[PHP] Using HTTP Referer

2002-09-11 Thread Jiaqing Wang 

Hello, All,
I'm currently working on a problem which is in need of HTTP referer or the
similar technique, but I couldn't seem to find any article or links which
illustrate the idea, I tried $_SERVER['HTTP_REFERER'] but somehow it didn't
work for me. Let me breifly explain what I did here:

I have login page called login.php, in this page I do

1. verify user the username and password against my backend database.
2. once passwd is verified, opens up a session with this login session.
3. header(Location: ${_SERVER['HTTP_REFERER']}) this will send user who
just logged in back to the whichever page they came from.

I also have a bunch of service scripts providing the content of my site like
mysite.php which invokes the login.php page if it determines that the user
is not logged in, after user goes through the logging in process, the
login.php will re-direct it back to this particular page, of course the
location of the page is dynamicly determined by HTTP_REFERER.

The problem I'm having right now is that after the user is logged in, the
login.php can never send it back to the page the user came from, it will
just redraw the login.php page. Obviously, $_SERVER['HTTP_REFERER'] contains
the location of itself instead of the location of the page sent the user
here.

I hope this is clear to you, if any of you out here knew a clue please help
me out. Any comment is greatly appreciated.

JJW
9/11/2002



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP] Problem with session handling with frameset.

2002-09-09 Thread Jiaqing Wang 

Hello, Everyone,
I'm having some problem with the session handling in my code, it's kind of
hard to explain the whole problem but let me try.
I currently have a login page login.php which will take user input for
userid and passwd and check them against my backend PostgreSQL database,
after the password is verified I then open a session with

session_name($_POST['userid']);
session_start();  --  presumebly this will set a cookie with session_name
as the cookie name and session_id as the cookie value

then I redirect user to his/her own custome page (like my place or my site)
using header(Location: https://www.domain.com/cgi/mysite?userid=$userid;)
function call. in mysite.php script I will then open the session with the
session_name with

session_name($_GET['userid']);
session_start();  --presumebaly this will get the session opened previously
by login page.

This arrangement works correctly in the regular IE v5 and Netscape v4.72
without a problem, I can tell the session is being opened by login.pho page
and passed onto mysite.php page. However, it doesn't work in frameset/frame
setup at all, for example, if I put the whole login.php page which is
login.php under a frame within a frameset

frame src=cgi/login.php target=body

The problem is that I can't get the same session previously opened in
login.php in mysite.php, mysite.php will start a different session if it
can't find previous opened session with session_name as userid as this is
the default behavior of session_start() function. So I assume that login.php
either didn't set the cookie or the cookie can't be read by mysite.php.

If it helps the situation, I also noticed that my SSL cerificate warning
page being prompt twice, the first time is when opening page login.php(it's
also under https), the second time is when opening mysite.php, I'm currently
using self-signed certificate so every time the https page opens up in a new
browser it will prompt you for whether or not accept the ceritificate).

I'm currently runing php v4.2.0 on a solaris 2.7 box with apache
v1.3.26/mod_ssl-2.8.10-1.3.26. If you need any more info to help me with it,
let me know.

JJW
9/9/2002





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php