HI all, I have a bit of a head ache with a small bit of php that is driving me nuts.
I’m doing a bit of work for someone and the contact form is out putting an error. This is the URL[/URL]

Code:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home1/pembrok1/public_html/pws.co.uk/test2/index.php:7) in /home1/pembrok1/public_html/pws.co.uk/test2/html-contact-form.php on line 4

However, html-contact-form.php reads like this

PHP Code:

<?php 
$your_email ='iknowthis@hotmail.com';// <<=== update to your email address
session_start();
$errors = '';
$name = '';
$visitor_email = '';
$user_message = '';
if(isset($_POST['submit']))
{
 
 $name = $_POST['name'];
 $visitor_email = $_POST['email'];
 $user_message = $_POST['message'];
 ///------------Do Validations-------------
 if(empty($name)||empty($visitor_email))
 {
  $errors .= "\n Name and Email are required fields. "; 
 }
 if(IsInjected($visitor_email))
 {
  $errors .= "\n Bad email value!";
 }
 if(empty($_SESSION['6_letters_code'] ) ||
   strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0)
 {
 //Note: the captcha code is compared case insensitively.
 //if you want case sensitive match, update the check above to
 // strcmp()
  $errors .= "\n The captcha code does not match!";
 }
 
 if(empty($errors))
 {
  //send the email
  $to = $your_email;
  $subject="New form submission";
  $from = $your_email;
  $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
 
  $body = "A user  $name submitted the contact form:\n".
  "Name: $name\n".
  "Email: $visitor_email \n".
  "Message: \n ".
  "$user_message\n".
  "IP: $ip\n"; 
 
  $headers = "From: $from \r\n";
  $headers .= "Reply-To: $visitor_email \r\n";
 
  mail($to, $subject, $body,$headers);
 
  header('Location: thank-you.html');
 }
}
// Function to validate against any email injection attempts
function IsInjected($str)
{
  $injections = array('(\n+)',
              '(\r+)',
              '(\t+)',
              '(%0A+)',
              '(%0D+)',
              '(%08+)',
              '(%09+)'
              );
  $inject = join('|', $injections);
  $inject = "/$inject/i";
  if(preg_match($inject,$str))
    {
    return true;
  }
  else
    {
    return false;
  }
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> 
<html>
<head>
 <title>Contact Us</title>
<!-- define some style elements-->
<style>
label,a, body 
{
 font-family : Arial, Helvetica, sans-serif;
 font-size : 12px; 
}
.err
{
 font-family : Verdana, Helvetica, sans-serif;
 font-size : 12px;
 color: red;
}
</style> 
<!-- a helper script for vaidating the form-->
<script language="JavaScript" src="scripts/gen_validatorv31.js" type="text/javascript"></script> 
</head>
<body>
<?php
if(!empty($errors)){
echo "<p class='err'>".nl2br($errors)."</p>";
}
?>
<div id='contact_form_errorloc' class='err'></div>
<form method="POST" name="contact_form" 
action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>"> 
<p>
<label for='name'>Name: </label><br>
<input type="text" name="name" value='<?php echo htmlentities($name) ?>'>
</p>
<p>
<label for='email'>Email: </label><br>
<input type="text" name="email" value='<?php echo htmlentities($visitor_email) ?>'>
</p>
<p>
<label for='message'>Message:</label> <br>
<textarea name="message" rows=8 cols=30><?php echo htmlentities($user_message) ?></textarea>
</p>
<p>
<img src="captcha_code_file.php?rand=<?php echo rand(); ?>" id='captchaimg' ><br>
<label for='message'>Enter the code above here :</label><br>
<input id="6_letters_code" name="6_letters_code" type="text"><br>
<small>Can't read the image? click <a href='javascript: refreshCaptcha();'>here</a> to refresh</small>
</p>
<input type="submit" value="Submit" name='submit'>
</form>
<script language="JavaScript">
// Code for validating the form
// Visit http://www.javascript-coder.com/html-form/javascript-form-validation.phtml
// for details
var frmvalidator  = new Validator("contact_form");
//remove the following two lines if you like error message box popups
frmvalidator.EnableOnPageErrorDisplaySingleBox();
frmvalidator.EnableMsgsTogether();
frmvalidator.addValidation("name","req","Please provide your name"); 
frmvalidator.addValidation("email","req","Please provide your email"); 
frmvalidator.addValidation("email","email","Please enter a valid email address"); 
</script>
<script language='JavaScript' type='text/javascript'>
function refreshCaptcha()
{
 var img = document.images['captchaimg'];
 img.src = img.src.substring(0,img.src.lastIndexOf("?"))+"?rand="+Math.random()*1000;
}
</script>
<noscript>
Code from the <a href='http://www.html-form-guide.com/contact-form/html-contact-form-captcha.html'
>php contact form</a> article.
</noscript>
</body>
</html>

Anyone have some suggestions?
Thanks in advance

It looks like there is output in index.php before you include html-contact-form.php:

Quote:

output started at /home1/pembrok1/public_html/pws.co.uk/test2/index.php:7

You cannot have any output before calling session_start.

In the script you showed above, you started the session after a block of code. That is usually not the best practice. Also, The problem has to do with an include. From what I see here, I think you included the code you showed us in another page, and on that page you have started the session aswell. That will create problems

Quote:

Originally Posted by MattGoucher

In the script you showed above, you started the session after a block of code. That is usually not the best practice.

It doesn't matter how much code there is before calling session_start so long as there is no output.

Quote:

Originally Posted by MattGoucher

Also, The problem has to do with an include. From what I see here, I think you included the code you showed us in another page, and on that page you have started the session aswell. That will create problems

Calling session start multiple times will generate a notice, but otherwise it has no effect. Like I said in my previous post, the problem is having output or calls the header() prior to starting the session.