Re: [PHP] Re: HTTP header question.
On Monday 30 July 2001 03:10, Ben Bleything wrote:
I understand that the POST operation stores the data from the form in
the message headers... I just need to know which headers, so I can use
that information to write my own... I basically want to make it seem as
if the $failure var was POST'ed back to the page.
I'm having NO luck whatsoever with the HTTP RFC's... too thick =
Read them nevertheless.
A POST is a request from the client (browser) to the webserver. PHP's
header () is used to send a response header from the webserver to the
browser. Wrong way for what you want to do.
header (Location: http://XY;) works (if there's a
header ('302: Moved Temporarily'); before it), because it just tells the
browser don't use this URL at the moment - try XY instead and the
browser initiates a new request based on that.
--
Christian Reiniger
LGDC Webmaster (http://lgdc.sunsite.dk/)
This is JohnC IMHO, I compaired tri-word groupings here and in his plan
and got a good match.
- /. posting discussing the likelihood that an AC post that claimed to be
posted by John Carmack during his honeymoon (and having the login info at
home) was actually from him.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: HTTP header question.
The easiest solution is to create the failure variable as a session variable. -Stewart -Original Message- From: Matt Rogers [mailto:[EMAIL PROTECTED]] Sent: 30 July 2001 04:00 To: [EMAIL PROTECTED] Subject: [PHP] Re: HTTP header question. I don't know how to solve your problem, but I do know what you are talking about.. People just aren't understanding. All he wants is if you go to login.php in your browser, the Location will show: http://his.website.com/rams/login.php Okay? Got it? NOW... If you attempt to log in and give the form an INCORRECT login, he wants to SOMEHOW (and currently trying by headers) wants the location to show this: http://his.website.com/rams/login.php AND NOT: http://his.website.com/rams/login.php?failure=true Is that hard to understand? I hope I have helped to some degree. -- --- -- MD Creations - Matt Rogers - Web Design Dept. - [EMAIL PROTECTED] Ben Bleything [EMAIL PROTECTED] wrote in message 01c11891$447271c0$0201a8c0@allegro">news:01c11891$447271c0$0201a8c0@allegro... Hey all, I want to craft a header such that it seems to the page that data has been POST'ed to it... Here's the situation: I'm writing a login page to my application, and if they log in incorrectly, I want the page to redisplay, but I want it to throw out an error message. I'm currently doing it by header(Location: login.php?failure=true); but I'd like to make it transparent. Any ideas? Thanks, Ben -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: HTTP header question.
still don't see the need to pass as a header...
?PHP
$success=0;
$failure_notice='';
if($login){
# lets say we are checking against database for valid user
#connect to db
#do your query
#get result in $valid_login, $valid_pass
if($login==$valid_login $passwd=$valid_pass) {
$success=1
}else{
$failure_notice='FAILED';
}
}else{
# nothing - not loggin in
}
if($success=1){
#correct login, proceed to page
header(wherever.php); #make sure no output to screen
}else{
#login failed, we have to reprint the login with the failure notice
echo $failure_notice;
#willshow failed if login failed and nothing if first display of screen
echo 'form...
input... name=login value='.$login.'';
#will display login so user doesnt' have to retype
}
?
you avoid the http://his.website.com/rams/login.php?failure=true as you just get
login.php each time as far as the displayed URL.
my opinion, let the scripting handle all the logic and ease off the header
functions.
-Original Message-
From: Matt Rogers [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 11:00 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Re: HTTP header question.
I don't know how to solve your problem, but I do know what you are talking
about.. People just aren't understanding.
All he wants is if you go to login.php in your browser, the Location will
show:
http://his.website.com/rams/login.php
Okay? Got it? NOW... If you attempt to log in and give the form an
INCORRECT login, he wants to SOMEHOW (and currently trying by headers) wants
the location to show this:
http://his.website.com/rams/login.php
AND NOT:
http://his.website.com/rams/login.php?failure=true
Is that hard to understand?
I hope I have helped to some degree.
--
---
-- MD Creations
- Matt Rogers
- Web Design Dept.
