This question already has answers here:
Closed 7 years ago.
Warning: Cannot modify header information - headers already sent by (output started at /home/blocexco/public_html/homepage.php:73) in /home/blocexco/public_html/classes/mysql/mysql.security.php on line 99
This error is repeated a second time for mysql.security.php on line 100.
homepage:73
<div class="login">
<?php require_once 'login.php'; ?>
</div>
mysql.security.php: 99-100
setcookie('username', "", time() - (60 * 60 * 24 * 365));
setcookie('password', "", time() - (60 * 60 * 24 * 365));
I know this isn't a "BOM" issue as I've read about. There is output before and after my calls to header() and setcookie() functions - this is necessary since the homepage includes a php file which then injects the right login or logout form.
I've heard about using ob_start() at the beginning of content, but that's not a very specific instruction...I tried placing it at the beginning of homepage.php (just before the html tag) and that didn't fix anything.
I'm new to PHP (a few days in, and new to web-app dev in general). To be honest, it blows my mind that I can't just change which page I am on or create cookies, via php without bending over backwards...
Well, you can't output any headers, including cookies, after output was started. Period.
It's a simple technical restriction, since HTTP headers need to be sent before the HTTP body. It's not PHP that's at fault here.
You should structure your app in a way that first decides what should be sent and gathers all the necessary data, then proceeds to output the actual HTML. Mixing logic inside the main HTML body is messy however you look at it. Look into the MVC pattern for example.
You'll need to move all of your setcookie function calls above your output, because setcookie actually sends an HTTP header, which you cannot do after outputting content.
It doesn't really have anything to do with php. The basics is that your browser expects headers first, content later.
Now you sent headers only once. So if you do an action that consist mainly of sending headers (like header()) it should be obvious that this should be done first.
If you already sent headers (implicitly, because you started output), you can't send them again.
Bottomline is that if you want to control your headers, you have to do that first thing. It's like wanting to change the intro after the show has allready started. If you use the ob_start functions you are saving all output to a cerain point. I would not recommend this; Make your program flow so you know what headers you want to sent, and send them first. Then call the functions that produce output.
If you are wanting to set the cookies after someone has logged in then you could set the cookies in another .php document that the form is posted to authenticate the user's inputs. They would still have to go above any output though.
Ensure the call to set cookies is the first thing processed.
So this:
setcookie('username', "", time() - (60 * 60 * 24 * 365));
setcookie('password', "", time() - (60 * 60 * 24 * 365));
should be called as soon as possible, before any output.
To fix this all you may need to do is remove:
and test it.
Then re-add it in the relevant php file using:
echo '<div class="login">';
