Basically I am working on a review form in which users fill out items about a specific product and when submitting the form it calls process.php which validates the form and will email me when one is submitted without error. It then returns the user to the form page and either display the errors that were committed or says it was submitted successfully, this all works great but what I need to do now is when the form is filled out correctly I still want the email and to be returned to the form’s page, but also insert data to my db. My form’s validation works great until I try and pop some code in to insert into the database and then I get these errors…
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/XZXZ/support/database.inc:16) in /home/XZXZ/public_html/Reviews/process.php on line 113
Warning: Cannot modify header information - headers already sent by (output started at /home/XZXZ/support/database.inc:16) in /home/XZXZ/public_html/Reviews/process.php on line 117
I just need to know where I can pop this in at to avoid these errors and still have everything work okay. Here is a look at the process.php file:
<?php
if( isset($_POST) ){
//form validation vars
$formok = true;
$errors = array();
//sumbission data
$ipaddress = $_SERVER['REMOTE_ADDR'];
$sub_date = date('d/m/Y');
$sub_time = date('H:i:s');
//form data
$sub_date = $_POST['sub_date'];
$sub_time = $_POST['sub_time'];
$review_title = $_POST['review_title'];
$rating = $_POST['rating'];
$pros = $_POST['pros'];
$cons = $_POST['cons'];
$best_uses = $_POST['best_uses'];
$comments = $_POST['comments'];
$upload = $_POST['upload'];
$recommend = $_POST['recommend'];
$reviewer_name = $_POST['reviewer_name'];
$reviewer_desc = $_POST['reviewer_desc'];
$reviewer_loc = $_POST['reviewer_loc'];
//form validation to go here....
}
//validate review title is not empty
if(empty($review_title)){
$formok = false;
$errors[] = "You have not entered a title for this review";
}
//validate rating is selected
if (isset ($_POST['rating']) && ($_POST['rating'] == '' )) {
$formok = FALSE;
$errors[] = "You have not selected a rating for the product";
}
//validate pros is not empty
if(empty($pros)){
$formok = false;
$errors[] = "You have not entered any pros";
}
//validate cons is not empty
if(empty($cons)){
$formok = false;
$errors[] = "You have not entered any cons";
}
//validate name is not empty
if(empty($reviewer_name)){
$formok = false;
$errors[] = "You have not entered your name";
}
//validate desc is not empty
if(empty($reviewer_desc)){
$formok = false;
$errors[] = "You have not entered your description";
}
//validate location is not empty
if(empty($reviewer_loc)){
$formok = false;
$errors[] = "You have not entered your location";
}
//send email if all is ok
if($formok){
$headers = "From: reviews@XZXZ.com" . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$emailbody = "<p>You have received a new product review pending approval from XZXZ.com</p>
<p><strong>Review Title: </strong> {$review_title} </p>
<p><strong>Rating: </strong> {rating} </p>
<p><strong>Pros: </strong> {$pros} </p>
<p><strong>Cons: </strong> {$cons} </p>
<p><strong>Best Uses: </strong> {$best_uses} </p>
<p><strong>Comments: </strong> {$comments} </p>
<p><strong>Upload: </strong> {$upload} </p>
<p><strong>Recommend: </strong> {$recommend} </p>
<p><strong>Name: </strong> {$reviewer_name} </p>
<p><strong>Description: </strong> {$reviewer_desc} </p>
<p><strong>Location: </strong> {$reviewer_loc} </p>
<p>This message was sent from the IP Address: {$ipaddress} on {$date} at {$time}</p>";
mail("XX@XZXZ.com","New Pending Review",$emailbody,$headers);
//insert to database
require("/home/XZXZ/support/database.inc");
$SQL="INSERT INTO 'XZXZ_rvs'.'reviews_prod' (sub_date, sub_time, review_title, rating, pros, cons, best_uses, comments, upload, recommend, reviewer_name, reviewer_desc, reviewer_loc) VALUES ('$_POST[$sub_date]','$_POST[$sub_time]','$_POST[$review_title]','$_POST[$rating]','$_POST[$pros]','$_POST[$cons]','$_POST[$best_uses]','$_POST[$comments]','$_POST[$upload]','$_POST[$recommend]','$_POST[$reviewer_name]','$_POST[$reviewer_desc]','$_POST[$reviewer_loc]')";
}
//what we need to return back to our form
$returndata = array(
'posted_form_data' => array(
'review_title' => $review_title,
'rating' => $rating,
'pros' => $pros,
'cons' => $cons,
'best_uses' => $best_uses,
'comments' => $comments,
'upload' => $upload,
'recommend' => $recommend,
'reviewer_name' => $reviewer_name,
'reviewer_desc' => $reviewer_desc,
'reviewer_loc' => $reviewer_loc
),
'form_ok' => $formok,
'errors' => $errors
);
//if this is not an ajax request
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest'){
//set session variables
session_start();
$_SESSION['cf_returndata'] = $returndata;
//redirect back to form
header('location: ' . $_SERVER['HTTP_REFERER']);
}
You must add the script before anything is sent to the browser including blank lines or spaces. This could happen on accident if you close your PHP script files (
?>) that are included before this script, and your editor, FTP client, or another application adds a blank line to the end of the file (which is common). To prevent this from happening, simply leave PHP scripts open-ended (leave out?>if the entire file is PHP). It’s also possible that a strayecho(or similar, e.g.print,print_var, etc) is causing the issue.In your warnings, it looks like this is happening in
/home/XZXZ/support/database.incon line16.Also, as touched on Saurabh, you must put
die();after everyheader("Location: ...");as theheader()function does not redirect the user–it only sendsLocation: ...as a header to the browser, and leaves it up to the browser to do the rest–the server, however, has no idea you’re redirecting the user, so it will continue to run the script. Therefore, you must kill the script to prevent any additional code from executing.