- [EMAIL PROTECTED]
Ben Bleything [EMAIL PROTECTED] wrote in message
01c11891$447271c0$0201a8c0@allegro">news:01c11891$447271c0$0201a8c0@allegro...
Hey all,
I want to craft a header such that it seems to the page that data has
been POST'ed to it... Here's the situation: I'm writing a login page to
my application, and if they log in incorrectly, I want the page to
redisplay, but I want it to throw out an error message. I'm currently
doing it by
header(Location: login.php?failure=true);
but I'd like to make it transparent. Any ideas?
Thanks,
Ben
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: HTTP header question.
Some of the original message: still don't see the need to pass as a header... you avoid the http://his.website.com/rams/login.php?failure=true as you just get login.php each time as far as the displayed URL. my opinion, let the scripting handle all the logic and ease off the header functions. The whole idea behind his point is so the user cannot see what's going on behind the scenes. It's just another method of making it look more professional. It's not really a case of headers, Ben just wanted to know if it is at all possible to use PHP to keep the URL from showing the query as opposed to having to use JavaScript or anything else. People kept giving him different solutions to something he didn't need solutions for -- he already had the verification and if-then's down in the script... He just wanted one little thing about making the browser show only the simple URL and not let it change. That's all. =) What a confusing thread, eh? hehe.. At least if someone wants to read something funny and understands the American Language, this is the thread to read... --- -- MD Creations - Matt Rogers - Web Design Dept. - [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: HTTP header question.
below
Some of the original message:
still don't see the need to pass as a header...
you avoid the http://his.website.com/rams/login.php?failure=true as you
just get
login.php each time as far as the displayed URL.
my opinion, let the scripting handle all the logic and ease off the header
functions.
The whole idea behind his point is so the user cannot see what's going on
behind the scenes. It's just another method of making it look more
professional.
I understand that much, but don't see why he would want to do a
header('filename') redirection at all in case of a failure?
It's not really a case of headers, Ben just wanted to know if it is at all
possible to use PHP to keep the URL from showing the query as opposed to
having to use JavaScript or anything else.
People kept giving him different solutions to something he didn't need
solutions for -- he already had the verification and if-then's down in the
script... He just wanted one little thing about making the browser show only
the simple URL and not let it change. That's all. =)
Understood. My point is that he appears to be using the wrong tool for the job,
and solving a problem where if done otherwise would not exist.
My impression is he is posting a login to a page and redirecting back to the
login page if it fails with a failure notice. Rather than that, my suggestion
would be to keep the login page seperate, have it do the authentication, and
only move from that page when it succeeds. This also allows him to reuse this
code as necessary, and removes the need for any passing of header information,
thus no problem.
What a confusing thread, eh? hehe.. At least if someone wants to read
something funny and understands the American Language, this is the thread to
read...
I think if he had posted the code from tha pages he is using, that would have
clarified things greatly.
My mistake is taking his problem, and suggesting that he is trying to do a big
workaround for a problem that if done differently wouldn't exist. Why reinvent
the wheel. :)
Cheers
Dave
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: HTTP header question.
If you all would like, I can post my code... I'm still looking for a
solution.
Matt has it right. I'm trying to go for a more professional looking
thing... and I do want it to display a notice when the login fails. I
have thought of another way to do it... but it's not pretty, so I'm
still open to suggestions. A while back I posted a pseudo-code
explanation of what it is... attached to this e-mail is the actual
page... Hopefully it will either shed some light on my predicament or
help you all to alert me to any major errors that are probably hiding in
there =
Thanks a pile,
Ben
-Original Message-
From: Dave [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 30, 2001 8:05 AM
To: [EMAIL PROTECTED]
Subject: RE: [PHP] Re: HTTP header question.
below
Some of the original message:
still don't see the need to pass as a header...
you avoid the http://his.website.com/rams/login.php?failure=true as
you
just get
login.php each time as far as the displayed URL.
my opinion, let the scripting handle all the logic and ease off the
header
functions.
The whole idea behind his point is so the user cannot see what's going
on
behind the scenes. It's just another method of making it look more
professional.
I understand that much, but don't see why he would want to do a
header('filename') redirection at all in case of a failure?
