All I want to do is output "Authentication failed" above the form if
they type in invalid credentials.  I want to do it by passing a header
that contains the same information as if there were a form submitted
that contained a field name "failed" and value "true".  Aside from this
one application, I can think of many other places where this would be

Am I being unclear?  It seems that my question was not understood.
Please let me know so I can try to re-explain.


-----Original Message-----
From: Dave VanAuken [mailto:[EMAIL PROTECTED]] 
Sent: Sunday, July 29, 2001 7:16 PM
To: Ben Bleything; [EMAIL PROTECTED]
Subject: RE: [PHP] HTTP header question.

what is the logic behind requiring the header?

for example, to avoid using cookies and yet ensuring security, we pass a
loginkey for all pages.

every page has
which parses the loginkey, uncompresses/decode it to get the userid and
timestamp, and prompts for a login if the last access was too old (say
10 min).

the security check displays the login screen if no key is available or
key is
expired, and exits, preventing display of the remainder of the page

ifthe key is valid, it updates the key for the current time (reset the
counter so to speak) and displays the page iwth all URL's conyaining the

you end up with one additional line of code per page (which we include
as part
of site template)

unless you are looking for something else entirely and I am missing the
(entirely possible).


>-----Original Message-----
>From: Ben Bleything [mailto:[EMAIL PROTECTED]]
>Sent: Sunday, July 29, 2001 8:48 PM
>Subject: [PHP] HTTP header question.
>Hey all,
>I want to craft a header such that it seems to the page that data has
>been POST'ed to it... Here's the situation:  I'm writing a login page
>my application, and if they log in incorrectly, I want the page to
>redisplay, but I want it to throw out an error message.  I'm currently
>doing it by
>       header("Location: login.php?failure=true");
>but I'd like to make it transparent.  Any ideas?
>PHP General Mailing List (
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail:

PHP General Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to