Re: Setting cookies after reading from a file

Thu, 27 Jul 2006 07:09:50 -0700 

Here is the entire code set.
This is the site_functions.php file that is included from the web page below: 

<?php
function GetParameters($Buf) {
 $tvPairs = split('\|', $Buf);
 for($i=0;$i<count($tvPairs);$i++){
   $tv = split(',',$tvPairs[$i]);
   $pList[strtoupper($tv[0])] = $tv[1];
 }
 return $pList;
}

function Authorize($usr,$pwd) {
 $maxSleep=100;
 $nSleep=0;
 $uri = $_POST['responseURL'];

 srand((double) microtime() * 1000000);
 // Generate a unique file name
 $fname=date('YmdHis')."-".rand(10001,99999);
 $request='../logs/request/'.$fname;
 // Open request file
 $fd = fopen($request,"w");
 if ($fd) {
   fwrite($fd,'type,Authorization|User,'.$usr.'|Passwd,'.$pwd);
   fclose($fd);
   $response='../logs/response/'.$fname;
   // Wait for Response
   while(!file_exists($response)) {
     usleep(100000);
     $nSleep++;
     if ($nSleep == $maxSleep) {break;}
   }
   if ($nSleep < $maxSleep) {
     // Response returned; read file
     $fd = fopen($response,"r");
     $buf = fgets($fd,1024);
     fclose($fd);
     // Remove file immediately
     unlink($response);
     // Format parameters
     $params = GetParameters($buf);
     setcookie('ACCESSID',$params['ACCESSID'];

     if ($params['ACCESSID']) 
{setcookie('SESSIONID',$params['SESSIONID']);}

     else {setcookie('ERROR',$params['ERROR']);}
   }
   else {
     // Response timed out; return an error
     setcookie('ACCESSID', 0);

     setcookie('ERROR', 'Response not received.  Service may be down, 
contact system administrator');

   }
 }
 else {
   setcookie('ACCESSID', 0);

   setcookie('ERROR', 'Unable to submit request; contact system 
administrator');

 }
 header('Location: '.$uri);
}
?>


This is the web page that is called after the initial login screen to 
validate the login credentials.  Validation is done by an secure, 
external service.  Once validated, the external system issues a unique 
session id that must accompany all future requests.  The session id 
uniquely identifies the user while using the site.


<?php
 require("../cgi-bin/site_functions.php");
 session_start();
 $_SESSION['name']='GWICsis';

 authorize($_POST['username'],$_POST['password']);
?>


Though I'm a novice on web design, the only things that are page related 
are the session_start and the setcookie which, I believe, are both 
headers and should be allowed prior to calling the final header function 
to redirect to a new page...as I understand the PHP documentation.


Steve.

/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/






















					Reply via email to