Ich bin heute mit meiner Seite auf einen neuen Server umgezogen.
Ich habe auf dem neuen Server die Datenbank eingefügt, in der config.php die Daten geändert und die Dateien auf den Server geladen.
An sich ist die Seite auch wieder erreichbar.
Allerdings erhalte ich bei einigen aktionen nun Fehler meldungen.
Beim einloggen steht oben über dem header:
Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/w00aa6b6/matze/include/includes/config.php:9) in /www/htdocs/w00aa6b6/matze/include/includes/func/user.php on line 96
Beim ausloggen steht oben über dem Header:
Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/w00aa6b6/matze/include/includes/config.php:9) in /www/htdocs/w00aa6b6/matze/include/includes/func/user.php on line 158
Hier mal die User.php
<?php # hier werden alle user spezifischen funktionen # definert... function user_identification () { user_auth(); user_login_check(); user_update_database(); user_check_url_rewrite(); } function user_auth () { debug ('user - auth gestartet'. session_id()); $cn = session_und_cookie_name(); if (!user_key_in_db() OR !isset($_SESSION['authid']) OR (isset($_SESSION['authsess']) AND $_SESSION['authsess'] != $cn)) { debug ('user - nicht in db oder nicht authid'); user_set_guest_vars(); user_set_user_online (); # wenn cn cookie vorhanden # dann checken ob er sich damit einloggen darf if (isset($_COOKIE[$cn])) { user_auto_login_check(); } # gruppen, und modulzugehoerigkeit setzten user_set_grps_and_modules(); } } function user_check_url_rewrite() { global $allgAr; if ( !loggedin() AND $allgAr['show_session_id'] == 0 ) { # loescht die sessionid von allen urls # auch urls wie formulare usw. damit # suchmaschienen bots nicht iritiert sind ;) # output_reset_rewrite_vars ist eine php funktion # nicht unnoetig dannach suchen ;) ... output_reset_rewrite_vars (); } } function user_update_database () { $dif = date('Y-m-d H:i:s', time() - 7200); db_query("UPDATE prefix_online SET uptime = now() WHERE sid = '".session_id()."'"); db_query("DELETE FROM prefix_online WHERE uptime < '". $dif."'"); if ( loggedin() ) { db_query("UPDATE prefix_user SET llogin = '".time()."' WHERE id = '".$_SESSION['authid']."'"); } } function user_set_user_online () { global $allgAr; if (0 == db_result(db_query("SELECT COUNT(*) FROM prefix_online WHERE sid = '".session_id()."'"),0) ) { db_query("INSERT INTO prefix_online (sid,uptime,ipa) VALUES ('".session_id()."',now(),'".getip()."')"); } $_SESSION['authgfx'] = $allgAr['gfx']; } function user_key_in_db() { if ( 1 == db_result(db_query("SELECT COUNT(*) FROM prefix_online WHERE sid = '".session_id()."'"),0) ) { return ( true ); } else { return ( false ); } } function session_und_cookie_name () { return (md5(dirname($_SERVER["HTTP_HOST"].$_SERVER["SCRIPT_NAME"]).DBPREF)); } function user_login_check () { if ( isset ($_POST['user_login_sub']) AND isset ($_POST['name']) AND isset ($_POST['pass']) ) { debug ('posts vorhanden'); $name = escape_nickname($_POST['name']); if ($name != $_POST['name'] OR strlen($_POST['name']) > 15) { return false; } $erg = db_query("SELECT name,id,recht,pass,llogin FROM prefix_user WHERE name = BINARY '".$name."'"); if ( db_num_rows($erg) == 1 ) { debug ('user gefunden'); $row = db_fetch_assoc($erg); if ( $row['pass'] == md5($_POST['pass']) ) { debug ('passwort stimmt ... '.$row['name']); $_SESSION['authname'] = $row['name']; $_SESSION['authid'] = $row['id']; $_SESSION['authright'] = $row['recht']; $_SESSION['lastlogin'] = $row['llogin']; $_SESSION['authsess'] = session_und_cookie_name(); db_query("UPDATE prefix_online SET uid = ".