无法修改标题信息-标题已在第84行的checkout.php中
我花了好几天的时间试图解决这个问题,但在两个标题前找不到任何类型的输出或空格。无法修改标题信息-标题已在第84行的checkout.php中,php,Php,我花了好几天的时间试图解决这个问题,但在两个标题前找不到任何类型的输出或空格。 任何帮助都将不胜感激。 多谢各位 在jcart.php上,我也找不到任何空格或输出 <?php include_once('jcart/jcart.php'); // First we execute our common code to connection to the database and start the session require("common.php"); // This if st
任何帮助都将不胜感激。
多谢各位 在
jcart.php
上,我也找不到任何空格或输出
<?php
include_once('jcart/jcart.php');
// First we execute our common code to connection to the database and start the session
require("common.php");
// This if statement checks to determine whether the login form has been submitted
// If it has, then the login code is run, otherwise the form is displayed
if(!empty($_POST['userform']))
{
// This query retreives the user's information from the database using
// their email.
$query = "
SELECT
id,
email,
password,
salt
FROM customers
WHERE
email = :email
";
// The parameter values
$query_params = array(
':email' => $_POST['email']
);
try
{
// Execute the query against the database
$stmt = $db->prepare($query);
$result = $stmt->execute($query_params);
}
catch(PDOException $ex)
{
// Note: On a production website, you should not output $ex->getMessage().
// It may provide an attacker with helpful information about your code.
die("An error has occurred. Please e-mail X to report the problem.");
}
// This variable tells us whether the user has successfully logged in or not.
// We initialize it to false, assuming they have not.
// If we determine that they have entered the right details, then we switch it to true.
$login_ok = false;
// Retrieve the user data from the database. If $row is false, then the email
// they entered is not registered.
$row = $stmt->fetch();
if($row)
{
// Using the password submitted by the user and the salt stored in the database,
// we now check to see whether the passwords match by hashing the submitted password
// and comparing it to the hashed version already stored in the database.
$check_password = hash('sha256', $_POST['password'] . $row['salt']);
for($round = 0; $round < 65536; $round++)
{
$check_password = hash('sha256', $check_password . $row['salt']);
}
if($check_password === $row['password'])
{
// If they do, then we flip this to true
$login_ok = true;
}
}
// If the user logged in successfully, then we send them to the private members-only page
// Otherwise, we display a login failed message and show the login form again
if($login_ok)
{
// Here I am preparing to store the $row array into the $_SESSION by
// removing the salt and password values from it. Although $_SESSION is
// stored on the server-side, there is no reason to store sensitive values
// in it unless you have to. Thus, it is best practice to remove these
// sensitive values first.
unset($row['salt']);
unset($row['password']);
// This stores the user's data into the session at the index 'user'.
// We will check this index on the private members-only page to determine whether
// or not the user is logged in. We can also use it to retrieve
// the user's details.
$_SESSION['user'] = $row;
// Redirect the user to the private members-only page.
header("Location: checkout.php");
die("Redirecting to: checkout.php");
}
else
{
// Tell the user they failed
header("Location: checkout.php?msg=failedlogin");
// Show them their email again so all they have to do is enter a new
// password. The use of htmlentities prevents XSS attacks. You should
// always use htmlentities on user submitted values before displaying them
// to any customers (including the user that submitted them). For more information:
// http://en.wikipedia.org/wiki/XSS_attack
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
有时候,把一个ob_start()放进去会有帮助;在顶部,肮脏的补丁
那么common.php如何,该文件中的任何输出或空白?当您试图发送标题信息时(关于标题(“Location:some.php”)
,页面的页眉之前不得发送,页眉可以通过任何“echo”或页眉函数发送,或者是之前的空格。文件可能是用UTF-8 BOM编码的?BOM(字节顺序标记)将启动会话。请尝试在不使用BOM的情况下保存文件
第84行的checkout.php
是一个clue@Prisoner第84行只是对header()
的调用。问题是在那之前的某个时候——其他的东西正在产生输出。