[PHP] Re: Redirection after login with security
Adam Hubscher [EMAIL PROTECTED] writes: Problem: I would like to possibly utilize a login system (created on the remote server), that would then check their username and password against the CMS database located there, then redirect with that information (encrypted of course), to the local site where the information gets stored in a session. Then when they go to create a new account, it stores the extra verfied information into the database. However, the issue at hand here is, I'm not sure how secure it would be if I were to say, create a secure login form, verify the data... and then create another pseudo form that directs the person to the local-based site using hidden post variables (this is my original thought on the subject). Is there another way I could go about doing this (ie, a way that I could identify a user that is almost assuredly never going to change) or is there a more secure way? Or, am I on the right track? Maybe instead of passing the password, you can create a unique sessionid for the user. The userid+the sessionid can then be stored in a database and you pass the sessionid ahead instead of passing the password. On the other end, you can check if the userid and the sessionid that you have received has been authenticated or not. (This assumes that the database in which you kept the sessionid is accessible to both the sides). You will also need to store the timestamp of when the sessionid was created and discard old sessionids. -- Raj Shekhar Y! : Operations Engineer MySQL DBA, programmer and slacker Y!IM : lunatech3007 home : http://rajshekhar.net blog : http://rajshekhar.net/blog/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: redirection with PHP and closing windows?
Andre wrote: I want to be able to process a PHP script and then if successful redirect to another page. Is there a good way to do this with PHP or do I need to stick to Javascript? You should check out the header() function. http://www.php.net/header There are some common pitfalls with this, most notably you can't use the header() function in a page if there is any html output before header(). This includes an empty line before your ?php tag, so be careful. Also, is it possible to close a window that is running a .PHP page via a link or again, just stuck with Javascript? I don't know of anything in PHP that will close a window... but I would be interested to know if anyone else has done this! I'm pretty sure that JS is the only way to do this. TIA!! Andre -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Redirection to a named frame
I would prefer not having to use script - is there not a way to handle this
by modifying the header? Something similar to the example I found in the
O'Reilly book - except which works? :)
Martin Helie [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
How about simply:
echo
SCRIPT
window.top.main.location= 'http://localhost/phase1/report.php'';
/SCRIPT;
?
Geoffrey Thompson [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I was only able to find one reference to targeting a named frame on a
redirection, in the MySQL Cookbook by O'Reilly. According to the
book,
this should work:
header('Window-target: main');
header('Location: http://localhost/phase1/report.php');
But, alas, it seems to only load up the current frame (which is not
main).
I also tried:
header('Window-target: _top');
header('Location: http://localhost/phase1/report.php');
to see if I could get it to wipe out the frameset and get back to the
full
window, but it still loaded up in the current frame.
Any help would be appreciated!
Thanks,
Geoff
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Redirection to a named frame
BTW - I misquoted - the example below was in the PHP Cookbook (page 173) -
not in the MySQL Cookbook - my apologies...
Geoffrey Thompson [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I would prefer not having to use script - is there not a way to handle
this
by modifying the header? Something similar to the example I found in the
O'Reilly book - except which works? :)
Martin Helie [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
How about simply:
echo
SCRIPT
window.top.main.location= 'http://localhost/phase1/report.php'';
/SCRIPT;
?
Geoffrey Thompson [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I was only able to find one reference to targeting a named frame on a
redirection, in the MySQL Cookbook by O'Reilly. According to the
book,
this should work:
header('Window-target: main');
header('Location: http://localhost/phase1/report.php');
But, alas, it seems to only load up the current frame (which is not
main).
I also tried:
header('Window-target: _top');
header('Location: http://localhost/phase1/report.php');
to see if I could get it to wipe out the frameset and get back to the
full
window, but it still loaded up in the current frame.
Any help would be appreciated!
Thanks,
Geoff
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Redirection to a named frame
How about simply:
echo
SCRIPT
window.top.main.location= 'http://localhost/phase1/report.php'';
/SCRIPT;
?
Geoffrey Thompson [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
I was only able to find one reference to targeting a named frame on a
redirection, in the MySQL Cookbook by O'Reilly. According to the book,
this should work:
header('Window-target: main');
header('Location: http://localhost/phase1/report.php');
But, alas, it seems to only load up the current frame (which is not main).