$_SESSION['authid']." WHERE sid = '".session_id()."'"); setcookie($_SESSION['authsess'], $row['id'].'='.$row['pass'] , time() + 31104000, "/" ); user_set_grps_and_modules(); return (true); } } global $menu; $menu->set_url (0, 'user'); $menu->set_url (1, 'login'); } return ( false ); } function user_auto_login_check () { $cn = session_und_cookie_name(); $dat = explode('=',$_COOKIE[$cn]); $id = $pw = 0; if (isset($dat[0])) { $id = escape($dat[0], 'integer'); } if (isset($dat[1])) { $pw = $dat[1]; } debug (' pw ' . $pw ); debug (' id ' . $id ); $erg = db_query("SELECT name,id,recht,pass,llogin FROM prefix_user WHERE id = ".$id); if (db_num_rows($erg) == 1) { debug ('benutzer gefunden'); $row = db_fetch_assoc($erg); if ($row['pass'] == $pw) { debug ('passwoerter stimmen'); debug ($row['name']); $_SESSION['authname'] = $row['name']; $_SESSION['authid'] = $row['id']; $_SESSION['authright'] = $row['recht']; $_SESSION['lastlogin'] = $row['llogin']; $_SESSION['authsess'] = $cn; db_query("UPDATE prefix_online SET uid = ".$_SESSION['authid']." WHERE sid = '".session_id()."'"); setcookie($cn, $row['id'].'='.$row['pass'], time() + 31104000, "/" ); return (true); } } user_logout (); return (false); } function user_set_guest_vars() { $_SESSION['authname'] = 'Gast'; $_SESSION['authid'] = 0; $_SESSION['authright'] = 0; $_SESSION['lastlogin'] = time(); $_SESSION['authgrp'] = array(); $_SESSION['authmod'] = array(); $_SESSION['authsess'] = session_und_cookie_name(); } function user_markallasread () { $_SESSION['lastlogin'] = time(); } function user_logout () { #global $allgAr; #$_SESSION = array(); #$_SESSION['authgfx'] = $allgAr['gfx']; user_set_guest_vars(); db_query("UPDATE prefix_online SET uid = ".$_SESSION['authid']." WHERE sid = '".session_id()."'"); setcookie(session_und_cookie_name(), "", time()-999999999999, "/" ); #if (isset($_COOKIE[session_name()])) { # setcookie(session_name(), '', time()-99999999999931104000, '/'); #} #setcookie(session_und_cookie_name(), "", time()-999999999999, "/" ); #session_destroy(); } function user_set_grps_and_modules () { $_SESSION['authgrp'] = array(); $_SESSION['authmod'] = array(); if ( loggedin() ) { $erg = db_query("SELECT gid FROM prefix_groupusers WHERE uid = ".$_SESSION['authid']); while ( $row = db_fetch_assoc ( $erg ) ) { $_SESSION['authgrp'][$row['gid']] = TRUE; } $erg = db_query("SELECT DISTINCT url FROM prefix_modulerights left join prefix_modules on prefix_modules.id = prefix_modulerights.mid WHERE uid = ".$_SESSION['authid']); while ( $row = db_fetch_assoc ( $erg ) ) { $_SESSION['authmod'][$row['url']] = TRUE; } } } function loggedin () { if ( has_right(-1) ) { return ( true ); } else { return ( false ); } } function is_admin () { if ( has_right(-9) ) { return ( true ); } else { return ( false ); } } function is_coadmin () { if ( has_right(-8) ) { return ( true ); } else { return ( false ); } } function is_siteadmin ($m = NULL) { if ( has_right(-7) ) { return ( true ); } if ( !is_null($m) AND has_right(NULL, $m)) { return (true); } return ( false ); } # diese funktion liefert immer true wenn es ein admin ist. # wenn kein kein admin wird geprueft ob der user # entweder ein angegebenes recht oder in einer angegebene # gruppe ist. oder ob er fals angegben das modulrecht hat. # wenn eines von diesen 3 kriterien stimmt wird true ansonsten # wenn keins uebereinstimmt false zurueck gegeben. function has_right ($recht,$modul = '') { if ( !is_array($recht) AND !is_null($recht) ) { $recht = array ( $recht ); } if ( $_SESSION['authright'] == -9 ) { return ( true ); } if ( !is_null($recht) ) { foreach ( $recht as $v ) { if ( ($v <= 0 AND $v >= $_SESSION['authright'] ) OR (isset($_SESSION['authgrp'][$v]) AND $_SESSION['authgrp'][$v] === true) ) { return (true); } } } if ( !empty($modul) AND isset($_SESSION['authmod'][$modul]) AND $_SESSION['authmod'][$modul] === true ) { return ( true ); } return (false); } ### admin # wenn der 2. parameter weggelassen wird oder auf true gesetzt wird # dann wird ein login formular angezeigt, wenn der user kein admin ist. # wird der parameter auf false gesetzt wird das login formular nicht angezeigt. # erste parameter ist das menu objekt... function user_has_admin_right (&$menu,$sl=true) { if ( $_SESSION['authright'] <= -8 ) { # co leader... return ( true ); } else { $uri_to_check1 = $menu->get(0); $uri_to_check2 = $menu->get(1); if ( count($_SESSION['authmod']) < 1 OR !loggedin() ) { if ( $sl === true ) { if ( !loggedin() ) { $tpl = new tpl ( 'user/login.htm' ); $tpl->set_out('WDLINK','admin.php',0); } else { echo '<strong>Keine Berechtigung!</strong> <a href="index.php">Startseite</a>'; } } return ( false ); } elseif ( (isset($_SESSION['authmod'][$uri_to_check1]) AND $_SESSION['authmod'][$uri_to_check1] == true) OR (isset($_SESSION['authmod'][$uri_to_check1.'-'.$uri_to_check2]) AND $_SESSION['authmod'][$uri_to_check1.'-'.$uri_to_check2] == true) ) { return ( true ); } elseif ( count($_SESSION['authmod']) > 0 AND loggedin() ) { if ( $sl === true ) { foreach($_SESSION['authmod'] as $k => $v ) { $x = $k; break; } $x = explode('-',$x); $menu->set_url (0, $x[0]); if ( isset($x[1]) ) { $menu->set_url (1, $x[1]); } } return ( true ); } } return ( false ); } function user_regist ($name, $mail, $pass) { global $allgAr, $lang; $erg = db_query("SELECT id FROM prefix_user WHERE name = BINARY '".$name."'"); if (db_num_rows($erg) > 0) { return (false); } if ( $allgAr['forum_regist_user_pass'] == 0 ) { $new_pass = genkey(8); } else { $new_pass = $pass; } $md5_pass = md5($new_pass); $confirmlinktext = ''; # confirm insert in confirm tb not confirm insert in user tb if ( $allgAr['forum_regist_confirm_link'] == 1 ) { # confirm link + text ... bit of shit put it in languages file $page = $_SERVER["HTTP_HOST"].$_SERVER["SCRIPT_NAME"]; $id = md5 (uniqid (rand())); $confirmlinktext = "\n".$lang['registconfirm']."\n\n".sprintf($lang['registconfirmlink'], $page, $id ); db_query("INSERT INTO prefix_usercheck (`check`,name,email,pass,datime,ak) VALUES ('".$id."','".$name."','".$mail."','".$md5_pass."',NOW(),1)"); } else { db_query("INSERT INTO prefix_user (name,pass,recht,regist,llogin,email,status,opt_mail,opt_pm) VALUES('".$name."','".$md5_pass."',-1,'".time()."','".time()."','".$mail."',1,1,1)"); $userid = db_last_id(); } $regmail = sprintf($lang['registemail'],$name, $confirmlinktext, $name, $new_pass); icmail($mail,'Anmeldung',$regmail); # email an user return (true); } function user_remove($uid){ $row = @db_fetch_object(db_query("SELECT recht,avatar FROM prefix_user WHERE id = ".$uid)); if ( $uid <> 1 AND ($_SESSION['authid'] == $uid OR $_SESSION['authid'] == 1 OR (is_coadmin() AND $_SESSION['authright'] < $row->recht))) { db_query("DELETE FROM prefix_user WHERE id = ".$uid); db_query("DELETE FROM prefix_userfields WHERE uid = ".$uid); db_query("DELETE FROM prefix_groupusers WHERE uid = ".$uid); db_query("DELETE FROM prefix_modulerights WHERE uid = ".$uid); db_query("DELETE FROM prefix_pm WHERE eid = ".$uid); db_query("DELETE FROM prefix_online WHERE uid = ".$uid); //Usergallery entfernen $sql = db_query("SELECT id,endung FROM prefix_usergallery WHERE uid = ".$uid); while( $r = db_fetch_object($sql) ){ @unlink("include/images/usergallery/img_$r->id.$r->endung"); @unlink("include/images/usergallery/img_thumb_$r->id.$r->endung"); } db_query("DELETE FROM prefix_usergallery WHERE uid = ".$uid); //Avatar @unlink($row->avatar); } } function sendpm ($sid,$eid,$ti,$te,$status = 0) { db_query("INSERT INTO `prefix_pm` (sid,eid,time,titel,txt,status) VALUES (".$sid.",".$eid.",'".time()."','".$ti."','".$te."',".$status.")"); } ?>
