Hi I read a tutorial and got if i want the article form available only to members, I should set the form page like this: ( also I have created the user table in "articles" database and register as "promo"(username) and mypass (pass) here is the code: <? session_start(); // start session. ?> <!-- header tags, edit to match your own, or include template header file. --> <html> <head> <title>Login</title> <head> <body> <? if(!isset($username) | !isset($password)) { // escape from php mode. ?> <form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST"> <p align="center">Members only. Please login to access this document.</p> <table align="center" border="0"> <tr> <th> Username: </th> <th> <input type="text" name="username"> </th> </tr> <tr> <th> Password: </th> <th> <input type="password" name="password"> </th> </tr> <tr> <th colspan="2" align="right"> <input type="submit" value="Login"> </form> </th> </tr> </table> </body> </html> <? exit(); } // If all is well so far. session_register("username"); session_register("password"); // register username and password as session variables. // Here you would check the supplied username and password against your database to see if they exist. // For example, a MySQL Query, your method may differ. $sql = mysql_query("SELECT password FROM user_table WHERE username = '$username'"); $fetch_em = mysql_fetch_array($sql); $numrows = mysql_num_rows($sql); if($numrows != "0" & $password == $fetch_em["password"]) { $valid_user = 1; } else { $valid_user = 0; } // If the username exists and pass is correct, don't pop up the login code again. // If info can't be found or verified.... if (!($valid_user)) { session_unset(); // Unset session variables. session_destroy(); // End Session we created earlier. // escape from php mode. ?> <form action="<?=$PHP_SELF?><?if($QUERY_STRING){ echo"?". $QUERY_STRING;}?>" method="POST"> <p align="center">Incorrect login information, please try again. You must login to access this document.</p> <table align="center" border="0"> <tr> <th> Username: </th> <th> <input type="text" name="username"> </th> </tr> <tr> <th> Password: </th> <th> <input type="password" name="password"> </th> </tr> <tr> <th colspan="2" align="right"> <input type="submit" value="Login"> </form> </th> </tr> </table> </body> </html> <? exit(); } else if ($valid_user){ ?> <br> <FORM action="sendarticle.php" method="post"> <p align=right> <br> <input type="text" SIZE="35" MAXLENGTH="100" dir=rtl name="title"> <br><br> <br><br> article:<br> <textarea name="article" dir=rtl width=1000 height=2000 rows="15" cols="85"> </textarea> <br><br> <p align=center> <input type="Submit" value="post article"> </form> <? } ?> PHP: But! when I want to load the form it says: Warning: session_start(): Cannot send session cookie - headers already sent by (output started at g:\programs(2)\easyphp1-8\www\ha\postarticle.php:4) in g:\programs(2)\easyphp1-8\www\ha\postarticle.php on line 5 Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at g:\programs(2)\easyphp1-8\www\ha\postarticle.php:4) in g:\programs(2)\easyphp1-8\www\ha\postarticle.php on line 5 ( line 5 is session_start(); // start session.) then brings the login form. after I enter my user and pass, it says: Forbidden You don't have permission to access /ha/<br /><b>Notice</b>: Undefined variable: PHP_SELF in <b>g:\programs(2)\easyphp1-8\www\ha\postarticle.php</b> on line <b>17</b><br /><br /><b>Notice</b>: Undefined variable: QUERY_STRING in <b>g:\programs(2)\easyphp1-8\www\ha\postarticle.php</b> on line <b>17</b><br /> on this server. Apache/1.3.33 Server at 127.0.0.1 Port 80 Why this happens and how do i fix it? thanks (by the way, the tutorial was: http://www.evolt.org/article/comment/17/19661/index.html
that tutorial is OBSOLETE: Posted on January 07, 2002 some of the variables are no longer in PHP4/5 , try to find a newer source to learn php. also check www.php.net for manual