I also tried:
header('Window-target: _top');
header('Location: http://localhost/phase1/report.php');
to see if I could get it to wipe out the frameset and get back to the full
window, but it still loaded up in the current frame.
Any help would be appreciated!
Thanks,
Geoff
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Redirection Question (I spoke to soon)
Finally, Thanks to all that tried to help, but I found part of the problem - sort of. In the file that I am trying to redirect to I have a form with the line: FORM onSubmit=return checkrequired(this) ACTION=season-write.php action=post name=testing It appears this line was corrupt somehow. CR/LF in your files brought over from MSWindows? After I rewrote the line from scratch it solved the problem of my paths being screwed up - why - I have no idea. Maybe it had some weird control characters or something that was screwing things up. However, there is still a problem with the header function - it still will not redirect. So did you check for things like CR/LF? -- Joel Rees, programmer, Kansai Systems Group Altech Corporation (Alpsgiken), Osaka, Japan http://www.alpsgiken.co.jp -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Redirection Question (I spoke to soon)
on 7/24/03 8:13 PM, Beauford.2005 at [EMAIL PROTECTED] wrote: FORM onSubmit=return checkrequired(this) ACTION=season-write.php action=post name=testing someone else already raised this issue and it doesn't look like you caught it: you have two actions in your form (the second should probably read method=post), e.g., form name=testing method=post action=season-write.php onSubmit=return checkrequired(this); is your form even submitting to season-write.php? the other potential issue is that you mentioned your redirect function is within an external include file. since you moved the code from one server to another, make sure that the include file is in the correct path since the paths may be different on the new server. you could test by doing some debugging such as require(/path/to/include_file) or die(could not find include file); brian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Redirection Question (I spoke to soon)
Hi Curt,
I'm confused..
quote
With $_SESSION, there is no need to use the session_register(),
session_unregister(), session_is_registered() functions. Session
variables are accessible like any other variables.
/quote
I'm using
session_start();
session_register('username');
$_SESSION['username'] = $row['username'];
session_register('user_id');
$_SESSION['user_id'] = $row['user_id'];
session_register('access_level');
$_SESSION['access_level'] = $row['access_level'];
and checking if user is authenticated using
if ( session_is_registered('user_id') )
{
return true;
}
else
{
return false;
}
Am I in error? (I'm trying to code using register_globals=off)
Cheers,
Mun Heng, Ow
H/M Engineering
Western Digital M'sia
DID : 03-7870 5168
-Original Message-
From: Curt Zirzow [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 12:20 PM
To: PHP
Subject: Re: [PHP] Re: Redirection Question (I spoke to soon)
* Thus wrote Beauford.2005 ([EMAIL PROTECTED]):
Sorry all, apparently this doesn't work on either Windows or Linux.
Again, I thought it was working and once I got farther along I see that
it really wasn't. Basically what I get after I login is an empty screen.
Here is what I have :
This is the script that runs to see if the user is logged in.
session_start();
if(!$_SESSION['logged']) {
session_register('goto');
$_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .
$_SERVER['REQUEST_URI'];
$url = http://www.mysite.org/login/login.php;;
header(Location: $url);
}
The above works and redirects me to the login page and has the right
referring page as shown below.
goto|s:59:http://www.mysite.org/setup/inputs.php;;
This is in my login.php script. After I verify the user login is
correct, this piece of code is executed.
session_start();
session_register('logged');
session_register('user');
You don't need those two lines, they are only needed if ini.register_globals
is on and you want the variables $logged and $user to automatically be
sessioned as:
$_SESSION['logged']
$_SESSION['user']
quote
With $_SESSION, there is no need to use the session_register(),
session_unregister(), session_is_registered() functions. Session
variables are accessible like any other variables.
/quote
I think this is were your problem is.
Also what php version?
quote CAUTION
If you are using $_SESSION and disable register_globals, do not use
session_register(), session_is_registered() and session_unregister(), if
your scripts shall work in PHP 4.2 and earlier. You can use these
functions in 4.3 and later.
