Why i get everytime the error-message that i've already sent the headers

i've another question about web-programming.

I programmed a login script, but everytime when i try to login it says that i've send the header informations already.

Here are the 2 files:

<?php
if($_GET['logout'] == 1) {
    setcookie('authorized', 1, time()-3600);    
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <title>Login - photoAdminSite</title>
</head>

<style type="text/css"> 
    body {
    text-align: center;
    font-family: helvetica;
    }

    #loginForm {
    padding: 1em;
    background: #e3e3e3;
    width: 260px;
    margin: 3em auto 0;
    text-align: left;

    }
</style>

<body>

<div id="loginForm">
<form method="post" action="confirm_login_credentials.php">

<h2>LOGIN</h2>
<p>Username: <input type="text" name="username" /></p>
<p>Password: <input type="password" name="password" /></p>
<p><input type="submit" value="Login" name="submit" /></p>

</form>
</div>
</body>
</html>





<?php
$username = $_POST['username'];
$password = $_POST['password'];

require 'database.php';

$q = "SELECT id FROM users_photoadm开发者_运维百科insite WHERE user_name = '$username' AND password = '$password'";

$result = $mysqli->query($q) or die(mysqli_error());

if (mysqli_num_rows($result) == 1) {
    setcookie('authorized', 1, 0);
    header("Location: index.php");
} else {
    header("Location: login.php");  
}
?>

i would be really happy about some helpful answers.

Cookies and Headers must be set before any output is sent to the browser. Try moving your login script to the top of the page. You might want to also consider sanitizing your queries to prevent malicious activity.

You might have an empty line in the beginning of that php file. Maybe space before start of PHP script

See lines 60, 61, and 63, and how they come after all your HTML? Put them before instead.

When PHP says it's already sent the headers, it means that some text has already been output by the script (or the script that called it). This includes any and all error messages.

When the FIRST piece of text is output by PHP it sends its headers, but not before. In order to get HTTP cookies (part of the headers) to be set, the cookies must be sent before any text is output.

What you can do is enable output buffering using ob_start, and ob_end_flush, and other output-control functions.

What you can also do is to set the php.ini variable to automatically send the cookie header when it outputs text.

If you do not have output_buffering enabled in your php.ini you will get this error because it will start sending the html right away. You need to edit your php.ini to enable output buffering.

Is this on Windows? Check for BOM. Open it in Notepad and save it as ANSI to see if it helps.