knystrom18 Posted June 5, 2010 Share Posted June 5, 2010 Hey,I've got this php script (link here.)Quick summary of script:- I use a php include statement to include the script into any page I want password protected.- When a user loads this page, the script displays a page I make prompting for a password that I set.- Upon processing of a correctly entered password, the script then displays the page it's been included in originally.- To prevent multiple password entries for a user during the same visit, a cookie is set.It accepts the password and displays the page, but with 1 error: Warning: Cannot modify header information - headers already sent by (output started at C:\Program Files\Xampp\htdocs\Sites\Martins Fails\Martin's Fails 2.0\index.php:1) in C:\Program Files\Xampp\htdocs\Sites\Martins Fails\Martin's Fails 2.0\php\includes\password_protect.php on line 154The same exact script works fine for another site of mine, but for this one, it's just that error. I can "hide" the error by using "@include" instead of just "include", but every time a user clicks "Home" they're prompted for the password again.My "password_protect.php" script:<?php################################################################ Page Password Protect 2.13################################################################ Visit http://www.zubrag.com/scripts/ for updates############################################################### ## Usage:# Set usernames / passwords below between SETTINGS START and SETTINGS END.# Open it in browser with "help" parameter to get the code# to add to all files being protected. # Example: password_protect.php?help# Include protection string which it gave you into every file that needs to be protected## Add following HTML code to your page where you want to have logout link# <a href="http://www.example.com/path/to/protected/page.php?logout=1">Logout</a>################################################################/*-------------------------------------------------------------------SAMPLE if you only want to request login and password on login form.Each row represents different user.$LOGIN_INFORMATION = array( 'zubrag' => 'root', 'test' => 'testpass', 'admin' => 'passwd');--------------------------------------------------------------------SAMPLE if you only want to request only password on login form.Note: only passwords are listed$LOGIN_INFORMATION = array( 'root', 'testpass', 'passwd');--------------------------------------------------------------------*/################################################################### SETTINGS START##################################################################// Add login/password pairs below, like described above// NOTE: all rows except last must have comma "," at the end of line$LOGIN_INFORMATION = array( 'fbgm',);// request login? true - show login and password boxes, false - password box onlydefine('USE_USERNAME', false);// User will be redirected to this page after logoutdefine('LOGOUT_URL', 'http://www.google.com/');// time out after NN minutes of inactivity. Set to 0 to not timeoutdefine('TIMEOUT_MINUTES', 2);// This parameter is only useful when TIMEOUT_MINUTES is not zero// true - timeout time from last activity, false - timeout time from logindefine('TIMEOUT_CHECK_ACTIVITY', true);################################################################### SETTINGS END##################################################################///////////////////////////////////////////////////////// do not change code below///////////////////////////////////////////////////////// show usage exampleif(isset($_GET['help'])) { die('Include following code into every page you would like to protect, at the very beginning (first line):<br><?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?>');}// timeout in seconds$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);// logout?if(isset($_GET['logout'])) { setcookie("verify", '', $timeout, '/'); // clear password; header('Location: ' . LOGOUT_URL); exit();}if(!function_exists('showLoginPasswordProtect')) {// show login formfunction showLoginPasswordProtect($error_msg) {?><html> <head> <META HTTP-EQUIV='CACHE-CONTROL' CONTENT='NO-CACHE'> <META HTTP-EQUIV='PRAGMA' CONTENT='NO-CACHE'> <title>Martin's Fails | Enter Password</title> <link rel='shortcut icon' href='favicon.ico'> <link rel='stylesheet' href='css/general.css'> <link rel='stylesheet' href='css/divs.css'> <link rel='stylesheet' href='css/menu.css'> <link rel='stylesheet' href='css/links.css'> <link rel='stylesheet' href='css/content.css'> <link rel='stylesheet' href='css/password.css'> </head> <body id='password'> <div id='bar'></div> <div id='wrapper'> <div id='pageTop'> <header> <div id='head'> <img src='img/logo.jpg' alt='Martins Fails.'> </div><!--head--> </header> </div><!--pageTop--> <div id='content'> <div id='passContain'> <form method='post' action=''> <h1>Enter Password:</h1> <font color='red'><?php echo $error_msg; ?></font> <br /> <?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?> <input type='password' name='access_password' size='18' /> <input type='submit' name='Submit' value='Submit' /> </form> </div><!--passContain--> </div><!--content--> </div><!--wrapper--> </body></html><?php // stop at this point die();}}// user provided passwordif (isset($_POST['access_password'])) { $login = isset($_POST['access_login']) ? $_POST['access_login'] : ''; $pass = $_POST['access_password']; if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION) || (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) ) ) { showLoginPasswordProtect("Incorrect password."); } else { // set cookie if password was validated setcookie("verify", md5($login.'%'.$pass), $timeout, '/'); // Some programs (like Form1 Bilder) check $_POST array to see if parameters passed // So need to clear password protector variables unset($_POST['access_login']); unset($_POST['access_password']); unset($_POST['Submit']); }}else { // check if password cookie is set if (!isset($_COOKIE['verify'])) { showLoginPasswordProtect(""); } // check if cookie is good $found = false; foreach($LOGIN_INFORMATION as $key=>$val) { $lp = (USE_USERNAME ? $key : '') .'%'.$val; if ($_COOKIE['verify'] == md5($lp)) { $found = true; // prolong timeout if (TIMEOUT_CHECK_ACTIVITY) { setcookie("verify", md5($lp), $timeout, '/'); } break; } } if (!$found) { showLoginPasswordProtect(""); }}?> The page it's included in: <?php include('php/includes/password_protect.php'); ?><!DOCTYPE html><html lang='en'><head><title>Martin's Fails.</title><link rel='shortcut icon' href='favicon.ico'><link rel='stylesheet' href='css/general.css'><link rel='stylesheet' href='css/divs.css'><link rel='stylesheet' href='css/menu.css'><link rel='stylesheet' href='css/links.css'><link rel='stylesheet' href='css/content.css'><meta type='keywords' value='KEYWORDS HERE,KEYWORDS HERE,KEYWORDS HERE,KEYWORDS HERE,KEYWORDS HERE'><!--is that the right syntax?--><meta content='text/html; charset=utf-8'></head><body id='index'> <div id='bar'></div> <div id='wrapper'> <?php include('php/includes/headNav.php'); ?> <div id='content'> <h1>Martin's Fails.</h1> <p class='home'> Whether you work there or have worked there, whether you shop there or have shopped there, undoubtedly you've come accross something which you didn't like. </p> <p class='homeBig'> <span class='under'>This</span> is the time and place to voice those opinions and concerns. </p> </div><!--content--> </div><!--wrapper--> <div id='feedback'> <a href='form_feedback.php'><img src='img/feedback.png' alt='Feedback'></a> </div><!--feedback--></body></html> Any help would be greatly appreciated!Thanks!- K Link to comment Share on other sites More sharing options...
End User Posted June 5, 2010 Share Posted June 5, 2010 This error is nearly always caused by the same thing: something is being sent to the browser prematurely, before a cookie is set or a header is sent. Even a single space or non-printing character will cause this. This is frequently a problem with included files, since there is often something output to the browser before the file is included (intentionally or unintentionally). Link to comment Share on other sites More sharing options...
justsomeguy Posted June 6, 2010 Share Posted June 6, 2010 There's a description about how to read those errors and find the source here:http://w3schools.invisionzone.com/index.ph...ost&p=96607 Link to comment Share on other sites More sharing options...
knystrom18 Posted June 9, 2010 Author Share Posted June 9, 2010 Word! Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.