/quote
Hmm.. After looking at the session_* documentation there are CAUTIONS
all over the place.. The all seem to say dont use sesion_register,
unregister, and is_registered when your using $_SESSION;
$_SESSION['logged'] = True;
$_SESSION['user'] = $row['user'];
$target = Location: . $_SESSION['goto'];
session_unregister('goto');
Use: unset($_SESSION['goto']);
header($target);
what does echo($target) yeild?
What I get after this is a blank page. The user has been logged in and
shows in the session file, but it just isn't redirecting.
HTH,
Curt
--
I used to think I was indecisive, but now I'm not so sure.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Redirection Question (I spoke to soon)
-Original Message-
From: Ow Mun Heng [mailto:[EMAIL PROTECTED]
Sent: 23 July 2003 11:37
I'm confused..
quote
With $_SESSION, there is no need to use the session_register(),
session_unregister(), session_is_registered() functions. Session
variables are accessible like any other variables.
/quote
I'm using
session_start();
session_register('username');
$_SESSION['username'] = $row['username'];
session_register('user_id');
$_SESSION['user_id'] = $row['user_id'];
session_register('access_level');
$_SESSION['access_level'] = $row['access_level'];
and checking if user is authenticated using
if ( session_is_registered('user_id') )
{
return true;
}
else
{
return false;
}
Am I in error? (I'm trying to code using register_globals=off)
Yes.
If you use only the $_SESSION array to set/get the values of your session
variables, you do not need (and, in some versions of PHP, MUST NOT use)
session_register() or any of its friends.
The proper coding for what you are doing above is:
session_start();
$_SESSION['username'] = $row['username'];
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['access_level'] = $row['access_level'];
and
if (isset($_SESSION['user_id']) )
{
return true;
}
else
{
return false;
}
(or even just
return isset($_SESSION['user_id']);
! ;)
Cheers!
Mike
-
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Beckett Park, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Redirection Question (I spoke to soon)
* Thus wrote Ow Mun Heng ([EMAIL PROTECTED]):
Hi Curt,
I'm confused..
I'll try to clear this up for you. I'm going to see if I can get the
documentation on the web site fixed also. It is rather confusing.
There appears to be two ways to do sessions:
'---
Style 1 (discuraged use):
'---
session_start(); // start the session
session_register('var'); // register global $var as session var
$var = $row['var']; // assign global $var a value
// now the session will save the value
// that is inside $var as long as its global
// scoped
// check to see if $var is registered with the session handler
if ( session_is_registered('var') ) {
// session is registered but doesn't gaurentee
// that a value is inside of it.
// so check to see if there is a value
if (isset($var)) {
// yes we have a value
} else {
// no value assigned
}
} else {
// session variable $var is not registered so the
// variable $var will not be saved in the session
}
session_unregister('var'); // Now var will not be saved in the
// session
'---
Style 2 (prefered method):
'---
session_start();// start the session
$_SESSION['var'] = $row['var']; // set the session value
// any time you need to access this
// value you need to reference it
// through $_SESSION['var']
// check to see if session 'var' is in the session
if(isset($_SESSION['var']) ) {
// yes, so pull it out and do stuff
$var = $_SESSION['var'];
// do stuff...
} else {
// no, there is no $_SESSION['var']
// and will not be saved in session.
