Re: [PHP] Re: JavaScript vs. Header redirect
Hi there!, I've looked over this thread and from what I gather you want to know if you can/should use JavaScript for redirecting, my usual way of going about things is to put a JavaScript location.href='page.aspx' call in the head of the document (putting JS in the head causes it to execute before the page is rendered, or should at any rate), and then I use a meta refresh tag as my backup, set for 3 seconds. That usually covers everything, it stops spiders (google has a strong dislike of meta refresh), it redirects JS users transparently, it's almost instantaneous for the paranoid-shouldn't-be-let-out-of-the-ward non JS people, and it's easy to code. Plus it works in any server side scripting language, as it's all client-side code. Just my $0.02, Dw. Sqlcoders.com Dynamic data driven web solutions - Original Message - From: "Hunter Vaughn" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: May 22 2002 11:19 AM Subject: [PHP] Re: JavaScript vs. Header redirect > Okay, looks like I was stupid/lazy for including the pseudo code instead of > something closer to what I was using. Also, perhaps I'm being dense, but I > don't understand what Michael's response has to do with this situation. Can > he or someone else enlighten me? Here's a more accurate/detailed > description of what's going on, complete with the exact code (minus > sensitive info) that I'm using: > > The chunk of code in question is a login handler. It's supposed to collect > two form fields named username and password from the Post method variables. > Then it's supposed to check the password against an encrypted version stored > in a database (I didn't include the database variables/code in the example > below). If it matches, it's supposed to redirect them to a page where they > can perform administrative functions. In the course of debugging it, I found > that the header("Location: ...") command worked perfectly until I called on > the $_POST or $HTTP_POST_VARS arrays (which seem to be synonymous). If I > removed the calls to the arrays, it worked fine. I looked through the > comments on the header function on www.php.net and through some of the > previous questions posted in the news group, and it seems like others have > experienced this problem as well. However, the most common situation noted > was that it broke as soon as they called a function. I guess I'm calling a > function implicitly when I ask for the $_POST variables. The most obvious > way I can see around this is simply to cause the client to redirect using > JavaScript. Of course, the downside to this is that the user may have > disabled scripting, but I'm working in a pretty closed environment, so I > think I can avoid that contingency. I'm using 4.1.2 as a cgi in a UNIX > environment w/ MySQL 3.22.x. > --Hunter Vaughn > > > $Host = "___"; >$User = "___"; >$Pass = "___"; >$dbName = "___"; >$username = $_POST[username]; >$password = $_POST[password]; > >$Link = mysql_connect($Host, $User, $Pass) or die ("Could not connect to > the database."); >mysql_select_db($dbName); > >if((ereg(".+@.+\..+", $username)) && (eregi("^[[:alnum:]]{8,16}$", > $password))) { > > $Query = "SELECT email, memberID, pass FROM Login where > email='$username'"; > $Result = mysql_query($Query); > $Row = @mysql_fetch_array($Result); > if((crypt($password, $Row[pass])) == $Row[pass]) { > session_start(); > $email = $Row[0]; > $memberID = $Row[1]; > session_register('email'); > session_register('memberID'); > //header("Location: http://some.domain.com/PHP/update.php";); > This doesn't work... > print("window.location = > \"<A HREF="http://some.domain.com/PHP/update.php\"">http://some.domain.com/PHP/update.php\"</A>;;"); > exit; > } > else { > $message = urlencode("The username and password submitted do not > match those on file. Please try again."); > } >} >else { > $message = urlencode("Please enter your username and password to log > in."); >} >print("window.location = > \"<A HREF="http://some.domain.com/HTML/letsboogie22.html\"">http://some.domain.com/HTML/letsboogie22.html\"</A>;;"); >exit; > ?> > > "Hunter Vaughn" <[EMAIL PROTECTED]> wrote in message > [EMA
[PHP] Re: JavaScript vs. Header redirect
