php interfering with dreamweaver templates?

[roll_or_die]

For the site i am creating, i've created a file called 'auth.php' which i include at the start of my scripts to prevent unauthorised access to certain pages.<br>But i find that on one of the pages, it seems to stop one of the images at the side of the template from appearing!<br>Here are a couple of screenshots to explain...http://pic4.picturetrail.com/VOL749/276013...9/233647768.jpghttp://pic4.picturetrail.com/VOL749/276013...9/233647767.jpgthe bottom shows how the image at the side has dissappeared when the user isnt logged in [however the orange buttons are meant to dissapear].Does anyone know why it might do this?? It doesnt seem to happen on any other pages

[justsomeguy]

The images that are disappearing are part of the content that is supposed to only be shown when the user is logged in.

[roll_or_die]

Thats what i thought, but theyre part of the template i made that applies to every page on the site and are locked, so i cant understand how the script can interfere with it?

[justsomeguy]

Well, anything at this point is guessing. If you have content that appears when you are logged in but does not appear when you are not, then I would say that the content is part of the content that does not appear when you're not logged in. But without studying the code that's about all I can say.

[roll_or_die]

ah yea ive managed to find out the problem, its because i had an 'exit' statement in the 'auth.php' which made the rest of the page stop loading. i think i'm just going to make a page that says for the user to log in with a header redirect thingy leading to it from auth.php [if you know what i mean]but thanks anyway!

[justsomeguy]

It's not a good idea to do a header redirect directly after a login (after you start a new session or set a cookie). Some browsers will ignore the session or cookie and just redirect. It would be better to have the login page go to a page that will process the login info and, if it's all good, show a message like "you are being redirected", and use a meta refresh to do the redirection. That will ensure that the cookie gets set properly. That's why you see login pages (and logout pages) all over the place, including on this forum.

[roll_or_die]

ah thanks i think i'll do that.although on my auth.php page im using this code:

<?phpif (!isset($_SESSION["username"])){header('location: redir_1.html');}?>

but i get an error message saying that the headers have already been sent, im guessing this is because of the session_start(); at the top of each protected page.do you know how i can fix it??

[reportingsjr]

No, that would be because you have echoed something out. Just remove any text output you have (including spaces at the top of the file, if any...).

[justsomeguy]

Headers need to be sent, cookies set, and the session started before you echo or otherwise send anything to browser.