Re: [PHP] Sessions and Query String Variable Handling
Thanks for your assistance... I found three small errors that caused me
the problem.
1. I had an extra line or space in my include file that defines all my
functions after the '?>'
2. I didn't realize that session_start returns an output. I assigned a
variable to it.
3. I needed to passed the REQUEST_URI string in a hidden variable within my
login form.
Voila!!! Everything worked fine.
I just wasn't seeing it yesterday. I was just too close to the code...
- Original Message -
From: "John Holmes" <[EMAIL PROTECTED]>
To: "'Dennis Moore'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Saturday, April 27, 2002 11:33 PM
Subject: RE: [PHP] Sessions and Query String Variable Handling
> Not for server side. You can use a META REFRESH on the client side, but
> I personally find that ugly.
>
> This is why I always write my functions so that they don't output
> anything. They just assign the output to a variable and return it. That
> way, I can call the function anywhere, save the result, and just echo
> that variable where ever I need to.
>
> ---John Holmes...
>
> > -Original Message-
> > From: Dennis Moore [mailto:[EMAIL PROTECTED]]
> > Sent: Saturday, April 27, 2002 5:24 PM
> > To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> > Subject: Re: [PHP] Sessions and Query String Variable Handling
> >
> > Thanks,
> >
> > Is there any way of doing this without using the header() to redirect?
> I
> > have some functions that get executed before the sessions stuff. I
> am
> > trying to avoid using output buffering or re-writing my code.
> >
> > /dkm
> >
> >
> >
> >
> > - Original Message -
> > From: "John Holmes" <[EMAIL PROTECTED]>
> > To: "'Dennis Moore'" <[EMAIL PROTECTED]>;
> <[EMAIL PROTECTED]>
> > Sent: Saturday, April 27, 2002 8:49 PM
> > Subject: RE: [PHP] Sessions and Query String Variable Handling
> >
> >
> > > $page = $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"] .
> > > $_SERVER["QUERY_STRING"];
> > >
> > > That will recreate the URL that the user clicked on. Save that to a
> > > variable before you check for a session. Once you start a session or
> > > verify that one exists, use header() to send them back to that page.
> > >
> > > ---John Holmes.
> > >
> > > -Original Message-
> > > From: Dennis Moore [mailto:[EMAIL PROTECTED]]
> > > Sent: Saturday, April 27, 2002 2:37 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: [PHP] Sessions and Query String Variable Handling
> > >
> > > Env: Apache 1.3.x/php4.0.6/mysql3.23.x
> > >
> > > Scenario: I have built a system that uses PHP sessions for user
> access.
> > > Within the system I send user notifications via email. Within the
> > > email are links to certain pages with variables. For example.
> > >
> > > http://mysite.com/view_page.htm?id=6
> > >
> > > My system checks to see if the session is valid. Since the user is
> > > coming from an email. There is no session. So the user is prompted
> for
> > > the user and password. They enter and click submit. The
> authentication
> > > passes the user to right page, but losses the variables in the query
> > > string. Thus causing errors.
> > >
> > > Here is the authentication code...
> > > set session settings from login form
> > > if (!session_is_registered("valid_user") && $session_login=="proc")
> {
> > > if ($userid && $password) {
> > > // if the user has just tried to log in
> > >
> > > $db_conn = mysql_connect("localhost");
> > > mysql_select_db("$dbname", $db_conn);
> > > $query = "select * from auth_users "
> > >."where auth_username='$userid' "
> > >." and auth_password='$password' ";
> > > $result = mysql_query($query, $db_conn);
> > > if (mysql_num_rows($result) >0 ) {
> > > // if they are in the database register the user id
> > > $valid_user = $userid;
> > > $valid_group=mysql_result($result,0,"auth_group");
> > >$valid_perms=mysql_result($result,0,"auth_perms");
> > >$valid_auth_id=mysql_result($result,0,"auth_id");
> > > session_register("valid_user");
> > >session_register("valid_group");
> > >session_register("valid_perms");
> > >session_register("valid_auth_id");
> > > } else {
> > >$invalid_login= "Invalid login: Could not log you in...