Und wenn ich auf eigene Forumsbeiträge klicke erscheint eine weiße seite wo steht:
Warning: Cannot modify header information - headers already sent by (output started at /www/htdocs/w00aa6b6/matze/include/includes/config.php:9) in /www/htdocs/w00aa6b6/matze/include/contents/search.php on line 57
Hier die search.php
<?php # Copyright by: Manuel # Support: www.ilch.de defined ('main') or die ( 'no direct access' ); function serach_mark($text,$such) { #$text = BBcode($text); $serar = explode(' ', $such); $text = strip_tags($text); $text = stripslashes($text); $rte = ''; $tleng = 30; foreach($serar as $v) { $firs = strpos(strtolower($text),strtolower($v)); $begi = (($firs - $tleng) < 0 ? 0 : $firs - $tleng ); $leng = strlen($text); $ende = (($firs + strlen($v) + $tleng) > $leng ? $leng : $firs + strlen($v) + $tleng ); $ttxt = substr($text,$begi,($ende - $begi)); $rte .= ' ... '.preg_replace("/".$v."/si",'<b>'.$v.'</b>',$ttxt); } return ($rte); } function search_finduser() { $design = new design ( 'Finduser' , '', 0 ); $design->header(); $tpl = new tpl ( 'search_finduser' ); $tpl->out(0); if ( isset ( $_POST['sub'] ) AND !empty($_POST['name']) ) { $name = str_replace('*',"%",$_POST['name']); $name = escape($name, 'string'); $q = "SELECT name,name FROM prefix_user WHERE name like '".$name."'"; $tpl->set ('username',dbliste('',$tpl,'username',$q)); $tpl->out(1); } $tpl->out(2); $design->footer(); } if ($menu->get(1) == 'finduser') { search_finduser(); exit(); } $such = ''; if ($menu->get(1) != '') { $such = $menu->get(1); } elseif (isset($_REQUEST['search'])) { $such = $_REQUEST['search']; } if ($such == 'aubt' OR $such == 'augt' OR $such == 'aeit') { header('Location: index.php?forum-'.$such); exit(); } $such = stripslashes(escape($such, 'string')); $snac = 'Suche'; if ($such == 'augt' OR $such == 'aeit' OR $such == 'aubt') { $ar_s = array('aubt'=>'unbeantworteten Themen','aeit'=>'eigenen Beiträgen','augt'=>'neue Themen seit dem letzten Besuch'); $snac = $ar_s[$such]; } elseif ( isset($_REQUEST['search']) ) { $snac = 'nach: '.$such; } $title = $allgAr['title'].' :: Suchen :: '.htmlentities($snac); $hmenu = '<a class="smalfont" href="index.php?search">Suchen</a><b> » </b>'.htmlentities($snac); $design = new design ( $title , $hmenu ); $design->header(); $tpl = new tpl ('search'); $tpl->set ('size', 30); $gAnz = 0; $autor = ''; if(isset($_GET['autor'])) { $autor = escape($_GET['autor'],'string'); } $tpl->set ('autor', $autor); if(isset($_GET['in'])) { for($i=1;$i<=3;$i++){ if($_GET['in'] == $i) { $tpl->set ('checked'.$i, 'checked="checked"'); } } } else $tpl->set ('checked1', 'checked="checked"'); if ($such != 'augt' AND $such != 'aeit' AND $such != 'aubt') { $tpl->set('search',escape_for_fields($such),0); } if(isset($_GET['days'])) { $days = ($_GET['days'] == 0 ? 