close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

 
WebAssist ForumsData BridgeData Bridge General / Announcements › Security not working
Sign in to rate this thread
rating

Security not working

Thread began 7/31/2012 3:09 pm by Eric Goodman | Last modified 8/02/2012 6:58 am by Jason Byrnes | 2377 views | 13 replies |

7/31/2012 3:09 pm  |  #1 Eric Goodman

Security not working

Regarding ticket 144873

I was able to do the entire install, layer into my templates and uploaded everything.

It previews ok but when I try to register I get:

Warning: Cannot modify header information - headers already sent by (output started at /home/beeritu/public_html/registration.php:9) in /home/beeritu/public_html/webassist/form_validations/wavt_scripts_php.php on line 84

Don't know if the whole registration function, login or logout works, can't get that far...

Sign in to reply to this post

8/01/2012 7:21 am  |  #2 Jason ByrnesWebAssist

the headers already sent error is caused by output on the page between closing php tags "?>" and opening php tags "<?php".

The output can be a blank space, blank line, text or html.

The error is reporting the output around line 9 of the registration page in this section of the message:
output started at /home/beeritu/public_html/registration.php:9


see the following thread for more details on the error and troubleshooting it:
showthread.php?t=19285

Sign in to reply to this post

8/01/2012 10:34 am  |  #3 Eric Goodman

Error

Around line 9 is still just the head tag info. I don't see anything off.

Here is the info in my head tags:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>beeritual_advisor_registration</title>

<link href="main.css" rel="stylesheet">

<style type="text/css">
body {
background-image: url(images/beer_background.jpg);
background-repeat: repeat;
}
</style>

<!-- Start WOWSlider.com HEAD section -->
<link rel="stylesheet" type="text/css" href="engine1/style.css" />
<script type="text/javascript" src="engine1/jquery.js"></script>
<!-- End WOWSlider.com HEAD section -->

<script type="text/javascript">
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
</script>
</head>

Sign in to reply to this post

8/01/2012 10:41 am  |  #4 Jason ByrnesWebAssist

i would need a copy of the registration.php page in order to see the php code and troubleshoot.

what you have posted look like browser source code, not the php code from the registration page.

Sign in to reply to this post

8/01/2012 11:01 am  |  #5 Eric Goodman

Registration Page

Do you have an email I can forward it to? Too much text to post here.

Sign in to reply to this post

8/01/2012 11:05 am  |  #6 Jason ByrnesWebAssist

compress it to a zip archive and attach the zip file.

Sign in to reply to this post

8/01/2012 11:12 am  |  #7 Eric Goodman

Attachment

Here is the php for the Registration....

Attached Files
registration.php.zip
Sign in to reply to this post

8/01/2012 11:19 am  |  #8 Jason ByrnesWebAssist

the php code at line 50 - 118:

php:
<?php require_once("webassist/security_assist/wa_cryptencryption.php"); ?>

<?php require_once('Connections/beeritual.php'); ?>

<?php require_once("webassist/form_validations/wavt_scripts_php.php"); ?>

<?php require_once("webassist/form_validations/wavt_validatedform_php.php"); ?>

<?php require_once( "webassist/security_assist/helper_php.php" ); ?>

<?php require_once("webassist/database_management/wa_appbuilder_php.php"); ?>

<?php 

if (isset($_POST["Registration_submit"]))  {

  $WAFV_Redirect "".(htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES))  ."?invalid=true";

  $_SESSION['WAVT_registration_Errors'] = "";

  if ($WAFV_Redirect == "")  {

    $WAFV_Redirect $_SERVER["PHP_SELF"];

  }

  $WAFV_Errors "";

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_Email"])?$_POST["Registration_group_Email"]:"") . "",true,1);

  $WAFV_Errors .= WAValidateUnique(("beeritual"),$beeritual,$database_beeritual,"pcms2_users","UserID","none,none,NULL","".((isset($_SESSION["SecurityAssist_UserID"]))?$_SESSION["SecurityAssist_UserID"]:"0")  ."","UserEmail","',none,''","".((isset($_POST["Registration_group_Email"]))?$_POST["Registration_group_Email"]:"")  ."",true,2);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_Password"])?$_POST["Registration_group_Password"]:"") . "",true,3);

  $WAFV_Errors .= WAValidateEL((isset($_POST["Registration_group_Password"])?$_POST["Registration_group_Password"]:"") . "",6,500,true,4);

  $WAFV_Errors .= WAValidateLE((isset($_POST["Registration_group_Confirm"])?$_POST["Registration_group_Confirm"]:"") . "",(isset($_POST["Registration_group_Confirm"])?$_POST["Registration_group_Confirm"]:"") . "",true,5);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_First_Name"])?$_POST["Registration_group_First_Name"]:"") . "",true,6);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_Last_Name"])?$_POST["Registration_group_Last_Name"]:"") . "",true,7);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_Address"])?$_POST["Registration_group_Address"]:"") . "",true,8);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_City"])?$_POST["Registration_group_City"]:"") . "",true,9);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_State"])?$_POST["Registration_group_State"]:"") . "",true,10);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_10_Zip"])?$_POST["Registration_group_10_Zip"]:"") . "",true,11);

  $WAFV_Errors .= WAValidateRQ((isset($_POST["Registration_group_1_Phone"])?$_POST["Registration_group_1_Phone"]:"") . "",true,12);

