Okay here is the deal I am using CI, and well they utilize sessions. Well what happens is they create a session, put all the data from the session in a serialized and encrypted cookie, gets written, then gets read and decrypted & deserialized. So when using there sessions you are in essence witting a cookie that links to a php session.

Well I am getting the Headers already started issue. Now I swear that I have made sure that there is NO output to the browser before any SESSION calls. (since it acts like a normal session). Now for the life of me, I have been racking my brain for the past week trying to figure out this stupid problem.

So here is the source.
UserMgmt.php

PHP Code:

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed'); 

class UserMgmt extends Model {
    function __construct(){
        parent::model();    
        $this->load->library('parser');
        $this->load->helper('url');
        $this->load->library('user_agent');
        $this->load->library('validation');
        $this->load->library('encrypt');
        $this->load->library('email');
        //$this->load->library('themechooser');
        $this->load->helper(array('form', 'url'));
    }
    // Auth Segments
    function doLogin(){
        $rules['username'] = "callback_isreg|required|xss_clean";
        $rules['password'] = "required";
        $fields['username'] = "Username";
        $fields['password'] = "Password";
        $this->validation->set_fields($fields);
        $this->validation->set_rules($rules);
        $this->validation->set_error_delimiters('<div id="error" class="error">', '</div>');
        if($this->validation->run() == FALSE ){
            if($this->config->item('debug') == TRUE){
                echo "Debug: Location, Auth / UserMgmt / Do Login -> Validation == FALSE<br />";
            }
            $this->load->view('global/auth/login_form');
        }
        else{
            if($this->config->item('debug') == TRUE){
                echo "Debug: Location, Auth / UserMgmt / Do Login -> Validation == TRUE<br />";
            }
            
            $this->VerifyAuth();
        }
    }
    function VerifyAuth(){
        if($this->config->item('debug') == TRUE){
            echo "Debug: Location, Auth / UserMgmt / Verify Login No Real Out Put Yet.<br />";
        }

        $post_array = array(
            'username' => $this->input->post('username', TRUE),
            'password' => md5($this->input->post('password')),
        );
        $query = $this->db->query("SELECT * FROM users WHERE username='". $post_array['username'] ."'");
        $row = $query->row_array();
        if($row['password'] !== $post_array['password']){
            /*
            This is/was for debugging to find out why passwords were not set right
            if($this->config->item('debug') == TRUE){
                echo "PWD in DB = ". $row['password'] ."\n";
                echo "PWD Received is ". $post_array['password'] ."\n";
            }
            else{ */
                //show_error('Incorrect Password Try again');
                $data['strike'] = 0;
                $data['limit'] = 0;
                echo $this->parser->parse("auth/invalid",$data,true);
            // }
        }
        elseif($row['active'] == 'no'){
            show_error('Your account is currently disabled,  Please contact the site Admin by <a href="'. site_url('messaging/unreg/admin') .'">Clicking here</a>');
        }
        else{
            $logged_array = array(
                            "username" => $row['username'],
                            "lvl" => $row['lvl'],
                            'uid' => $row['id'],
                            'loggedin' => TRUE,
                            );
            return $logged_array;
            //$this->session->set_userdata($logged_array);
            redirect('/members', 'refresh');
        }
    }    
    private function isreg($str){
        $query = $this->db->query("SELECT * FROM users WHERE username='". $str ."'");
        if(!$query->num_rows()){
            $this->validation->set_message('username', 'Username is not registered');
            return FALSE;
        }
        else{
            return TRUE;
        }
    }
    function doLogout(){
        $logged_array = array(
                "username" => '',
                "lvl" => '',
                'uid' => '',
                'loggedin' => FALSE,
                );
        return $logged_array;//$this->session->unset_userdata($logged_array);
        redirect('', 'refresh');

    }
    function forgot_pwd(){
        $rules['email'] = "callback_email|required|xss_clean";
        $fields['email'] = "Email Should be filled in";
        if($this->config->item('debug') == TRUE){
            $this->validation->set_rules($rules);
            $this->validation->set_fields($fields);            
            $data['captcha'] = 'not required';
        }
        else{
            $rules['recaptcha_response_field'] = 'required|callback_check_captcha';
            $fields['recaptcha_response_field'] = "Captcha Image Verification";        
            $this->validation->set_fields($fields);
            $this->load->library('recaptcha');
            $data = array(
              'captcha' => $this->recaptcha->recaptcha_get_html()
            );
            
