Php says I have an error in this script where I have noted it. Can anyone see the error here? Much appreciated

<?php

session_start();
// User is logging in
if (isset($_POST["login"])){
if (isset($_POST["username"]) && ($_POST["username"]
== "******") && isset($_POST["password"])
&& ($_POST["password"]
== "******"){ // php says this { should not be there, it looks right to me
$_SESSION["Authenticated"] = 1;
}
else{
$_SESSION["Authenticated"] = 0;
}
session_write_close();
header("Location: protected.php");
}
// User is logging out
if (isset($_GET["logout"])){
session_destroy();
header("Location: login.html");
}

?>

You need another ) at the end...

<?php

session_start();
// User is logging in
if (isset($_POST["login"])){
if (isset($_POST["username"]) && ($_POST["username"]
== "******") && isset($_POST["password"])
&& ($_POST["password"]
== "******")){ // php says this { should not be there, it looks right to me
$_SESSION["Authenticated"] = 1;
}
else{
$_SESSION["Authenticated"] = 0;
}
session_write_close();
header("Location: protected.php");
}
// User is logging out
if (isset($_GET["logout"])){
session_destroy();
header("Location: login.html");
}

?>

you have one missing or too many if you use the tags it will be in colour
[php]
<?php

session_start();
// User is logging in
if (isset($_POST["login"]))
{
if (isset($_POST["username"]) && ($_POST["username"]== "******") && isset($_POST["password"])
&& ($_POST["password"] == "******")
{ // php says this should not be there, it looks right to me
$_SESSION["Authenticated"] = 1;
}
else
{
$_SESSION["Authenticated"] = 0;
session_write_close();
header("Location: protected.php");
}
}
// User is logging out
if (isset($_GET["logout"]))
{
session_destroy();
header("Location: login.html");
}
?>

Thank you both, that did solve that problem. Of course it brought me to another. I get these errors

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by output started at /home/lunar/public_html/auth.php:11) in /home/lunar/public_html/auth.php on line 13


Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent

Warning: Cannot modify header information - headers already sent by

This is my first use of cookies and sessions, can you expalin briefly what has happend? Thanks again

Is this your whole script?

If not please post the rest of the script that comes above this part of your script.

Yes, basically thats the whole thing. its just a script that is called when someone logs in from an html form that asks for name and password and consists of the same doctype and headers as the script below..

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title></title>

</head>

<body>
<?php

session_start();
// User is logging in
if (isset($_POST["login"])){
if (isset($_POST["username"]) && ($_POST["username"]
== "mcwilson") && isset($_POST["password"])
&& ($_POST["password"]
== "mcwilson")){
$_SESSION["Authenticated"] = 1;
}
else{
$_SESSION["Authenticated"] = 0;
}
session_write_close();
header("Location: protected.php");
}
// User is logging out
if (isset($_GET["logout"])){
session_destroy();
header("Location: login.html");
}

?>
</body>
</html>

Remove all of the following:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title></title>

</head>

<body>

</body>
</html>


Your script is trying to write html code to the browser and that meens that a header has already been sent to the browser.

header("Location: login.html");
always need to be the first header.

Ah I understand, the php script is not a web page, its a script. I literally turrned it into something to be displayed(of course it wouldnt be). I should have thought that out, I just naturally started a new webpage when I did the script.

Thank you so much.

Well I thought I understood, I removed all headers and doc types from the script page, but it seemed to move the erorrs to the session start again.

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home/lunar/public_html/auth.php:1) in /home/lunar/public_html/auth.php on line 2

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/lunar/public_html/auth.php:1) in /home/lunar/public_html/auth.php on line 2

Warning: Cannot modify header information - headers already sent by (output started at /home/lunar/public_html/auth.php:1) in /home/lunar/public_html/auth.php on line 15


Any last thoughts before I toss this out the window? :)

At the point that Location: login.html occurs in the script, it is in response to a log out from the page that the script points to (protected.php), not in response from the initial login page.

Does that make a difference?