Okay, looks like I was stupid/lazy for including the pseudo code instead of something closer to what I was using. Also, perhaps I'm being dense, but I don't understand what Michael's response has to do with this situation. Can he or someone else enlighten me? Here's a more accurate/detailed description of what's going on, complete with the exact code (minus sensitive info) that I'm using: The chunk of code in question is a login handler. It's supposed to collect two form fields named username and password from the Post method variables. Then it's supposed to check the password against an encrypted version stored in a database (I didn't include the database variables/code in the example below). If it matches, it's supposed to redirect them to a page where they can perform administrative functions. In the course of debugging it, I found that the header("Location: ...") command worked perfectly until I called on the $_POST or $HTTP_POST_VARS arrays (which seem to be synonymous). If I removed the calls to the arrays, it worked fine. I looked through the comments on the header function on www.php.net and through some of the previous questions posted in the news group, and it seems like others have experienced this problem as well. However, the most common situation noted was that it broke as soon as they called a function. I guess I'm calling a function implicitly when I ask for the $_POST variables. The most obvious way I can see around this is simply to cause the client to redirect using JavaScript. Of course, the downside to this is that the user may have disabled scripting, but I'm working in a pretty closed environment, so I think I can avoid that contingency. I'm using 4.1.2 as a cgi in a UNIX environment w/ MySQL 3.22.x. --Hunter Vaughn http://some.domain.com/PHP/update.php";); This doesn't work... print("window.location = \"http://some.domain.com/PHP/update.php\";;"); exit; } else { $message = urlencode("The username and password submitted do not match those on file. Please try again."); } } else { $message = urlencode("Please enter your username and password to log in."); } print("window.location = \"http://some.domain.com/HTML/letsboogie22.html\";;"); exit; ?> "Hunter Vaughn" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Is there any reason I can't just use a JavaScript redirect from a PHP login > handling script since I can't seem to get the header("Location: URL"); > function to work? Any security concerns or anything else? As far as I can > tell, all calls to header fail as soon as I attain variables based on a POST > submission. See example below. > > $username = $_POST[username]; > $password = $_POST[password]; > > if(some username/password format verification) { > query the database > if($password matches pass in database) { > session_start(); > $email = $Row[0]; > $memberID = $Row[1]; > session_register('email'); > session_register('memberID'); > //header("Location: URL");This doesn't work. > print("window.location = > \"http://depts.washington.edu/bionano/HTML/letsboogie22.html\";;"); > exit; > } > else { > print("That didn't work..."); > } > } > else { > print("Please enter your username & password."); > } > ?> > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: JavaScript vs. Header redirect
note: you should use $array["test"] if test is a string and $array[test] if test is a constant. do not use $array[test] if you mean the string "test". $array[test] will also work, if "test" is a string. Php then tries to look for a constant with name "test", won't find one and evaluate "test" as string. But as soon as you define a constant with the name "test", it won't work as expected: $array = array(); $array["test"] = "hello"; define("test", "thetest"); $array[test] = "bye"; print_r($array); will output: Array ( [test] => hello [thetest] => bye ) This could also happen if the php dev team decides to set a constant with the name "test". Therefore always use "" for string-keys in arrays. Regards Michael "Hunter Vaughn" <[EMAIL PROTECTED]> schrieb im Newsbeitrag [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Is there any reason I can't just use a JavaScript redirect from a PHP login > handling script since I can't seem to get the header("Location: URL"); > function to work? Any security concerns or anything else? As far as I can > tell, all calls to header fail as soon as I attain variables based on a POST > submission. See example below. > > $username = $_POST[username]; > $password = $_POST[password]; > > if(some username/password format verification) { > query the database > if($password matches pass in database) { > session_start(); > $email = $Row[0]; > $memberID = $Row[1]; > session_register('email'); > session_register('memberID'); > //header("Location: URL");This doesn't work. > print("window.location = > \"http://depts.washington.edu/bionano/HTML/letsboogie22.html\";;"); > exit; > } > else { > print("That didn't work..."); > } > } > else { > print("Please enter your username & password."); > } > ?> > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php