Fatal errors if spaces or blank lines exist between PHP tags using Website Membership plugin

8 posts by 3 authors in: Forums > CMS Builder
Last Post: March 26, 2019   (RSS)

Hi All,

I'm stumped again using CMSB V3.50, PHP V7.2.16, and Membership Plugin V3.13

On some CMS based pages that use the Website Membership plugin, when there's a space or sometimes a blank line in the code above the <!DOCTYPE code, either before an opening <?php tag or after a closing one, a fatal error message is produced. I got mine on both an update profile page and  a login page (using either the virgin code generator code or my styled code).

Here's the full error message for the login page:
Fatal error: setPrefixedCookie: Can't set cookie(lastUrl, ), headers already sent! Output started in /home3/mrqsygmy/public_html/ltestA.php line 8. in /home3/mrqsygmy/public_html/cmsAdmin/lib/common.php on line 742

And the error on the profile update page:
Fatal error: setPrefixedCookie: Can't set cookie(loginsession, =0XM3gDO4IzM1UTM6IyczV2YjFEdzFGbiwiImJWYhBTYklDOwIjMhFDN1UjZ1Y2MhF2N0ADOxETO0IWMhdDZwMzY0QSMhh2ckIiOig2chhEZy92dzNXYwJCLigGd1xmYuJ3brdmI6ISZtFmbyV2c1Jye), headers already sent! Output started in /home3/mrqsygmy/public_html/ptest2.php line 1. in /home3/mrqsygmy/public_html/cmsAdmin/lib/common.php on line 742

And here's the generated code of the login test page if someone can duplicate the errors and add that information to this forum post. (Note the space at the end of line 7 and the blank line after line 7)

<?php
// load viewer library
$libraryPath = 'cmsAdmin/lib/viewer_functions.php';
$dirsToCheck = array('/home3/mrqsygmy/public_html/','','../','../../','../../../');
foreach ($dirsToCheck as $dir) { if (@include_once("$dir$libraryPath")) { break; }}
if (!function_exists('getRecords')) { die("Couldn't load viewer library, check filepath in sourcecode."); }
if (!@$GLOBALS['WEBSITE_MEMBERSHIP_PLUGIN']) { die("You must activate the Website Membership plugin before you can access this page."); } ?> 

<?php // error checking
$errorsAndAlerts = alert();
if (@$CURRENT_USER) { $errorsAndAlerts .= "You are already logged in! <a href='/'>Click here to continue</a> or <a href='?action=logoff'>Logoff</a>.<br/>\n"; }
if (!$CURRENT_USER && @$_REQUEST['loginRequired']) { $errorsAndAlerts .= "Please login to continue.<br/>\n"; }

// save url of referring page so we can redirect user there after login
if (!getPrefixedCookie('lastUrl')) { setPrefixedCookie('lastUrl', @$_SERVER['HTTP_REFERER'] ); }

?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title></title>
<style type="text/css">
body { font-family: arial; }
.instructions { border: 3px solid #000; background-color: #EEE; padding: 10px; text-align: left; margin: 25px}
</style>
</head>
<body>

<h1>Sample User Login Form</h1>

<!-- USER LOGIN FORM -->
<?php if (@$errorsAndAlerts): ?>
<div style="color: #C00; font-weight: bold; font-size: 13px;">
<?php echo $errorsAndAlerts; ?><br/>
</div>
<?php endif ?>

<?php if (!@$CURRENT_USER): ?>
<form action="" method="post">
<input type="hidden" name="action" value="login" />

<table border="0" cellspacing="0" cellpadding="2">
<tr>
<td>Email or Username</td>
<td><input type="text" name="username" value="<?php echo htmlencode(@$_REQUEST['username']); ?>" size="30" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" value="<?php echo htmlencode(@$_REQUEST['password']); ?>" size="30" /></td>
</tr>

<tr>
<td colspan="2" align="center">
<br/><input type="submit" name="submit" value="Login" />
<a href="<?php echo $GLOBALS['WEBSITE_LOGIN_SIGNUP_URL'] ?>">or sign-up</a><br/><br/>

<?php if (@$GLOBALS['FACEBOOKAPI_ENABLE_LOGIN']): // NOTE: This feature requires the Facebook Login plugin! ?>
<a href="<?php echo facebookLogin_getFacebookLoginUrl();?>"
onclick="<?php echo facebookLogin_getFacebookLoginUrl_popupOnClick(); ?>">Login with Facebook</a><br/><br/>
<?php endif ?>

<?php if (@$GLOBALS['TWITTERAPI_ENABLE_LOGIN']): ?>
<a href="<?php echo twitterLogin_getTwitterLoginUrl();?>"
onclick="<?php echo twitterLogin_getTwitterLoginUrl_popupOnClick(); ?>">Login with Twitter</a><br/><br/>
<?php endif ?>

<a href="<?php echo $GLOBALS['WEBSITE_LOGIN_REMINDER_URL'] ?>">Forgot your password?</a>

</td>
</tr>
</table>
</form>
<?php endif ?>
<!-- /USER LOGIN FORM -->
</body>
</html>

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

Hi Steve,

Sorry I took so long to respond, and, thanks for all your effort.

I'll take a look first thing tomorrow morning and let you know what I get.

Best,

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

Good morning Steve,

You're right, and I've been using a similar approach to work around the problem, but I don't understand why this has become an issue with PHP 7.2

I've used the same files with PHP5.6 and didn't have this problem.

I makes me concerned that there will be a lot of clients with a lot of files exhibiting this issue moving forward.

Especially since I use a number of includes for the load viewer library and load record calls.

Any ideas what's going on?

Thanks,

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

By Steve99 - March 26, 2019

Good Morning Jerry,

I suppose it's possible the "lastUrl" cookie was already set so the code didn't attempt to do so. If you're noticing other session issues on that server it could have something to do with the session path. In general, the solution is to not have any output before functions that send or modify HTTP headers.

I came across a forum post with a link from iTools crew to a very thorough StackOverflow post describing this:

Forum Link
https://www.interactivetools.com/forum/forum-posts.php?postNum=2239437#post2239437

StackOverflow Link
https://stackoverflow.com/questions/8028957/how-to-fix-headers-already-sent-error-in-php/8028987#8028987

Best,
Steve

Thanks Steve,

I'll dive in deeper and see what I can come up with

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php

By Dave - March 26, 2019

Hey Guys, 

The reason why you'll get "headers already sent" whitespace errors on some installations and not others is because of the PHP "output_buffering" setting.  

When it's set to zero ("0") output is sent right away and the moment you send page content you can no longer send HTTP headers (cookies, etc).

When it's set to anything else PHP buffers the output before sending it and lets you still send HTTP headers even if some page content has already been sent.  Even though they're being sent out-of-order so to speak, PHP sends them in the proper order to the browser.

If your code was relying on output buffering you can enable it on a new host in an .htaccess, php.ini, or .user.ini file.  Setting it to 4096 for a 4k buffer should resolve most of those issues.  

References: 

Hope that helps!

Dave Edis - Senior Developer
interactivetools.com

Wow Dave...

Thanks for that great explanation.

Didn't have any idea about the output buffering thing.

I'll give it a try.

Jerry Kornbluth

The first CMS Builder reference book is now available on-line!







Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php