[PHP] HTTP header question.
Hey all, I want to craft a header such that it seems to the page that data has been POST'ed to it... Here's the situation: I'm writing a login page to my application, and if they log in incorrectly, I want the page to redisplay, but I want it to throw out an error message. I'm currently doing it by header(Location: login.php?failure=true); but I'd like to make it transparent. Any ideas? Thanks, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] HTTP header question.
All I want to do is output Authentication failed above the form if they type in invalid credentials. I want to do it by passing a header that contains the same information as if there were a form submitted that contained a field name failed and value true. Aside from this one application, I can think of many other places where this would be valuable. Am I being unclear? It seems that my question was not understood. Please let me know so I can try to re-explain. Thanks, Ben -Original Message- From: Dave VanAuken [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 29, 2001 7:16 PM To: Ben Bleything; [EMAIL PROTECTED] Subject: RE: [PHP] HTTP header question. what is the logic behind requiring the header? for example, to avoid using cookies and yet ensuring security, we pass a loginkey for all pages. every page has include('securitycheck.php'); which parses the loginkey, uncompresses/decode it to get the userid and timestamp, and prompts for a login if the last access was too old (say 10 min). the security check displays the login screen if no key is available or key is expired, and exits, preventing display of the remainder of the page ifthe key is valid, it updates the key for the current time (reset the expire counter so to speak) and displays the page iwth all URL's conyaining the encoded key. you end up with one additional line of code per page (which we include as part of site template) unless you are looking for something else entirely and I am missing the point (entirely possible). Dave -Original Message- From: Ben Bleything [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 29, 2001 8:48 PM To: [EMAIL PROTECTED] Subject: [PHP] HTTP header question. Hey all, I want to craft a header such that it seems to the page that data has been POST'ed to it... Here's the situation: I'm writing a login page to my application, and if they log in incorrectly, I want the page to redisplay, but I want it to throw out an error message. I'm currently doing it by header(Location: login.php?failure=true); but I'd like to make it transparent. Any ideas? Thanks, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] HTTP header question.
The way that I did it was by using sessions which if you have a login you are probably using anyways. One of my session variables is message. That way I can pass messages back and forth to pages, reinitialize them after the message has been received, etc etc etc. If you REALLY want to use headers this is what Lawrence Sheed (thanks Lawrence) sent me: header POST /index.php3 HTTP/1.1; header Host: $host; header Content-type: application/x-www-form-urlencoded ; header Content-length: . strlen ($data); header Connection: close\n\n; //may only need one, can't remember if header postpends \n //Now print variables //var1=informationvar2=more //for each var to submit header $$var1=$var1$$var2=$var2; I eventually went a different route, but he said this emulates a POST. Good luck.. I hope I understand and I hope it helps All I want to do is output Authentication failed above the form if they type in invalid credentials. I want to do it by passing a header that contains the same information as if there were a form submitted that contained a field name failed and value true. Aside from this one application, I can think of many other places where this would be valuable. Am I being unclear? It seems that my question was not understood. Please let me know so I can try to re-explain. Thanks, Ben -Original Message- From: Dave VanAuken [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 29, 2001 7:16 PM To: Ben Bleything; [EMAIL PROTECTED] Subject: RE: [PHP] HTTP header question. what is the logic behind requiring the header? for example, to avoid using cookies and yet ensuring security, we pass a loginkey for all pages. every page has include('securitycheck.php'); which parses the loginkey, uncompresses/decode it to get the userid and timestamp, and prompts for a login if the last access was too old (say 10 min). the security check displays the login screen if no key is available or key is expired, and exits, preventing display of the remainder of the page ifthe key is valid, it updates the key for the current time (reset the expire counter so to speak) and displays the page iwth all URL's conyaining the encoded key. you end up with one additional line of code per page (which we include as part of site template) unless you are looking for something else entirely and I am missing the point (entirely possible). Dave -Original Message- From: Ben Bleything [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 29, 2001 8:48 PM To: [EMAIL PROTECTED] Subject: [PHP] HTTP header question. Hey all, I want to craft a header such that it seems to the page that data has been POST'ed to it... Here's the situation: I'm writing a login page to my application, and if they log in incorrectly, I want the page to redisplay, but I want it to throw out an error message. I'm currently doing it by header(Location: login.php?failure=true); but I'd like to make it transparent. Any ideas? Thanks, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] HTTP header question.