            $this->validation->set_rules($rules);            
        }
        $this->validation->set_error_delimiters('<div class="error" id="error" align="center">', '</div>');
        if($this->validation->run() == FALSE ){
            $this->load->view('global/auth/forgot',$data);
        }
        else{
            $this->SendNewPwd();
        }
    }
    // Function to check to see if captcha is correctly submitted
    private function check_captcha($val) {
        $this->recaptcha->recaptcha_check_answer($_SERVER["REMOTE_ADDR"],$this->input->post('recaptcha_challenge_field'),$val);
            if ($this->recaptcha->is_valid) {
            return true;
        } else {
            $this->validation->set_message('check_captcha','Incorrect Security Image Response');
            return false;
        }
    }
    private function email($str){
        $query = $this->db->query("SELECT * FROM users WHERE email='". $str ."'");
        if(!$query->num_rows()){
            $this->validation->set_message('email', 'The Email address you provided is not on file');
            return FALSE;
        }
        else{
            return TRUE;
        }
    }

    function SendNewPwd(){
        
        $this->load->library('email');
        $hash = $this->encrypt->get_rand_id(8);    
        $post_array = array(
            'email' => $this->input->post('email', TRUE),
            );
        $data = array(
                    'reg_hash' => $hash,
                    );
        $this->db->where('email', $post_array['email']);
        $this->db->update('users', $data); 
        $query = $this->db->query("SELECT * FROM users WHERE email='". $post_array['email'] ."'");
        $row = $query->row_array();
        $data['base'] = base_url();
        $data['email'] = $post_array['email'];
        $link = site_url("auth/setnew_pwd/". $row['id'] ."/". $row['reg_hash']);
        $data = array(
            'link' => $link,
            'site' => $this->config->item('site'),
            'usr' => $row['username'],
            'pwd' => $this->input->post('password'),
            );
        if($this->config->item('debug') == TRUE){
                $this->parser->parse('emails/forgot_pwd', $data);
        }
        else{
            $msg = $this->parser->parse('emails/forgot_pwd', $data,TRUE);
            $this->email->from("no-reply@".$this->config->item('domain'), "NO-REPLY - ". $this->config->item('domain'));
            $this->email->to($array['email']);
            $this->email->subject('Registration');
            $this->email->message($msg);
            $this->email->send();
        }        
    }
    function setnew_pwd(){
        $uid = $this->uri->segment(3);
        $hash = $this->uri->segment(4);
        $query = $this->db->query("SELECT * FROM users WHERE id='". $uid ."' AND reg_hash='". $hash ."'");
        if($query->num_rows() !== 1){
            show_error("Sorry no this information provided is invalid");
        }
        else{
            $row = $query->row_array();
            $rules['username'] = "callback_isreg|required|xss_clean";
            $rules['password'] = "required|match[password2]|min_length[5]|max_legnth[12]|md5";
            $rules['password2'] = "required";
            $fields['username'] = "Username";
            $fields['password'] = "Password";
            $fields['password2'] = "Retype Password";
            if($this->config->item('debug') == TRUE){
                $this->validation->set_rules($rules);
                $this->validation->set_fields($fields);            
                $data['captcha'] = 'not required';
            }
            else{
                $rules['recaptcha_response_field'] = 'required|callback_check_captcha';
                $fields['recaptcha_response_field'] = "Captcha Image Verification";        
                $this->validation->set_fields($fields);
                $this->load->library('recaptcha');
                $data = array(
                  'captcha' => $this->recaptcha->recaptcha_get_html()
                );
                
                $this->validation->set_rules($rules);            
            }
            $this->validation->set_error_delimiters('<div class="error" id="error" align="center">', '</div>');
            if($this->validation->run() == FALSE ){
                //$this->themechooser->getTheme();
                $this->load->view('global/auth/set_pwd',$data);
                //$view = 'global/auth/set_pwd';
                
            }
            else{
                $this->AddPwd($row['id']);
            }
        }
    }
    private function AddPwd($str){
        $post_array = array(
            'password' => $this->input->post('password', TRUE),
            );
        $this->db->where('id',$str);
        $query = $this->db->update('users',$post_array);
        if(!$query){
            show_error("Something Happend please contact the site admin");
        }
        else{
            $this->load->view('global/auth/complete');
        }
    }    
}
?>

what happens is when I go to index.php/auth/doLogin I get the

Code:

A PHP Error was encountered

Severity: Warning

Message: Cannot modify header information - headers already sent by (output started at D:\WebServer\htdocs\xterm\system\application\main_site\controllers\auth.php:17)

Filename: libraries/Session.php

Line Number: 315

And Line 19 of auth.php is ?>

Auth.php

PHP Code:

<?php

class Auth extends Controller{
    function Auth(){
        parent::Controller();
        $this->load->library('session');

        $this->load->model('UserMgmt');
        //$this->load->library('ShowContent');
        
    }
    function doLogin(){
        $logged_status = $this->UserMgmt->doLogin();
    }
    function forgot_pwd(){

    }
}
?>

Thanks for the help in advanced

Can you post index.php and session.php please? I don't see where session_start() is and that makes the problem a bit hard to solve xD

index.php is irrelevant as it just locates paths for the CI framework and loads either the Selected Controller Passed by var in the URL or just the default controller if not specified.

