include and header php advice

Question

im building my first dynamic site. i have an index.php that based on whether the following session variable is true or false

if($_SESSION['loggedIn'])
{   
include 'logged-in/logged-in.php';
}
else{
include 'not-logged-in/not-logged-in.php';
}

the not-logged-in.php displays some forms so you can either login or register this calls a function within an included php file. if the login() function validates via login via mysql it sets

$_SESSION['loggedIn'] = 1;
header("Location: ../index.php");

i however get this error...

Warning: Cannot modify header information - headers already sent by (output started at //index.php:8) in //not-logged-in/not-logged-in.php on line 5

sorry i '*' out the url to keep my project private. i come from a simple graphics programming background and so this is all new to me. any tips or advice would be greatly appreciated.

Answer 1

this error happens when you're trying to send an http header (like the Location in you code) after there is some kind of output. Check your code and verify your are not sending intentionally any output before sending this header (or even the session_start()). also, if you're using the php closing tags, be sure to not have a single space or newline after it, because it counts as output

Answer 2

This error is caused by having something output to the browser, either with echo, print, etc. before you call the header().

Personally I wouldn't use a session variable to store whether the user is logged in or not because you may want to disable a user, and if they're already logged in they will still have access until their session expires. I like to store the username and hashed password in the session and then re-run the login procedure, using these details, for each page.