It's not really a case of headers, Ben just wanted to know if it is at
all
possible to use PHP to keep the URL from showing the query as opposed
to
having to use JavaScript or anything else.
People kept giving him different solutions to something he didn't need
solutions for -- he already had the verification and if-then's down in
the
script... He just wanted one little thing about making the browser show
only
the simple URL and not let it change. That's all. =)
Understood. My point is that he appears to be using the wrong tool for
the job,
and solving a problem where if done otherwise would not exist.
My impression is he is posting a login to a page and redirecting back to
the
login page if it fails with a failure notice. Rather than that, my
suggestion
would be to keep the login page seperate, have it do the authentication,
and
only move from that page when it succeeds. This also allows him to
reuse this
code as necessary, and removes the need for any passing of header
information,
thus no problem.
What a confusing thread, eh? hehe.. At least if someone wants to read
something funny and understands the American Language, this is the
thread to
read...
I think if he had posted the code from tha pages he is using, that would
have
clarified things greatly.
My mistake is taking his problem, and suggesting that he is trying to do
a big
workaround for a problem that if done differently wouldn't exist. Why
reinvent
the wheel. :)
Cheers
Dave
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: HTTP header question.
Ahh, and a bit of clarification before you read the code, the page posts
to itself =
Ben
-Original Message-
From: Dave [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 30, 2001 8:05 AM
To: [EMAIL PROTECTED]
Subject: RE: [PHP] Re: HTTP header question.
below
Some of the original message:
still don't see the need to pass as a header...
you avoid the http://his.website.com/rams/login.php?failure=true as
you
just get
login.php each time as far as the displayed URL.
my opinion, let the scripting handle all the logic and ease off the
header
functions.
The whole idea behind his point is so the user cannot see what's going
on
behind the scenes. It's just another method of making it look more
professional.
I understand that much, but don't see why he would want to do a
header('filename') redirection at all in case of a failure?
It's not really a case of headers, Ben just wanted to know if it is at
all
possible to use PHP to keep the URL from showing the query as opposed
to
having to use JavaScript or anything else.
People kept giving him different solutions to something he didn't need
solutions for -- he already had the verification and if-then's down in
the
script... He just wanted one little thing about making the browser show
only
the simple URL and not let it change. That's all. =)
Understood. My point is that he appears to be using the wrong tool for
the job,
and solving a problem where if done otherwise would not exist.
My impression is he is posting a login to a page and redirecting back to
the
login page if it fails with a failure notice. Rather than that, my
suggestion
would be to keep the login page seperate, have it do the authentication,
and
only move from that page when it succeeds. This also allows him to
reuse this
code as necessary, and removes the need for any passing of header
information,
thus no problem.
What a confusing thread, eh? hehe.. At least if someone wants to read
something funny and understands the American Language, this is the
thread to
read...
I think if he had posted the code from tha pages he is using, that would
have
clarified things greatly.
My mistake is taking his problem, and suggesting that he is trying to do
a big
workaround for a problem that if done differently wouldn't exist. Why
reinvent
the wheel. :)
Cheers
Dave
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: HTTP header question.
I'm fully aware of that. The issue is not the refreshing (that works
fine)...
Here's a little more detail:
if(!$login)
{
if($failure)
// complain
// show the form
}
else
{
if(user_is_good)
// take them to the next page
else
// complain
}
The //complain in the else section is this:
Unset($login); // so it won't try to authenticate again
$failure = true; // so the form knows to complain
header(Location: login.php);
Okay. So, just to clear things up, I'm not sending anything before
this. This happens IMMEDIATELY after the user clicks on Submit...
What I'm looking for is a way to do this such that the user does not see
anything more than http://host.name.here/rams/login.php in their address
bar when it failed... doing it the way I show above does not work, and
the alternative ( header(Location: login.php?failure=true) ) does not
satisfy my requirement.
So... anybody else?
Ben
-Original Message-
From: Jacques [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 5:58 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Re: HTTP header question.
Ben Bleything [EMAIL PROTECTED] wrote in message
01c11891$447271c0$0201a8c0@allegro">news:01c11891$447271c0$0201a8c0@allegro...
