I am suffering from the infamous whitespace problem...[HELP?]

[Xcore]

OK so I have an issue with a game i am developing in my spare time...

I get the following error upon attempting to log-in:

"Warning: Cannot modify header information - headers already sent by (output started at /home/www/*.freehostia.com/index.php:10) in /home/www/*.freehostia.com/index.php on line 81"

I cant help but wonder if it's due to the free host I am using, however I don't want to fork out cash on domains and hosting untill it is necessary...

I have deleted ALL white space from every page I have...

I have included the code for the index page, if one of you would be kind enough to run through it and check if/where the error/(s) occur I would be most greatful...

<?php 
include_once("config.php");
include_once("connect.php");?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Welcome.</title>
<link href="style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
	background-color: #414141;
}
-->
</style></head>

<body OnLoad="document.login.mail.focus();">
<table width="800" height="498" border="0" align="center" cellspacing="0">
<tr>
    <td background="img/indexbanner copy.jpg"><p> </p>
      <p> </p>
      <p> </p>
      <p> </p>
      <p> </p>
      <p> </p>
      <p> </p>
      <p> </p>
      <p> </p>
      <p> </p>
      <p> </p>      
      <form action="" method="post" name="login" id="login">
        <p><?php
if(isset($_SESSION['user_id'])) {
// if already logged in.
session_unset();
session_destroy(); 
echo "You have been logged out.";
}
if(isset($_POST['submit'])) {
$sql = "SELECT status,admins_ip FROM sitestats WHERE id='1'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$page_status = htmlspecialchars($row->status);
$page_status_array = explode("-", $page_status);
$admins_ip = htmlspecialchars($row->admins_ip);
$admin_ip_array = explode("-", $admins_ip);
if(!empty($page_status_array[31]) and !in_array($_SERVER['REMOTE_ADDR'], $admin_ip_array)){
echo htmlspecialchars(stripslashes($page_status_array[31]));
}else{
if(!preg_match("/^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,6}$/i", $_POST['mail'])) {
echo "Invalid Password / Username combination.";
}else{
$query = "SELECT password,id,login_ip,login_count FROM login WHERE mail='".mysql_real_escape_string($_POST['mail'])."'";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
if(empty($row['id'])){
echo "Invalid Password / Username combination.";
}else{
if($row['login_count'] >= 5 ){
echo "You have tried 5 or more false combinations you can reclaim your account with the forgot password option.";
}else{
if(md5($_POST['pass']) != $row['password']){
echo "Invalid Password / Username combination.";
$update_login = mysql_query("UPDATE login SET login_count=login_count+'1' WHERE mail='".mysql_real_escape_string($_POST['mail'])."'")
or die(mysql_error());
}else{
if(empty($row['login_ip'])){
$row['login_ip'] = $_SERVER['REMOTE_ADDR'];
}else{
$ip_information = explode("-", $row['login_ip']);
if (in_array($_SERVER['REMOTE_ADDR'], $ip_information)) {	
$row['login_ip'] = $row['login_ip'];
}else{	
$row['login_ip'] = $row['login_ip']."-".$_SERVER['REMOTE_ADDR'];
}
}
$_SESSION['user_id'] = $row['id'];
$result = mysql_query("UPDATE login SET userip='".mysql_real_escape_string($_SERVER['REMOTE_ADDR'])."',login_ip='".mysql_real_escape_string($row['login_ip'])."',login_count='0' WHERE id='".mysql_real_escape_string($_SESSION['user_id'])."'")
or die(mysql_error());
header("Location: news.php");
}// count check.
}// id check.
}// password check.
}// mail check.
}// disabled check.
}// if isset submit.
?>
</p>
        <table width="450" border="0" align="center" cellspacing="0">
          <tr>
            <td align="right" class="style1"> </td>
            <td align="right" class="style1"><label>Email: </label></td>
            <td width="150" align="center"><input name="mail" type="text" class="entryfield" id="mail" style='width: 95%;'/></td>
            <td width="60" align="right" class="style1"><label>Password: </label></td>
            <td width="150" align="center"><input name="pass" type="password" class="entryfield" id="pass" style='width: 95%; ' maxlength="20"/></td>
          </tr>
          <tr>
            <td height="35" colspan="5" align="center"><table width="100" border="0" cellspacing="0">
                <tr>
                  <td align="center"><input name="submit" type="submit" class="button" value="Login." onfocus="if(this.blur)this.blur()" style="background-color:#222222;"/></td>
                </tr>
            </table></td>
          </tr>
          <tr>
            <td height="35" colspan="5" align="center"><a href="index.php">Log-in</a> • <a href="register.php">Register</a> • <a href="forgot.php">Forgot Password </a></td>
          </tr>
        </table>
    </form></td>
  </tr>
</table>
<center>
</center>

</body>
</html>

Any help would be GREATLY appreciated

Thanks,
~Xcore

 

[hawkaw]

Hi,
The error you're getting is because of header information being sent more than once. In HTML (and PHP) you cannot set the headers of a document more than once, because the headers are the first thing that needs to be set in order to render the rest of the page. On line 81 you're trying to redirect the user to news.php, but because you've allready printed some HTML on line 18-33, you will also get the "modify header information"-error.

My tip:
Place your IF-loop (if(isset($_POST['submit']))) at the very top of index.php

 

[xrvel]

My suggestion is you should put

ob_start();

In the first line of your PHP script :tu: (just before

include_once("config.php");

)

 

[Makis.TV]

my alternative approach is the following:
- save a copy of this file as a backup
- save as no-bom
- upload
- test

 

[Xcore]

OK so I used Xrvel's fix...It seems to have worked...until it redirects too


Bad Request
Your browser sent a request that this server could not understand.

The request line contained invalid characters following the protocol string.

Apache/1.3.33 Server at web121 Port 80

Any idea's on that one?

and thanks for all the help so far

 

[xrvel]

OK so I used Xrvel's fix...It seems to have worked...until it redirects too


Bad Request
Your browser sent a request that this server could not understand.

The request line contained invalid characters following the protocol string.

Apache/1.3.33 Server at web121 Port 80

Any idea's on that one?

and thanks for all the help so far

Not really sure, but try to use this as the redirect code

header("Location: ./news.php");// a dot slash
exit();// 1 extra line

 

[Xcore]

Still getting:

Bad Request
Your browser sent a request that this server could not understand.

The request line contained invalid characters following the protocol string.

 

[xrvel]

Still getting:

Bad Request
Your browser sent a request that this server could not understand.

The request line contained invalid characters following the protocol string.

Im not sure if the problem is in header(location). What if you replace that line with "exit()" ?
If you got no "Bad Request" message, try one of these :

1. Use full path.

   header('Location: http://something.com/news.php');
   exit();

2. Use meta for redirection

   exit('<meta http-equiv="refresh" content="0;url=./news.php" />');

3. Use javascript for redirection

   exit('<script type="text/javascript" language="javascript">document.location="http://something.com/news.php";</script>');