> > >";
> > > }
> > > }
> > > }
> > >
> > > Any Ideas on how to pass the query string variables through the
> > > authentication process?
> > >
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions and Query String Variable Handling
Not for server side. You can use a META REFRESH on the client side, but
I personally find that ugly.
This is why I always write my functions so that they don't output
anything. They just assign the output to a variable and return it. That
way, I can call the function anywhere, save the result, and just echo
that variable where ever I need to.
---John Holmes...
> -Original Message-
> From: Dennis Moore [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, April 27, 2002 5:24 PM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: [PHP] Sessions and Query String Variable Handling
>
> Thanks,
>
> Is there any way of doing this without using the header() to redirect?
I
> have some functions that get executed before the sessions stuff. I
am
> trying to avoid using output buffering or re-writing my code.
>
> /dkm
>
>
>
>
> - Original Message -
> From: "John Holmes" <[EMAIL PROTECTED]>
> To: "'Dennis Moore'" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
> Sent: Saturday, April 27, 2002 8:49 PM
> Subject: RE: [PHP] Sessions and Query String Variable Handling
>
>
> > $page = $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"] .
> > $_SERVER["QUERY_STRING"];
> >
> > That will recreate the URL that the user clicked on. Save that to a
> > variable before you check for a session. Once you start a session or
> > verify that one exists, use header() to send them back to that page.
> >
> > ---John Holmes.
> >
> > -Original Message-
> > From: Dennis Moore [mailto:[EMAIL PROTECTED]]
> > Sent: Saturday, April 27, 2002 2:37 PM
> > To: [EMAIL PROTECTED]
> > Subject: [PHP] Sessions and Query String Variable Handling
> >
> > Env: Apache 1.3.x/php4.0.6/mysql3.23.x
> >
> > Scenario: I have built a system that uses PHP sessions for user
access.
> > Within the system I send user notifications via email. Within the
> > email are links to certain pages with variables. For example.
> >
> > http://mysite.com/view_page.htm?id=6
> >
> > My system checks to see if the session is valid. Since the user is
> > coming from an email. There is no session. So the user is prompted
for
> > the user and password. They enter and click submit. The
authentication
> > passes the user to right page, but losses the variables in the query
> > string. Thus causing errors.
> >
> > Here is the authentication code...
> > set session settings from login form
> > if (!session_is_registered("valid_user") && $session_login=="proc")
{
> > if ($userid && $password) {
> > // if the user has just tried to log in
> >
> > $db_conn = mysql_connect("localhost");
> > mysql_select_db("$dbname", $db_conn);
> > $query = "select * from auth_users "
> >."where auth_username='$userid' "
> >." and auth_password='$password' ";
> > $result = mysql_query($query, $db_conn);
> > if (mysql_num_rows($result) >0 ) {
> > // if they are in the database register the user id
> > $valid_user = $userid;
> > $valid_group=mysql_result($result,0,"auth_group");
> >$valid_perms=mysql_result($result,0,"auth_perms");
> >$valid_auth_id=mysql_result($result,0,"auth_id");
> > session_register("valid_user");
> >session_register("valid_group");
> >session_register("valid_perms");
> >session_register("valid_auth_id");
> > } else {
> >$invalid_login= "Invalid login: Could not log you in...
> >";
> > }
> > }
> > }
> >
> > Any Ideas on how to pass the query string variables through the
> > authentication process?
> >
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions and Query String Variable Handling
Thanks,
Is there any way of doing this without using the header() to redirect? I
have some functions that get executed before the sessions stuff. I am
trying to avoid using output buffering or re-writing my code.
/dkm
- Original Message -
From: "John Holmes" <[EMAIL PROTECTED]>
To: "'Dennis Moore'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Saturday, April 27, 2002 8:49 PM
Subject: RE: [PHP] Sessions and Query String Variable Handling
> $page = $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"] .
> $_SERVER["QUERY_STRING"];
>
> That will recreate the URL that the user clicked on. Save that to a
> variable before you check for a session. Once you start a session or
> verify that one exists, use header() to send them back to that page.
>
> ---John Holmes.