Hey all,
I want to craft a header such that it seems to the page that data has
been POST'ed to it... Here's the situation: I'm writing a login page
to
my application, and if they log in incorrectly, I want the page to
redisplay, but I want it to throw out an error message. I'm currently
doing it by
header(Location: login.php?failure=true);
but I'd like to make it transparent. Any ideas?
Thanks,
Ben
You cannot send ANY text or html tag (even a space ) before usin header
function.
If you have to get something displayed.
I suggest to use then :
echo HEADMETA HTTP-EQUIV=\Refresh\ CONTENT=\4;
URL=login.php?failure=true\/HEAD;
Regards,
Jacques
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: HTTP header question.
Quoting Ben Bleything [EMAIL PROTECTED]:
I'm fully aware of that. The issue is not the refreshing (that works
fine)...
Here's a little more detail:
if(!$login)
{
if($failure)
// complain
// show the form
}
else
{
if(user_is_good)
// take them to the next page
else
// complain
}
The //complain in the else section is this:
Unset($login); // so it won't try to authenticate again
$failure = true; // so the form knows to complain
header(Location: login.php);
Okay. So, just to clear things up, I'm not sending anything before
this. This happens IMMEDIATELY after the user clicks on Submit...
What I'm looking for is a way to do this such that the user does not see
anything more than http://host.name.here/rams/login.php in their address
bar when it failed... doing it the way I show above does not work, and
the alternative ( header(Location: login.php?failure=true) ) does not
satisfy my requirement.
So... anybody else?
-
How about using javascript?
For example
form name=loginFailure action=login.php method=POST
input type=hidden name=failure value=true
[...any other data you want...]
/form
script language=Javascript type=text/javascript
!--
document.forms[0].submit()
// or document.forms['loginFailure'].submit();
// --
/script
It's untested, but you get the idea.
Cheers
--
- -- - - -
Philip Murray - [EMAIL PROTECTED]
http://www.open2view.com - Open2View.com
- - -- - -
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: HTTP header question.
What I'm looking for is a way to do this such that the user does not see anything more than http://host.name.here/rams/login.php in their address bar when it failed... Doesn't using a form with its method set to post send the variables through headers? If that's the case, couldn't you manually set those headers yourself using header()? I'm curious about this myself, but so far I've not been able to find any info on the web. Matt -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Re: HTTP header question.
That seems much more complicated than I need.
I understand that the POST operation stores the data from the form in
the message headers... I just need to know which headers, so I can use
that information to write my own... I basically want to make it seem as
if the $failure var was POST'ed back to the page.
I'm having NO luck whatsoever with the HTTP RFC's... too thick =
Thanks,
Ben
-Original Message-
From: Philip Murray [mailto:[EMAIL PROTECTED]]
Sent: Sunday, July 29, 2001 6:06 PM
To: Ben Bleything
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] Re: HTTP header question.
Quoting Ben Bleything [EMAIL PROTECTED]:
I'm fully aware of that. The issue is not the refreshing (that works
fine)...
Here's a little more detail:
if(!$login)
{
if($failure)
// complain
// show the form
}
else
{
if(user_is_good)
// take them to the next page
else
// complain
}
The //complain in the else section is this:
Unset($login); // so it won't try to authenticate again
$failure = true; // so the form knows to complain
header(Location: login.php);
Okay. So, just to clear things up, I'm not sending anything before
this. This happens IMMEDIATELY after the user clicks on Submit...
What I'm looking for is a way to do this such that the user does not
see
anything more than http://host.name.here/rams/login.php in their
address
bar when it failed... doing it the way I show above does not work, and
the alternative ( header(Location: login.php?failure=true) ) does
not
satisfy my requirement.
So... anybody else?
-
How about using javascript?
For example
form name=loginFailure action=login.php method=POST
input type=hidden name=failure value=true
[...any other data you want...]
/form
script language=Javascript type=text/javascript
!--
document.forms[0].submit()
// or document.forms['loginFailure'].submit();
// --
/script
It's untested, but you get the idea.
Cheers
--
- -- - - -
Philip Murray - [EMAIL PROTECTED]
http://www.open2view.com - Open2View.com
- - -- - -
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
