex=”3″ />
</form>
</div>
</body>
</html>
I can’t understand whats wrong. I’ve used this code plenty of times before on the server at work fine. i’ve made a couple of changes but just the sql query.