  $WAFV_Errors .= WAValidateLE((strtolower(isset($_POST["Security_Code"])?$_POST["Security_Code"]:"")) . "",((isset($_SESSION["captcha_Security_Code"]))?strtolower($_SESSION["captcha_Security_Code"]):"") . "",true,13);

  $WAFV_Errors .= WAValidateLE((strtolower(isset($_POST["Security_Answer"])?$_POST["Security_Answer"]:"")) . "",((isset($_SESSION["random_answer"]))?strtolower($_SESSION["random_answer"]):"") . "",true,14);

  $WAFV_Errors .= WAValidateRX((isset($_POST["Hidden_Field"])?$_POST["Hidden_Field"]:"") . "","/.* /",false,15);



  if ($WAFV_Errors != "")  {

    PostResult($WAFV_Redirect,$WAFV_Errors,"registration");

  }

}

?>

<?php 

// WA DataAssist Insert

if ((isset($_POST["Registration_submit"]) && $_POST["Registration_submit"] != "")) // Trigger

{

  $WA_connection $beeritual;

  $WA_table "pcms2_users";

  $WA_sessionName "SecurityAssist_UserID";

  $WA_redirectURL "login.php?success=1";

  if (function_exists("rel2abs")) $WA_redirectURL $WA_redirectURL?rel2abs($WA_redirectURL,dirname(__FILE__)):"";

  $WA_keepQueryString true;

  $WA_fieldNamesStr "UserEmail|UserPassword|UserFirstName|UserLastName|UserAddress|UserAddress2|UserCity|UserState|UserZip|UserCountry|UserPhone|UserFax";

  $WA_fieldValuesStr "".((isset($_POST["Registration_group_Email"]))?$_POST["Registration_group_Email"]:"")  ."" $WA_AB_Split "".((($_POST["Registration_group_Password"] != ""))?WA_CryptEncryption($_POST["Registration_group_Password"]):$row_SecurityAssistpcms2users["UserPassword"])  ."" $WA_AB_Split "".((isset($_POST["Registration_group_First_Name"]))?$_POST["Registration_group_First_Name"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_Last_Name"]))?$_POST["Registration_group_Last_Name"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_Address"]))?$_POST["Registration_group_Address"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_Address_2"]))?$_POST["Registration_group_Address_2"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_City"]))?$_POST["Registration_group_City"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_State"]))?$_POST["Registration_group_State"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_10_Zip"]))?$_POST["Registration_group_10_Zip"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_11_Country"]))?$_POST["Registration_group_11_Country"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_1_Phone"]))?$_POST["Registration_group_1_Phone"]:"")  ."" $WA_AB_Split "".((isset($_POST["Registration_group_1_Fax"]))?$_POST["Registration_group_1_Fax"]:"")  ."";

  $WA_columnTypesStr "',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''";

  $WA_fieldNames explode("|"$WA_fieldNamesStr);

  $WA_fieldValues explode($WA_AB_Split$WA_fieldValuesStr);

  $WA_columns explode("|"$WA_columnTypesStr);

  $WA_connectionDB $database_beeritual;

  mysql_select_db($WA_connectionDB$WA_connection);

  @session_start();

  $insertParamsObj WA_AB_generateInsertParams($WA_fieldNames$WA_columns$WA_fieldValues, -1);

  $WA_Sql "INSERT INTO `" $WA_table "` (" $insertParamsObj->WA_tableValues ") VALUES (" $insertParamsObj->WA_dbValues ")";

  $MM_editCmd mysql_query($WA_Sql$WA_connection) or die(mysql_error());

  $_SESSION[$WA_sessionName] = mysql_insert_id($WA_connection);

  if ($WA_redirectURL != "")  {

    $WA_redirectURL str_replace("[Insert_ID]",$_SESSION[$WA_sessionName],$WA_redirectURL);

    if ($WA_keepQueryString && $WA_redirectURL != "" && isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] !== "" && sizeof($_POST) > 0) {

      $WA_redirectURL .= ((strpos($WA_redirectURL'?') === false)?"?":"&").$_SERVER["QUERY_STRING"];

    }

    header("Location: ".$WA_redirectURL);

  }

}

?>

<?php 

require_once("webassist/security_assist/wa_cryptencryption.php"); ?>




should be at line 1 of the page, this php code needs to come before the HTML code on your page.

In fact this page is very badly formatted altogether.

there is a doctype, <head> and <body section started at lines 1 - 49 and a second doctype, <head> and <body> section started at lines 118 - 135. this is not valid HTML. having the 2 doctype tags in place is probably why the Security assist code was placed incorrectly

Sign in to reply to this post

8/01/2012 11:57 am  |  #9 Eric Goodman

Security

I moved that code to the beginning as mentioned.

Now it seems as though login isn't going and probably the other stuff as well.

This site was put together pretty simply with div and content. I don't know why the software isn't putting the code in the right spots. Attached are the other files.

Attached Files
Archive.zip
Sign in to reply to this post

8/01/2012 12:22 pm  |  #10 Jason ByrnesWebAssist

all of the pages have the same problem, there are duplicate doctype, head and body tags on your page, this is causing the problems.

are you applying a template to the pages after they are created? or do the pages already exist? It looks like you have pages that already exist that have poorly formatted code. Delete the pages and run the Security Assist wizard again to re create tehm without having the existing pages in place.

to apply your site design after security assist has created them, you should use a template.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Everything else!

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

go to page top
Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...