Check for a blank line at the end of the included file. That kills our
developers from time to time.
Stephen Smith wrote:
> Here is the entire code set.
>
> This is the site_functions.php file that is included from the web page
> below:
>
> <?php
> function GetParameters($Buf) {
> $tvPairs = split('\|', $Buf);
> for($i=0;$i<count($tvPairs);$i++){
> $tv = split(',',$tvPairs[$i]);
> $pList[strtoupper($tv[0])] = $tv[1];
> }
> return $pList;
> }
>
> function Authorize($usr,$pwd) {
> $maxSleep=100;
> $nSleep=0;
> $uri = $_POST['responseURL'];
>
> srand((double) microtime() * 1000000);
> // Generate a unique file name
> $fname=date('YmdHis')."-".rand(10001,99999);
> $request='../logs/request/'.$fname;
> // Open request file
> $fd = fopen($request,"w");
> if ($fd) {
> fwrite($fd,'type,Authorization|User,'.$usr.'|Passwd,'.$pwd);
> fclose($fd);
> $response='../logs/response/'.$fname;
> // Wait for Response
> while(!file_exists($response)) {
> usleep(100000);
> $nSleep++;
> if ($nSleep == $maxSleep) {break;}
> }
> if ($nSleep < $maxSleep) {
> // Response returned; read file
> $fd = fopen($response,"r");
> $buf = fgets($fd,1024);
> fclose($fd);
> // Remove file immediately
> unlink($response);
> // Format parameters
> $params = GetParameters($buf);
> setcookie('ACCESSID',$params['ACCESSID'];
> if ($params['ACCESSID'])
> {setcookie('SESSIONID',$params['SESSIONID']);}
> else {setcookie('ERROR',$params['ERROR']);}
> }
> else {
> // Response timed out; return an error
> setcookie('ACCESSID', 0);
> setcookie('ERROR', 'Response not received. Service may be down,
> contact system administrator');
> }
> }
> else {
> setcookie('ACCESSID', 0);
> setcookie('ERROR', 'Unable to submit request; contact system
> administrator');
> }
> header('Location: '.$uri);
> }
> ?>
>
> This is the web page that is called after the initial login screen to
> validate the login credentials. Validation is done by an secure,
> external service. Once validated, the external system issues a unique
> session id that must accompany all future requests. The session id
> uniquely identifies the user while using the site.
>
> <?php
> require("../cgi-bin/site_functions.php");
> session_start();
> $_SESSION['name']='GWICsis';
>
> authorize($_POST['username'],$_POST['password']);
> ?>
>
> Though I'm a novice on web design, the only things that are page related
> are the session_start and the setcookie which, I believe, are both
> headers and should be allowed prior to calling the final header function
> to redirect to a new page...as I understand the PHP documentation.
>
> Steve.
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
