All:
I have an application that has been working well for 3-4 months now
without any issues (that I am aware of). A day or two ago, one of our
employees that use this application called to say she was getting a
weird message:
"Warning: Cannot modify header information - headers already sent by
(output started at /www/htdocs/sys36/viewhist.php:2) in
/www/htdocs/sys36/viewhist.php on line 5"
I have been looking into the problem and apparently, the problem is due
to authentication. Going to other parts of the site will trigger a
prompt for username/password and once that is entered, all is well,
even with the page above.
The puzzle is that all pages using Auth use the *EXACT SAME CODE*:
if (!isset($PHP_AU TH_USER)) {
// if empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else if (isset($PHP_AUT H_USER)) {
// if non-empty, check the database for matches
// Connect to the database
$db = mysql_connect(" host", "user", "password") ;
mysql_select_db ("sys36",$db );
$sql="SELECT * FROM Auth WHERE userid='$PHP_AU TH_USER' and
password='$PHP_ AUTH_PW'";
$result=mysql_q uery($sql);
$num=mysql_num_ rows($result);
$myrow = mysql_fetch_arr ay($result);
$userlevel=$myr ow["level"];
if ($num != "0") {
} else {
$userlevel="3";
}
}
Can anyone shed any light on this?
Thanks!
rk
5  1680 
redneck_kiwi wrote:
All:
I have an application that has been working well for 3-4 months now
without any issues (that I am aware of). A day or two ago, one of our
employees that use this application called to say she was getting a
weird message:
"Warning: Cannot modify header information - headers already sent by
(output started at /www/htdocs/sys36/viewhist.php:2) in
/www/htdocs/sys36/viewhist.php on line 5"
I have been looking into the problem and apparently, the problem is due
to authentication. Going to other parts of the site will trigger a
prompt for username/password and once that is entered, all is well,
even with the page above.
The puzzle is that all pages using Auth use the *EXACT SAME CODE*:
if (!isset($PHP_AU TH_USER)) {
// if empty, send header causing dialog box to appear
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
exit;
} else if (isset($PHP_AUT H_USER)) {
// if non-empty, check the database for matches
// Connect to the database
$db = mysql_connect(" host", "user", "password") ;
mysql_select_db ("sys36",$db );
$sql="SELECT * FROM Auth WHERE userid='$PHP_AU TH_USER' and
password='$PHP_ AUTH_PW'";
$result=mysql_q uery($sql);
$num=mysql_num_ rows($result);
$myrow = mysql_fetch_arr ay($result);
$userlevel=$myr ow["level"];
if ($num != "0") {
} else {
$userlevel="3";
}
}
You must have some kind of output before that first line. Check for anything
being echoed or even a blank line before your first <?PHP tag.
Shawn
--
Shawn Wilson sh***@glassgian t.com http://www.glassgiant.com
Thanks Shawn....the ONLY thing is <!DOCTYPE HTML PUBLIC "-//W3C//DTD
HTML 4.01 Transitional//EN" "http://www.w3.or
g/TR/html4/loose.dtd">
This is the same line as the page that DOES work!
:-)
redneck_kiwi wrote: Thanks Shawn....the ONLY thing is <!DOCTYPE HTML PUBLIC "-//W3C//DTD
HTML 4.01 Transitional//EN" "http://www.w3.or
g/TR/html4/loose.dtd">
This is the same line as the page that DOES work!
:-)
When you output the doctype line the headers get definitely sent. You have
to move this line below the authentication lines.
It is actually strange that the other page works. Are you sure you tested it
when $PHP_AUTH_USER was not set? It looks to me as if the authentication was
usually made on a page with no output before the authentication, then the
buggy one did not show the problem, because it did not have to send a
header.
--
Markus
In article <10************ **********@f14g 2000cwb.googleg roups.com>,
"redneck_ki wi" <kf****@gmail.c om> wrote:
:This is the same line as the page that DOES work!
Has your user/employee "bookmarked " her login? Is she sending GET data
straight to the page she wants to view? Someone here can explain that
better than me for sure.
Otherwise: http://ca3.php.net/manual/en/ref.outcontrol.php http://ca3.php.net/manual/en/function.ob-start.php
--
Looks like more of Texas to me ...
-- from The Wild Bunch
Odd thing is that moving the doctype line below the auth section
results in a parsing error. Removing the doctype line entirely fixes
the problem!
also, in order to troubleshoot the problem, I use a browser and can
duplicate her results.
Thanks for the pointer, (re)moving the doctype fixed the problem....odd
that it doesn't cause problems with the other pages.
rk
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: redneck_kiwi |
last post by:
Hi all:
I have a really weird problem. I am developing a customer catalog
system for my company and as such have delved into sessions for
authentication and access levels. So far, I have managed to get a
working system just about finished.
I am building an interface for our customer service folks to use to
manage registered customers and am seeing some weird behavior.
|
by: Rob Mayo |
last post by:
What I'm trying to do is Create an ASP.Net app that has both
Windows-authenticated users and Anonymous users. The idea is this:
When authenticated users attempt to access the site, their credentials are
passed to the Request, and I use the DOMAIN\USER value via the AUTH_USER
server variable to access their accounts. These people would never have to
log in to the app, only their machines on the network.
When anonymous users attempt to...
|
by: CW |
last post by:
I have run into a really strange problem.
My objective is that I only want user who have authenticated themselves to
be able to access the website (and authentication is performed by form
authentication). Only a registration web page is allowed anonymous access.
I have the following contents in web.config:
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
|
by: Chris Gatto |
last post by:
Hi,
I'm having what should be a minor problem but has turned into a 2 day slug
fest with ASP.Net. I am simply attempting to authenticate my asp.net
application users against users in an AD group set up on our domain. It
seems to me I am missing something very simple and obvious, but none of the
MSDN articles I have read are indicating what this might be.
My setup is ASP.Net running on a Windows 2003/IIS 6 server. IIS security...
|
by: Nevets Steprock |
last post by:
I have been building a website diligently for the past three months and
everything has been working well so far.
Yesterday, I added a link on my javascript menu. This link is supposed to go
to a pdf in a folder instead of the usual html page. When I try to test the
link an authentication dialog box pops up requesting username and password.
Since the webuser has to log in to the main site anyway, I just want the
file to pop up...
| | |
by: Matt |
last post by:
I am getting the following Error.
Configuration Error
Description: An error occurred during the processing of a configuration
file required to service this request. Please review the specific error
details below and modify your configuration file appropriately.
Parser Error Message: It is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual...
|
by: David Thielen |
last post by:
Hi;
Ok, I will be the first to agree that this should be impossible - except we
are able to keep repeating it.
Our login page - which has moderately complex html and uses <LayoutTemplate>
to get the look we want - looks exactly right when running on IIS.
But when I run from VS 2005 using the integrated web server, it looks very
different - background color in a div is gone, it's in the upper left of the
|
by: =?Utf-8?B?R3V1czEyMw==?= |
last post by:
Hi,
I created a web site on a remote server. To logon the user must enter a user
id and password. The site is uses Forms Authentication.
The web config file looks as follows:
<configuration>
<system.web>
<customErrors mode="Off"/>
|
by: embeddedbob |
last post by:
Hi there, I appreciate any help on the following issue. I can't seem to find any other similar topic.
(CS4, ActionScript 3.0, Flash 10)
I have a SWF embedded within a page that is protected by digest authentication. To access this page, the browser asks for username/password. So far so good, the SWF works fine.
Now, within that SWF, the script uses URLLoader to POST to another URL on the same server (but a different path than the page)....
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