THANK YOU. Finally. Unfortunately, in brief tests, I can't get it to work, but I will continue to beat on it. That's exactly what I was getting at. I found some info on the internet regarding what the headers that POST sends are... you can see it at http://opop.nols.com/write/HTTP.html. Hope this helps everybody out. Thanks, Ben -Original Message- From: Richard Baskett [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 29, 2001 8:26 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] HTTP header question. The way that I did it was by using sessions which if you have a login you are probably using anyways. One of my session variables is message. That way I can pass messages back and forth to pages, reinitialize them after the message has been received, etc etc etc. If you REALLY want to use headers this is what Lawrence Sheed (thanks Lawrence) sent me: header POST /index.php3 HTTP/1.1; header Host: $host; header Content-type: application/x-www-form-urlencoded ; header Content-length: . strlen ($data); header Connection: close\n\n; //may only need one, can't remember if header postpends \n //Now print variables //var1=informationvar2=more //for each var to submit header $$var1=$var1$$var2=$var2; I eventually went a different route, but he said this emulates a POST. Good luck.. I hope I understand and I hope it helps All I want to do is output Authentication failed above the form if they type in invalid credentials. I want to do it by passing a header that contains the same information as if there were a form submitted that contained a field name failed and value true. Aside from this one application, I can think of many other places where this would be valuable. Am I being unclear? It seems that my question was not understood. Please let me know so I can try to re-explain. Thanks, Ben -Original Message- From: Dave VanAuken [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 29, 2001 7:16 PM To: Ben Bleything; [EMAIL PROTECTED] Subject: RE: [PHP] HTTP header question. what is the logic behind requiring the header? for example, to avoid using cookies and yet ensuring security, we pass a loginkey for all pages. every page has include('securitycheck.php'); which parses the loginkey, uncompresses/decode it to get the userid and timestamp, and prompts for a login if the last access was too old (say 10 min). the security check displays the login screen if no key is available or key is expired, and exits, preventing display of the remainder of the page ifthe key is valid, it updates the key for the current time (reset the expire counter so to speak) and displays the page iwth all URL's conyaining the encoded key. you end up with one additional line of code per page (which we include as part of site template) unless you are looking for something else entirely and I am missing the point (entirely possible). Dave -Original Message- From: Ben Bleything [mailto:[EMAIL PROTECTED]] Sent: Sunday, July 29, 2001 8:48 PM To: [EMAIL PROTECTED] Subject: [PHP] HTTP header question. Hey all, I want to craft a header such that it seems to the page that data has been POST'ed to it... Here's the situation: I'm writing a login page to my application, and if they log in incorrectly, I want the page to redisplay, but I want it to throw out an error message. I'm currently doing it by header(Location: login.php?failure=true); but I'd like to make it transparent. Any ideas? Thanks, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] HTTP header question.
On 30-Jul-2001 Ben Bleything wrote: All I want to do is output Authentication failed above the form if they type in invalid credentials. I want to do it by passing a header that contains the same information as if there were a form submitted that contained a field name failed and value true. Aside from this one application, I can think of many other places where this would be valuable. Am I being unclear? It seems that my question was not understood. Please let me know so I can try to re-explain. ?php $lock=tmp/REMOTE_ADDR; if (isset ($login)) { if (checkuser($login, $passwd)) { unlink($lock); Header('Location: /goodguy.php'); } else { touch($lock); Header('Location: '. $PHP_SELF); } } if (file_exists($lock)) echo 'Authentication failed', 'br' unlink($lock); // do yer form 'form method=POST ACTION=' .$PHP_SELF .''; input text name=login input text name=passwd /form Regards, -- Don Read [EMAIL PROTECTED] -- It's always darkest before the dawn. So if you are going to steal the neighbor's newspaper, that's the time to do it. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]