[PHP] HTTP header question.
Hey all, I want to craft a header such that it seems to the page that data has been POST'ed to it... Here's the situation: I'm writing a login page to my application, and if they log in incorrectly, I want the page to redisplay, but I want it to throw out an error message. I'm currently doing it by header(Location: login.php?failure=true); but I'd like to make it transparent. Any ideas? Thanks, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] HTTP header question.
All I want to do is output Authentication failed above the form if
they type in invalid credentials. I want to do it by passing a header
that contains the same information as if there were a form submitted
that contained a field name failed and value true. Aside from this
one application, I can think of many other places where this would be
valuable.
Am I being unclear? It seems that my question was not understood.
Please let me know so I can try to re-explain.
Thanks,
Ben
-Original Message-
From: Dave VanAuken [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 7:16 PM
To: Ben Bleything; [EMAIL PROTECTED]
Subject: RE: [PHP] HTTP header question.
what is the logic behind requiring the header?
for example, to avoid using cookies and yet ensuring security, we pass a
loginkey for all pages.
every page has
include('securitycheck.php');
which parses the loginkey, uncompresses/decode it to get the userid and
timestamp, and prompts for a login if the last access was too old (say
10 min).
the security check displays the login screen if no key is available or
key is
expired, and exits, preventing display of the remainder of the page
ifthe key is valid, it updates the key for the current time (reset the
expire
counter so to speak) and displays the page iwth all URL's conyaining the
encoded
key.
you end up with one additional line of code per page (which we include
as part
of site template)
unless you are looking for something else entirely and I am missing the
point
(entirely possible).
Dave
-Original Message-
From: Ben Bleything [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 8:48 PM
To: [EMAIL PROTECTED]
Subject: [PHP] HTTP header question.
Hey all,
I want to craft a header such that it seems to the page that data has
been POST'ed to it... Here's the situation: I'm writing a login page
to
my application, and if they log in incorrectly, I want the page to
redisplay, but I want it to throw out an error message. I'm currently
doing it by
header(Location: login.php?failure=true);
but I'd like to make it transparent. Any ideas?
Thanks,
Ben
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] HTTP header question.
The way that I did it was by using sessions which if you have a login you
are probably using anyways. One of my session variables is message. That
way I can pass messages back and forth to pages, reinitialize them after the
message has been received, etc etc etc. If you REALLY want to use headers
this is what Lawrence Sheed (thanks Lawrence) sent me:
header POST /index.php3 HTTP/1.1;
header Host: $host;
header Content-type: application/x-www-form-urlencoded ;
header Content-length: . strlen ($data);
header Connection: close\n\n; //may only need one, can't remember if
header postpends \n
//Now print variables
//var1=informationvar2=more
//for each var to submit
header $$var1=$var1$$var2=$var2;
I eventually went a different route, but he said this emulates a POST. Good
luck.. I hope I understand and I hope it helps
All I want to do is output Authentication failed above the form if
they type in invalid credentials. I want to do it by passing a header
that contains the same information as if there were a form submitted
that contained a field name failed and value true. Aside from this
one application, I can think of many other places where this would be
valuable.
Am I being unclear? It seems that my question was not understood.
Please let me know so I can try to re-explain.
Thanks,
Ben
-Original Message-
From: Dave VanAuken [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 7:16 PM
To: Ben Bleything; [EMAIL PROTECTED]
Subject: RE: [PHP] HTTP header question.
what is the logic behind requiring the header?
for example, to avoid using cookies and yet ensuring security, we pass a
loginkey for all pages.
every page has
include('securitycheck.php');
which parses the loginkey, uncompresses/decode it to get the userid and
timestamp, and prompts for a login if the last access was too old (say
10 min).
the security check displays the login screen if no key is available or
key is
expired, and exits, preventing display of the remainder of the page
ifthe key is valid, it updates the key for the current time (reset the
expire
counter so to speak) and displays the page iwth all URL's conyaining the
encoded
key.
you end up with one additional line of code per page (which we include
as part
of site template)
unless you are looking for something else entirely and I am missing the
point
(entirely possible).
Dave
-Original Message-
From: Ben Bleything [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 8:48 PM
To: [EMAIL PROTECTED]
Subject: [PHP] HTTP header question.
