I'm new to PHP and am having some problems with my login system. I built a login system that works on local host without any problems, but I'm having some issues on my server that seem weird.
When I log in to my site on the server, it logs me into certain pages (so the sessions I guess are only readable on certain pages). What makes this weirder is that which pages I can access changes every time I log in, so I can't check to see the difference in code between the ones I can get into and the ones I can't to fix the problem because the pages affected change every time. I also get the following warning on my log file:
PHP Warning: Cannot modify header information - headers already sent by (output started at /home/mysite/log_out.php:6) in /home/mysite/log_out.php on line 18
And I also see one like this:
PHP Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/mysite/log_out.php:6) in /home/mysite/status.php on line 2 [05-May-2018 13:33:31 UTC]
To add to the weirdness, (and I'm not sure if this is a related problem or a different one altogether) the pages that I can access when logged in behave strangely. For example, I have a button on one of my pages that attaches to a php form. This form marks a page as a 'favorite', and then once the page is a favorite it changes to a button that allows the user to remove the page from their favorites list. When I get to this page, the button works once or twice, then the page stops executing the code and doesn't allow toggling anymore. This also works on localhost.
My going theory with this problem is that it's a settings issue of some sort. I think that must be the case because if it were an issue with my code I'd expect to get the same error on the same pages each time, but I don't. It just seems like the code stops executing after a certain number of times. Because there seems to be an issue with sessions, I set my auto_start sessions feature to 'On' to see if that helped, but it hasn't so far. Is there some other setting in the php.ini file that might help? Any direction is appreciated. Thanks in advance,
UPDATE:
As per requests here is the code in the two documents mentioned by the warnings:
status.php (sets banner variables based on login status)
<?php
session_start();
if (isset($_SESSION["logged_in"])) {
$login = "LOG OUT";
$signup = "MY ACCOUNT";
$ref = "/log_out.php";
$acc = "/user.php";
} else {
$login = "LOG IN";
$signup = "SIGN UP";
$ref = "/log_in.php";
$acc = "/sign_up.php";
}
?>
log_out.php (logs user out)
<?php
session_start();
session_destroy();
session_unset();
echo<<<_HEAD
<!DOCTYPE html>
<html lang="en">
<head>
<link rel="stylesheet" href="style.css">
<title>Log Out</title>
<link rel="shortcut icon" type="image/png" href="/malogo.png"/>
<link rel="shortcut icon" type="image/png" href="http://www.example.com/malogo.png"/>
</head>
<body>
_HEAD;
require_once("status.php");
require_once("banner.php");
header("Location: ../log_in.php?log_out=success");
?>
