RE: [PHP] 'Code Snippets' you couldn't live without
this is not a code snippet just a class that i have re-used about a 100 times. It is for authenticating users via a passwd file or mysql. Hope it will help someone ... also , if you improve it please email me the changes :) http://mohadib.openactive.org/web_editor/AuthTool.class.php.txt jd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] problem with include()
Hello, I have a login page .. the user types in user and pass then the form gets posted to tiny_edit.php tiny_edit.php checks user and pass then sets a cookie if auth is successful. Then the original login page is included. The login page has logic at the top to check for the auth cookie ... if there, it sends user to home page ... if not it displays the login screen. This works mostly except ... when the user auths ... the cookie gets set ... then the login page is included ... the login page does not see the auth cookie until the user refreshes their browser ... why is this happening? thanks, jd login page ?php $bt = new AuthTool(); if($username = $bt-checkAuth()){ //send to homepage print you are already logged on $username; } ? html head title Tiny Edit Login /title link rel=stylesheet type=text/css href=inc/tiny_edit.css / /head body form action=?php echo $_SERVER['PHP_SELF']; ? method=post table width=240 cellspacing=0 border=0 tr td width=100% class=white align=center bTiny Edit Login/b /td /tr /table table width=240 cellspacing=0 border=0 tr td class=grey width=120 align=centerUser:/tdtd class=grey width=100input type=text name=user/td /tr tr td class=grey width=120 align=centerPass:/tdtd class=grey width=100input type=password name=pass/td /tr /table table width=240 cellspacing=0 border=0 tr td width=100% class=white align=right input type=submit value=Login class=submitstyle /td /tr /table form /body /html tiny_edit.php if(!$_GET['instance'] !$_POST['instance']){ $at = new AuthTool(); if($_POST['user'] $_POST['pass']){ $at-auth($_POST['user'],$_POST['pass']); //this sets cookie if user and pass are correct } include inc/tiny_edit_login.inc.php; } thanks, jd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] problem with include()
On Mon, 2004-11-01 at 16:08, Richard Davey wrote: Hello Jason, Monday, November 1, 2004, 10:34:16 PM, you wrote: JD the login page is included ... the login page does not see the auth JD cookie until the user refreshes their browser ... why is this happening? Cookies (set via setcookie) are not available to you on the same page as you set them. The function is a means to send a special header to the browser that makes it create the cookie when the page loads which, at this point in your script, hasn't happened yet. If you are including the login.php script further down the page then rather than checking for the cookie itself, why not just check for the original value you set the cookie to? Best regards, Richard Davey thanks a lot Richard :) I was just about to email this simple test case ... so even tho you told me the answer I,ll post so someone else might use it i am misunderstanding cookies and/or include() ... please look at this code... sc.php ?php setCookie('data' , 'blah'); include 'gc.php'; ? gc.php ?php print $_COOKIE['data'] . -here; ? this is the out put of running sc.php -here why is this , i want to set a cookie ... then have a include do something with it ... is this not possible to do during the same http transaction? thanks -- http://www.launchcode.co.uk - PHP Development Services I am not young enough to know everything. - Oscar Wilde -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] problem with include()
On Mon, 2004-11-01 at 16:10, Vail, Warren wrote: How did you go to the page that included the login page, if you included it in the tiny_edit.php (which is the routine that sets the cookie in the browser, you need to cause the browser to send it back to you by doing a redirect; Header(Location: tiny_edit.php); Exit; When tiny_edit is entered the second time it should be able to retrieve the cookie. (this is basically what you are doing manually by refreshing the browser). HTH, Warren Vail yeah baby! thas what im talkin bout! thanks a lot :p if(!$_GET['instance'] !$_POST['instance']){ $at = new AuthTool(); if($_POST['user'] $_POST['pass']){ $at-auth($_POST['user'],$_POST['pass']); //set cookie Header(Location: tiny_edit.php); Exit; } include inc/tiny_edit_login.inc.php; } thanks again all, jd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] problem with include()