Hey all,
I want to craft a header such that it seems to the page that data has
been POST'ed to it... Here's the situation: I'm writing a login page
to
my application, and if they log in incorrectly, I want the page to
redisplay, but I want it to throw out an error message. I'm currently
doing it by
header(Location: login.php?failure=true);
but I'd like to make it transparent. Any ideas?
Thanks,
Ben
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] HTTP header question.
THANK YOU. Finally.
Unfortunately, in brief tests, I can't get it to work, but I will
continue to beat on it. That's exactly what I was getting at.
I found some info on the internet regarding what the headers that POST
sends are... you can see it at http://opop.nols.com/write/HTTP.html.
Hope this helps everybody out.
Thanks,
Ben
-Original Message-
From: Richard Baskett [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 8:26 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] HTTP header question.
The way that I did it was by using sessions which if you have a login
you
are probably using anyways. One of my session variables is message.
That
way I can pass messages back and forth to pages, reinitialize them after
the
message has been received, etc etc etc. If you REALLY want to use
headers
this is what Lawrence Sheed (thanks Lawrence) sent me:
header POST /index.php3 HTTP/1.1;
header Host: $host;
header Content-type: application/x-www-form-urlencoded ;
header Content-length: . strlen ($data);
header Connection: close\n\n; //may only need one, can't remember if
header postpends \n
//Now print variables
//var1=informationvar2=more
//for each var to submit
header $$var1=$var1$$var2=$var2;
I eventually went a different route, but he said this emulates a POST.
Good
luck.. I hope I understand and I hope it helps
All I want to do is output Authentication failed above the form if
they type in invalid credentials. I want to do it by passing a header
that contains the same information as if there were a form submitted
that contained a field name failed and value true. Aside from
this
one application, I can think of many other places where this would be
valuable.
Am I being unclear? It seems that my question was not understood.
Please let me know so I can try to re-explain.
Thanks,
Ben
-Original Message-
From: Dave VanAuken [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 7:16 PM
To: Ben Bleything; [EMAIL PROTECTED]
Subject: RE: [PHP] HTTP header question.
what is the logic behind requiring the header?
for example, to avoid using cookies and yet ensuring security, we pass
a
loginkey for all pages.
every page has
include('securitycheck.php');
which parses the loginkey, uncompresses/decode it to get the userid
and
timestamp, and prompts for a login if the last access was too old (say
10 min).
the security check displays the login screen if no key is available or
key is
expired, and exits, preventing display of the remainder of the page
ifthe key is valid, it updates the key for the current time (reset the
expire
counter so to speak) and displays the page iwth all URL's conyaining
the
encoded
key.
you end up with one additional line of code per page (which we include
as part
of site template)
unless you are looking for something else entirely and I am missing
the
point
(entirely possible).
Dave
-Original Message-
From: Ben Bleything [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 8:48 PM
To: [EMAIL PROTECTED]
Subject: [PHP] HTTP header question.
Hey all,
I want to craft a header such that it seems to the page that data has
been POST'ed to it... Here's the situation: I'm writing a login page
to
my application, and if they log in incorrectly, I want the page to
redisplay, but I want it to throw out an error message. I'm
currently
doing it by
header(Location: login.php?failure=true);
but I'd like to make it transparent. Any ideas?
Thanks,
Ben
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] HTTP header question.
On 30-Jul-2001 Ben Bleything wrote:
All I want to do is output Authentication failed above the form if
they type in invalid credentials. I want to do it by passing a header
that contains the same information as if there were a form submitted
that contained a field name failed and value true. Aside from this
one application, I can think of many other places where this would be
valuable.
Am I being unclear? It seems that my question was not understood.
Please let me know so I can try to re-explain.
?php
$lock=tmp/REMOTE_ADDR;
if (isset ($login)) {
if (checkuser($login, $passwd)) {
unlink($lock);
Header('Location: /goodguy.php');
} else {
touch($lock);
Header('Location: '. $PHP_SELF);
}
}
if (file_exists($lock))
echo 'Authentication failed', 'br'
unlink($lock);
// do yer form
'form method=POST ACTION=' .$PHP_SELF .'';
input text name=login
input text name=passwd
/form
Regards,
--
Don Read [EMAIL PROTECTED]
-- It's always darkest before the dawn. So if you are going to
steal the neighbor's newspaper, that's the time to do it.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