>
> -Original Message-
> From: Dennis Moore [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, April 27, 2002 2:37 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Sessions and Query String Variable Handling
>
> Env: Apache 1.3.x/php4.0.6/mysql3.23.x
>
> Scenario: I have built a system that uses PHP sessions for user access.
> Within the system I send user notifications via email. Within the
> email are links to certain pages with variables. For example.
>
> http://mysite.com/view_page.htm?id=6
>
> My system checks to see if the session is valid. Since the user is
> coming from an email. There is no session. So the user is prompted for
> the user and password. They enter and click submit. The authentication
> passes the user to right page, but losses the variables in the query
> string. Thus causing errors.
>
> Here is the authentication code...
> set session settings from login form
> if (!session_is_registered("valid_user") && $session_login=="proc") {
> if ($userid && $password) {
> // if the user has just tried to log in
>
> $db_conn = mysql_connect("localhost");
> mysql_select_db("$dbname", $db_conn);
> $query = "select * from auth_users "
>."where auth_username='$userid' "
>." and auth_password='$password' ";
> $result = mysql_query($query, $db_conn);
> if (mysql_num_rows($result) >0 ) {
> // if they are in the database register the user id
> $valid_user = $userid;
> $valid_group=mysql_result($result,0,"auth_group");
>$valid_perms=mysql_result($result,0,"auth_perms");
>$valid_auth_id=mysql_result($result,0,"auth_id");
> session_register("valid_user");
>session_register("valid_group");
>session_register("valid_perms");
>session_register("valid_auth_id");
> } else {
>$invalid_login= "Invalid login: Could not log you in...
>";
> }
> }
> }
>
> Any Ideas on how to pass the query string variables through the
> authentication process?
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Sessions and Query String Variable Handling
You can also use
$page = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
- Original Message -
From: "John Holmes" <[EMAIL PROTECTED]>
To: "'Dennis Moore'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Saturday, April 27, 2002 8:49 PM
Subject: RE: [PHP] Sessions and Query String Variable Handling
> $page = $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"] .
> $_SERVER["QUERY_STRING"];
>
> That will recreate the URL that the user clicked on. Save that to a
> variable before you check for a session. Once you start a session or
> verify that one exists, use header() to send them back to that page.
>
> ---John Holmes.
>
> -Original Message-
> From: Dennis Moore [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, April 27, 2002 2:37 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Sessions and Query String Variable Handling
>
> Env: Apache 1.3.x/php4.0.6/mysql3.23.x
>
> Scenario: I have built a system that uses PHP sessions for user access.
> Within the system I send user notifications via email. Within the
> email are links to certain pages with variables. For example.
>
> http://mysite.com/view_page.htm?id=6
>
> My system checks to see if the session is valid. Since the user is
> coming from an email. There is no session. So the user is prompted for
> the user and password. They enter and click submit. The authentication
> passes the user to right page, but losses the variables in the query
> string. Thus causing errors.
>
> Here is the authentication code...
> set session settings from login form
> if (!session_is_registered("valid_user") && $session_login=="proc") {
> if ($userid && $password) {
> // if the user has just tried to log in
>
> $db_conn = mysql_connect("localhost");
> mysql_select_db("$dbname", $db_conn);
> $query = "select * from auth_users "
>."where auth_username='$userid' "
>." and auth_password='$password' ";
> $result = mysql_query($query, $db_conn);
> if (mysql_num_rows($result) >0 ) {
> // if they are in the database register the user id
> $valid_user = $userid;
> $valid_group=mysql_result($result,0,"auth_group");
>$valid_perms=mysql_result($result,0,"auth_perms");
>$valid_auth_id=mysql_result($result,0,"auth_id");
> session_register("valid_user");
>session_register("valid_group");
>session_register("valid_perms");
>session_register("valid_auth_id");
> } else {
>$invalid_login= "Invalid login: Could not log you in...
>";
> }
> }
> }
>
> Any Ideas on how to pass the query string variables through the
> authentication process?
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions and Query String Variable Handling
You'll have to add an http:// to that string, too.
---John Holmes...