On Mon, 2004-11-01 at 16:26, Brad Dameron wrote: On Mon, 2004-11-01 at 15:17, Jason Davis wrote: sc.php ?php setCookie('data' , 'blah'); include 'gc.php'; ? gc.php ?php print $_COOKIE['data'] . -here; ? this is the out put of running sc.php -here why is this , i want to set a cookie ... then have a include do something with it ... is this not possible to do during the same http transaction? thanks Your setcookie line is wrong. You have a uppercase C. Which it will think it is a different function. Also with your login page instead of sending them to another page to check auth send them to the same page. Here is a example: if (isset($_GET['user']) $_GET['type'] == submit) { $user = trim($_POST['user']); $pass = trim($_POST['pass']); if ( 1 == $autherror=authenticateUser($user, $pass)){ $_SESSION['app_user'] = $user; $_SESSION['app_pass'] = $pass; error_log (DNS_LOGIN: $user logged in from ip: $ip., 0); header(Location: tiny_edit_login.inc.php); exit; } else { error_log ($user failed on . date(m-d-Y H:i:s) . with password of '$pass' from ip: $ip, 0); } } I return back a 1 if auth successful or a 0 if not. I prefer to use session's with cookies over cookies directly. Brad i like this idea , how then do you go about making sure users are authed on pages other than the login page? here is my plan ... use this object for auth ?php $seed_phrase = 'my_wife_Would_love_it_no_really'; $use_mysql = '0'; // set to one and fill in $mysql_vars else set to 0 and file in $passwdFile var rel or full path $mysql_ip = '1.1.1.1'; $mysql_user = 'nub'; $mysql_pass = 'nubpasswd'; $mysql_db = 'testdb'; $mysql_passwd_key = 'username'; $mysql_passwd_field = 'password'; $mysql_table = 'users'; $passwdFile = '/var/www/web_editor/.htAuthTool'; class AuthTool{ function checkAuth(){ if(empty($_COOKIE['data'])){ return 0; } else{ $data = $_COOKIE['data']; list($username,$hash) = split(,, $data); $phrase1 = md5($username . $seed_phrase . $_SERVER['REMOTE_ADDR']); if(!strcmp($phrase1 , $hash)){ return $username; } else{ return 0; } } } // close checkAuth function cookiePut($user){ $phrase = md5($user . $seed_phrase . $_SERVER['REMOTE_ADDR']); $authData = $user . , . $phrase; setCookie('data' , $authData); }//close cookiePut function auth($user,$pass){ $pass = md5($pass); if($use_mysql){ $query = select $mysql_passwd_field from $mysql_table where $mysql_passwd_key = '$user'; $result = $this-sqlQuery($query); if(!$result){ echo Error:No sql result; } else{ list($thePass) = mysql_fetch_array($result); //this line might not work , test with mysql later if(!strcmp($thePass , $pass)){ $this-cookiePut($user); return $user; } } return 0; } else{ global $passwdFile; if($passwd_file = file($passwdFile)){ foreach($passwd_file as $line){ list($username,$passwd,$groups) = split(: , $line); if(!strcmp($username , $user)){ if(!strcmp(rtrim($pass) ,rtrim($passwd))){ $this-cookiePut($user); return $user; } } } } else{ return Error:No passwd file.; } return 0; } }//close auth function sqlQuery($theQuery){ $db = mysql_connect($mysql_ip,$mysql_user,$mysql_pass) or die(Could not connect to database); mysql_select_db($mysql_db) or die(Could not select database); $result
[PHP] gpg/php problems ....
the code below encrypts a phrase using gpg and sends out via email ... i get the data ok ... but my mail client does not show it ... if i view email sorce i can see the encrypted message ... what am i doing wrong? thanks, jd $username = mohadib; $pgp=/usr/bin/gpg; $user=Zend Commerce [EMAIL PROTECTED]; $recp=[EMAIL PROTECTED]; //$data=$oneOrder; $command = 'echo hello word | '.$pgp.' -a --always-trust --batch --no-secmem-warning -e -u '.$user.' -r '.$recp.''; $oldhome = getEnv(HOME); putenv(HOME=/home/$username); $result = exec($command, $encrypted, $errorcode); putenv(HOME=$oldhome); $subject=Test message; $headers = MIME-Version: 1.0\r\n; $headers .= Content-Type: multipart/encrypted; protocol=\application/pgp-encrypted\; boundary=\=-uc4rTrDFZtVQGtcexwyv\\r\n; $message = --=-uc4rTrDFZtVQGtcexwyv Content-Type: application/pgp-encrypted Content-Transfer-Encoding: 7bit Version: 1 --=-uc4rTrDFZtVQGtcexwyv Content-Type: application/octet-stream; name=encrypted.asc Content-Transfer-Encoding: 7bit\n\n; $message .= implode(\n, $encrypted); $message .= \n\n--=-uc4rTrDFZtVQGtcexwyv--; mail($recp,$subject,$message,$headers); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php