I dont have access to sessions.php right now (at school) will have to wait until I get home, But sessions.php is called before any out put and it did work...

Okay I got Home and I am now going to put the sessions.php file as requested, and I also added the index.php file for you as well

PHP Code:

<?php
/*
|---------------------------------------------------------------
| PHP ERROR REPORTING LEVEL
|---------------------------------------------------------------
|
| By default CI runs with error reporting set to ALL.  For security
| reasons you are encouraged to change this when your site goes live.
| For more info visit:  http://www.php.net/error_reporting
|
*/
    error_reporting(E_ALL);

/*
|---------------------------------------------------------------
| SYSTEM FOLDER NAME
|---------------------------------------------------------------
|
| This variable must contain the name of your "system" folder.
| Include the path if the folder is not in the same  directory
| as this file.
|
| NO TRAILING SLASH!
|
*/
    $system_folder = "system";

/*
|---------------------------------------------------------------
| APPLICATION FOLDER NAME
|---------------------------------------------------------------
|
| If you want this front controller to use a different "application"
| folder then the default one you can set its name here. The folder 
| can also be renamed or relocated anywhere on your server.
| For more info please see the user guide:
| http://codeigniter.com/user_guide/general/managing_apps.html
|
|
| NO TRAILING SLASH!
|
*/
    $application_folder = "application/main_site";

/*
|===============================================================
| END OF USER CONFIGURABLE SETTINGS
|===============================================================
*/


/*
|---------------------------------------------------------------
| SET THE SERVER PATH
|---------------------------------------------------------------
|
| Let's attempt to determine the full-server path to the "system"
| folder in order to reduce the possibility of path problems.
| Note: We only attempt this if the user hasn't specified a 
| full server path.
|
*/
if (strpos($system_folder, '/') === FALSE)
{
    if (function_exists('realpath') AND @realpath(dirname(__FILE__)) !== FALSE)
    {
        $system_folder = realpath(dirname(__FILE__)).'/'.$system_folder;
    }
}
else
{
    // Swap directory separators to Unix style for consistency
    $system_folder = str_replace("\\", "/", $system_folder); 
}

/*
|---------------------------------------------------------------
| DEFINE APPLICATION CONSTANTS
|---------------------------------------------------------------
|
| EXT        - The file extension.  Typically ".php"
| FCPATH    - The full server path to THIS file
| SELF        - The name of THIS file (typically "index.php")
| BASEPATH    - The full server path to the "system" folder
| APPPATH    - The full server path to the "application" folder
|
*/
define('EXT', '.'.pathinfo(__FILE__, PATHINFO_EXTENSION));
define('FCPATH', __FILE__);
define('SELF', pathinfo(__FILE__, PATHINFO_BASENAME));
define('BASEPATH', $system_folder.'/');

if (is_dir($application_folder))
{
    define('APPPATH', $application_folder.'/');
}
else
{
    if ($application_folder == '')
    {
        $application_folder = 'application';
    }

    define('APPPATH', BASEPATH.$application_folder.'/');
}

/*
|---------------------------------------------------------------
| LOAD THE FRONT CONTROLLER
|---------------------------------------------------------------
|
| And away we go...
|
*/
require_once BASEPATH.'codeigniter/CodeIgniter'.EXT;

/* End of file index.php */
/* Location: ./index.php */

I don't think you want to see all 600+ lines of code here, so I attached it.

try changing error_reporting to 0 in index.php

Changing error_reporting won't change the error. For testing purposes, E_ALL is best and for running a site E_NOTICE is generally best.

And your problems aren't sessions, as you site actually uses cookies. I still don't have the complete picture (as I don't see where the sess_create(); function is called etc...) but it looks like there's something going to the browser before the cookie is set. Those are MUCH more sensitive than sessions. Are there any intermediate files? I just don't see any of the functions in session.php called in any of the other code you gave us.

Okay Normally I don't do this but I would love the help on getting this sorted out

I have compressed the entire site, CI and my App you can click here to download it

For those who are not familar with CI it is a Controller / model / view type of a framework.

If you plan on running this you will have to comment out the database library and any & all db calls in the auth controller and UserMngt Model

Hopefully this can prove some insight and to locate the output to the browser that is screwing me around...

Thanks

Try to eliminate any ending ?> tags from all the included scripts that is parsed before the time of output. Funny enough that an extra new line at the end of the script may be the killer, some text-editors will append the new lines automatically.

yup removed all the closing tags for php in my controllers and models and still get the same error. I think the issue is in that somewhere CI is getting a signal to output something to the browser...