Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Another Headers already sent... error


Atrosh

Recommended Posts

Hello,

 

I've been reading about these errors and it seems they are quite common. However, doing what was suggested for everyone else has not worked for me.

 

I first noticed the problem today (the webshop is still under development..), there is nothing I can do without getting a blank screen (later I activated php errors so I could see what was happening).

 

When adding a product to the shopping cart, when trying to create a new account, it doesn't matter, I receive the same errors and the page one is supposed to get redirected to doesn't show. The problem only seems to happen when you're supposed get redirected, for instance from create_account to create_account_success, however the 'action' still happens (so if you're trying to create an account, the account will be created but you won't get redirected anywhere you just see a blank page (or a page with the errors)). The errors (removed all the 'deprecated' errors):

Warning: session_save_path(): open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/customers/*****//httpd.www:/customers/*****//httpd.private:/customers/*****//tmp:/customers/*****:/var/www/diagnostics:/usr/share/php) in /customers/*****/httpd.www/includes/functions/sessions.php on line 162

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /customers/*****/httpd.www/includes/functions/sessions.php:162) in /customers/*****/httpd.www/includes/functions/sessions.php on line 97 

Warning: Cannot modify header information - headers already sent by (output started at /customers/*****/httpd.www/includes/functions/sessions.php:162) in /customers/*****/httpd.www/includes/functions/general.php on line 33

They all seem to be pointing to sessions.php line 162, which is

 function tep_session_save_path($path = '') {
if (!empty($path)) {
return session_save_path($path);  // <-- Line 162
} else {
  return session_save_path();
}
 }

 

I've checked all files I could think of to see if there were whitespaces after the ?>, but none of them had that. Some had a newline after the ?>, but I tried removing that too but it didn't help.

 

I did add a module 2 days ago (multiple products manager), but I've already triple checked the files I edited when adding that module, and couldn't find anything wrong. Also, sessions.php was not one of the files modified in the addon (it was just 2-3 files located in admin folder, so I don't think they should affect stuff in the normal customer view).

 

I've really tried everything I could think of, but can't seem to get rid of this problem.

 

Any help will be greatly appreciated...

 

Thanks in advance,

Best regards,

Link to comment
Share on other sites

The "Headers already sent" error is just a symptom of the first error.

 

Make a folder named "bumblebee" (or some other off the wall name) in the root of the store (NOT NECESSARILY the root of the site). You might have to give it 777 permissions.

 

Then in the admin change the "Session Directory" from /tmp to bumblebee/

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Thanks alot, that removed the errors.

 

However, the problem still arises when I try to create a new account. Adding products to cart works fine when error reporting is turned OFF, but not when its on.

 

When trying to create a new account, with error reporting off the page just goes blank once you press 'submit' (but the account does get created); with error reporting on

I now get this error message:

Warning: Cannot modify header information - headers already sent by (output started at /customers/*****/httpd.www/includes/languages/swedish/create_account.php:1) in /customers/*****/httpd.www/includes/functions/general.php on line 33 

 

I've checked the mentioned file thoroughly and it does not have any whitespaces after the <?php or ?> as suggested in your guide. I downloaded and installed your addon, and this is the result from the

diagnosis on /includes/languages/swedish/create_account.php :

O/S = Linux.
/customers/*****/httpd.www/includes/languages/swedish/create_account.php has 26 lines.
The PHP start tag is on line 1.
The PHP end tag is on line 26.
Contents from start of file to the PHP start tag:

<?php[0A]

-------------------------
Contents from PHP end tag to end of file:

?> 

 

Any suggestion on what to do from here? I'm really clueless as to what to do now, thanks for your help.

 

Best regards,

Link to comment
Share on other sites

I created an account and I got no error messages.

 

You have bigger concerns.

 

Visit the link below:

 

How to Secure Your Site

 

Pay close attention to "SECURING THE ADMIN" - Yours is vulnerable.

 

It's easier to do a few security fixes now than to clean up a hacked store later.

 

And if you don't secure the admin your shop will be hacked.

 

It's just a question of when...

:o

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Thanks a lot for the help! It works now (I think the php cache was slow on updating or something, because it started working after a while without any additional changes after that).

 

Invaluable tip, I read through the link and was not aware that I had such serious security flaws! I will definitely follow the steps listed in that thread to secure

the site.

 

Thanks again, wouldn't have been aware of the vulnerability had you not pointed it out! :)

 

Best regards,

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...