360 : intval($_GET['days'])); } else $days = 360; $days_ar = array( 360 => 'alle Beiträge (1 Jahr)', 1 => '1 Tag', 7 => '7 Tage', 14 => '2 Wochen', 30 => '1 Monat', 90 => '3 Monate', 180 => '6 Monate'); $tpl->set('days',arlistee($days, $days_ar)); $tpl->out(0); if (!empty($such) OR !empty($autor)) { $page = 1; if (isset($_GET['page'])) { $page = str_replace('-p','',$_GET['page']); } $limit = 25; // Limit $anfang = ($page - 1) * $limit; $x = time() - (3600 * 24 * $days); $such = str_replace('-','',$such); $such = str_replace('=','',$such); $such = str_replace('&','',$such); $serar = explode(' ', $such); $str_forum = ''; $str_forum_a = ''; $str_news = ''; $str_news_a = ''; $str_downs = ''; $str_downs_ = ''; $str_downs_a = ''; foreach($serar as $v) { $str = str_replace('\'','',$v); $str = str_replace('"','',$str); $str = addslashes($str); if ( !empty($str) ) { if($_GET['in'] == 1) { $str_forum .= "txt LIKE '%".$str."%' AND "; } elseif($_GET['in'] == 2) { $str_news .= "news_text LIKE '%".$str."%' AND "; } elseif($_GET['in'] == 3) { $str_downs .= "`descl` LIKE '%".$str."%' AND "; $str_downs_ .= "name LIKE '%".$str."%' AND "; } } } if(isset($_GET['autor'])) { if($_GET['in'] == 1) { $str_forum_a .= "c.erst LIKE '%".$autor."%' AND "; } elseif($_GET['in'] == 2) { $str_news_a .= "`name` LIKE '%".$autor."%' AND "; } elseif($_GET['in'] == 3) { $str_downs_a .= "`creater` LIKE '%".$autor."%' AND "; } } // 1 = forum, ist immer standart $q = " SELECT DISTINCT a.fid as fid, a.name as titel, 'foru' as typ, a.id as id, `time`, c.erst as autor FROM prefix_posts c LEFT JOIN prefix_topics a ON a.id = c.tid LEFT JOIN prefix_forums b ON b.id = a.fid LEFT JOIN prefix_groupusers vg ON vg.uid = ".$_SESSION['authid']." AND vg.gid = b.view LEFT JOIN prefix_groupusers rg ON rg.uid = ".$_SESSION['authid']." AND rg.gid = b.reply LEFT JOIN prefix_groupusers sg ON sg.uid = ".$_SESSION['authid']." AND sg.gid = b.start WHERE (((b.view >= ".$_SESSION['authright']." AND b.view <= 0) OR (b.reply >= ".$_SESSION['authright']." AND b.reply <= 0) OR (b.start >= ".$_SESSION['authright']." AND b.start <= 0)) OR (vg.fid IS NOT NULL OR rg.fid IS NOT NULL OR sg.fid IS NOT NULL OR ".$_SESSION['authright']." = -9)) AND (".$str_forum." 1 = 1) AND (".$str_forum_a." 1 = 1) AND (time >= ". $x .") GROUP BY a.id ORDER BY time DESC"; if(isset($_GET['in'])) { if($_GET['in'] == 2) { $q = " SELECT DISTINCT 0 as fid, news_title as titel, 'news' as typ, news_id as id, news_time as `time`, prefix_user.name as autor FROM prefix_news LEFT JOIN prefix_user ON prefix_news.user_id = prefix_user.id WHERE (".$str_news." 1 = 1) AND (".$str_news_a." 1 = 1) AND (news_time >= ". $x .") ORDER BY `time` DESC"; } elseif($_GET['in'] == 3) { $q = " SELECT DISTINCT 0 as fid, CONCAT( name, ' ', version ) AS titel, 'down' as typ, id, UNIX_TIMESTAMP(`time`) as `time`, creater as autor FROM prefix_downloads WHERE ((".$str_downs." 1 = 1) OR (".$str_downs_." 1 = 1)) AND (".$str_downs_a." 1 = 1) AND (UNIX_TIMESTAMP(`time`) >= ". $x .") ORDER BY UNIX_TIMESTAMP(`time`) DESC"; } } $gAnz = db_num_rows(db_query($q)); $q .= " LIMIT ".$anfang.",".$limit; $MPL = db_make_sites ($page , "" , $limit , "index.php?search=".urlencode($such)."&autor=".urlencode($autor)."&in=".$_GET['in']."&days=".$days."&page=", "", $gAnz ); $tpl->set_ar_out(array('MPL'=>$MPL,'gAnz'=>$gAnz),1); $q = db_query($q); $class = ''; while($r = db_fetch_assoc($q) ) { $class = ($class == 'Cmite' ? 'Cnorm' : 'Cmite' ); $r['class'] = $class; if ($r['typ'] == 'foru') { $r['ctime'] = db_result(db_query("SELECT MAX(time) FROM prefix_posts WHERE tid = ".$r['id']),0,0); $r['ord'] = forum_get_ordner($r['ctime'],$r['id'],$r['fid']); $r['link'] = 'forum-showposts-'.$r['id']; } elseif ($r['typ'] == 'news') { $r['ord'] = 'ord'; $r['link'] = 'news-'.$r['id']; } elseif ($r['typ'] == 'down') { $r['ord'] = 'ord'; $r['link'] = 'downloads-show-'.$r['id']; } $tpl->set_ar_out($r,2); } $tpl->out(3); } $design->footer(); ?>
Was ist hier das Problem?
verwendete ilchClan Version: 1.1
betroffene Homepage: externer Link