> -Original Message-
> From: John Holmes [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, April 27, 2002 5:50 PM
> To: 'Dennis Moore'; [EMAIL PROTECTED]
> Subject: RE: [PHP] Sessions and Query String Variable Handling
>
> $page = $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"] .
> $_SERVER["QUERY_STRING"];
>
> That will recreate the URL that the user clicked on. Save that to a
> variable before you check for a session. Once you start a session or
> verify that one exists, use header() to send them back to that page.
>
> ---John Holmes.
>
> -Original Message-
> From: Dennis Moore [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, April 27, 2002 2:37 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Sessions and Query String Variable Handling
>
> Env: Apache 1.3.x/php4.0.6/mysql3.23.x
>
> Scenario: I have built a system that uses PHP sessions for user
access.
> Within the system I send user notifications via email. Within the
> email are links to certain pages with variables. For example.
>
> http://mysite.com/view_page.htm?id=6
>
> My system checks to see if the session is valid. Since the user is
> coming from an email. There is no session. So the user is prompted
for
> the user and password. They enter and click submit. The
authentication
> passes the user to right page, but losses the variables in the query
> string. Thus causing errors.
>
> Here is the authentication code...
> set session settings from login form
> if (!session_is_registered("valid_user") && $session_login=="proc") {
> if ($userid && $password) {
> // if the user has just tried to log in
>
> $db_conn = mysql_connect("localhost");
> mysql_select_db("$dbname", $db_conn);
> $query = "select * from auth_users "
>."where auth_username='$userid' "
>." and auth_password='$password' ";
> $result = mysql_query($query, $db_conn);
> if (mysql_num_rows($result) >0 ) {
> // if they are in the database register the user id
> $valid_user = $userid;
> $valid_group=mysql_result($result,0,"auth_group");
>$valid_perms=mysql_result($result,0,"auth_perms");
>$valid_auth_id=mysql_result($result,0,"auth_id");
> session_register("valid_user");
>session_register("valid_group");
>session_register("valid_perms");
>session_register("valid_auth_id");
> } else {
>$invalid_login= "Invalid login: Could not log you in...
>";
> }
> }
> }
>
> Any Ideas on how to pass the query string variables through the
> authentication process?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Sessions and Query String Variable Handling
$page = $_SERVER["SERVER_NAME"] . $_SERVER["SCRIPT_NAME"] .
$_SERVER["QUERY_STRING"];
That will recreate the URL that the user clicked on. Save that to a
variable before you check for a session. Once you start a session or
verify that one exists, use header() to send them back to that page.
---John Holmes.
-Original Message-
From: Dennis Moore [mailto:[EMAIL PROTECTED]]
Sent: Saturday, April 27, 2002 2:37 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Sessions and Query String Variable Handling
Env: Apache 1.3.x/php4.0.6/mysql3.23.x
Scenario: I have built a system that uses PHP sessions for user access.
Within the system I send user notifications via email. Within the
email are links to certain pages with variables. For example.
http://mysite.com/view_page.htm?id=6
My system checks to see if the session is valid. Since the user is
coming from an email. There is no session. So the user is prompted for
the user and password. They enter and click submit. The authentication
passes the user to right page, but losses the variables in the query
string. Thus causing errors.
Here is the authentication code...
set session settings from login form
if (!session_is_registered("valid_user") && $session_login=="proc") {
if ($userid && $password) {
// if the user has just tried to log in
$db_conn = mysql_connect("localhost");
mysql_select_db("$dbname", $db_conn);
$query = "select * from auth_users "
."where auth_username='$userid' "
." and auth_password='$password' ";
$result = mysql_query($query, $db_conn);
if (mysql_num_rows($result) >0 ) {
// if they are in the database register the user id
$valid_user = $userid;
$valid_group=mysql_result($result,0,"auth_group");
$valid_perms=mysql_result($result,0,"auth_perms");
$valid_auth_id=mysql_result($result,0,"auth_id");
session_register("valid_user");
session_register("valid_group");
session_register("valid_perms");
session_register("valid_auth_id");
} else {
$invalid_login= "Invalid login: Could not log you in...
";
}
}
}
Any Ideas on how to pass the query string variables through the
authentication process?
