GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Unable to add cookies, header already sent.

phpslave · 10-26-2005, 07:43 PM

kinda, header errors normally arn't worded just like that. Usually the php error will say something along the lines of unable to modifiy headers, but it looks like someone has put some error handling in checking with headers_sent().

Here is the problem:
somewhere in the code before the cookie was set with one of the following;

PHP Code:


			
setcookie();

or

PHP Code:


			
header('Set-Cookie: ......

it sent something to the client, it can be anything that goes to the client, anything at all, a blank line at the start of a page, end of a file any html anything. You can't write to the headers on a clients system after you've already started sending information (already sent the headers). Generally this isn't a big issue to fix. ;-)

btw:
eval() - this shouldn't be used, this usually can lead to security issues depending on how it is handled. Eval takes input and runs it as php code, all types of things can happen here, one example if remote fopen is on in the php.ini and eval accepts a variable, it could be possiable to execute code on one server on another server.

eval() in addition to being a possiable security issue, is a preformance hit as well.

have a good one

10-26-2005, 07:43 PM
phpslave Confirmed User Join Date: Jan 2003 Location: San Jose Posts: 548	kinda, header errors normally arn't worded just like that. Usually the php error will say something along the lines of unable to modifiy headers, but it looks like someone has put some error handling in checking with headers_sent(). Here is the problem: somewhere in the code before the cookie was set with one of the following; PHP Code: `setcookie();` or PHP Code: `header('Set-Cookie: ......` it sent something to the client, it can be anything that goes to the client, anything at all, a blank line at the start of a page, end of a file any html anything. You can't write to the headers on a clients system after you've already started sending information (already sent the headers). Generally this isn't a big issue to fix. ;-) btw: eval() - this shouldn't be used, this usually can lead to security issues depending on how it is handled. Eval takes input and runs it as php code, all types of things can happen here, one example if remote fopen is on in the php.ini and eval accepts a variable, it could be possiable to execute code on one server on another server. eval() in addition to being a possiable security issue, is a preformance hit as well. have a good one __________________