}
unset($SESSION['var']); // Now var will not be saved in the
// session
HTH,
Curt
--
I used to think I was indecisive, but now I'm not so sure.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Redirection Question (I spoke to soon)
On Thursday 24 July 2003 11:37, Beauford.2005 wrote: I found one of my problems and also implemented your suggestions, and still the same thing. It will not redirect. The problem I found is that $_SERVER['SERVER_NAME'] does not include the port number. On my Win PC I am using port 800. So I changed this line to: $_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .:800 . $_SERVER['REQUEST_URI']; If I take the output from that and put it into my browser is works just fine, but it will not work in the script. [snip] header(Location: . $_SESSION['goto']); If I echo $_SESSION['goto'] right after session_start() it shows exactly what it should be. So I am at a loss. Have you checked your error logs? You should always, ALWAYS have error reporting on full, and check for errors. It could be that you're getting an headers already sent sent error. Does it work if you have a single line script: header(Location: whatever_$_SESSION['goto']_is_supposed_to_be); -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* But Officer, I stopped for the last one, and it was green! */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Redirection Question (I spoke to soon)
Errors are on and I get nothing, it won't even direct if I hard code header(Location: www.microsoft.com); -Original Message- From: Jason Wong [mailto:[EMAIL PROTECTED] Sent: July 23, 2003 12:48 PM To: [EMAIL PROTECTED] Subject: Re: [PHP] Re: Redirection Question (I spoke to soon) On Thursday 24 July 2003 11:37, Beauford.2005 wrote: I found one of my problems and also implemented your suggestions, and still the same thing. It will not redirect. The problem I found is that $_SERVER['SERVER_NAME'] does not include the port number. On my Win PC I am using port 800. So I changed this line to: $_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .:800 . $_SERVER['REQUEST_URI']; If I take the output from that and put it into my browser is works just fine, but it will not work in the script. [snip] header(Location: . $_SESSION['goto']); If I echo $_SESSION['goto'] right after session_start() it shows exactly what it should be. So I am at a loss. Have you checked your error logs? You should always, ALWAYS have error reporting on full, and check for errors. It could be that you're getting an headers already sent sent error. Does it work if you have a single line script: header(Location: whatever_$_SESSION['goto']_is_supposed_to_be); -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* But Officer, I stopped for the last one, and it was green! */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Redirection Question (I spoke to soon)
You need the http://; ie. http://www.microsoft.com; Beauford.2005 wrote: Errors are on and I get nothing, it won't even direct if I hard code header(Location: www.microsoft.com); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Redirection Question (I spoke to soon)
Finally,
Thanks to all that tried to help, but I found part of the problem - sort
of. In the file that I am trying to redirect to I have a form with the
line:
FORM onSubmit=return checkrequired(this) ACTION=season-write.php
action=post name=testing
It appears this line was corrupt somehow. After I rewrote the line from
scratch it solved the problem of my paths being screwed up - why - I
have no idea. Maybe it had some weird control characters or something
that was screwing things up.
However, there is still a problem with the header function - it still
will not redirect. I got around this by using a small javascript I found
which seems to do the trick. I'd still be curious as to why the header
will not work, but at this point I'm ecstatic that it works at all.
if(isset($_SESSION['goto'])) {
?
SCRIPT LANGUAGE=JavaScript
!-- Begin
window.location=? echo .. .
$_SESSION['goto']; ?;
// End --
/script
? exit; }
else {
$loginmessage = $loginsuccess;
include(login.php);
exit;
}
My apologies again if I came off bitchy, but I have been a week at this.
THX
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Redirection Question (I spoke to soon)
Thanks Mike.. You've been a GREAT help..
Cheers,
Mun Heng, Ow
H/M Engineering
Western Digital M'sia
DID : 03-7870 5168
-Original Message-
From: Ford, Mike [LSS] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 23, 2003 7:01 PM
To: Ow Mun Heng; PHP
Subject: RE: [PHP] Re: Redirection Question (I spoke to soon)
-Original Message-
From: Ow Mun Heng [mailto:[EMAIL PROTECTED]
Sent: 23 July 2003 11:37
I'm confused..
quote
With $_SESSION, there is no need to use the session_register(),
session_unregister(), session_is_registered() functions. Session
variables are accessible like any other variables.
/quote
I'm using
session_start();
session_register('username');
$_SESSION['username'] = $row['username'];
session_register('user_id');
$_SESSION['user_id'] = $row['user_id'];
session_register('access_level');
$_SESSION['access_level'] = $row['access_level'];
and checking if user is authenticated using
if ( session_is_registered('user_id') )
{
return true;
}
else
{
return false;
}
Am I in error? (I'm trying to code using register_globals=off)
Yes.
If you use only the $_SESSION array to set/get the values of your session
variables, you do not need (and, in some versions of PHP, MUST NOT use)
session_register() or any of its friends.
The proper coding for what you are doing above is:
session_start();
$_SESSION['username'] = $row['username'];
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['access_level'] = $row['access_level'];
and
if (isset($_SESSION['user_id']) )
{
return true;
}
else
{
return false;
}
(or even just
return isset($_SESSION['user_id']);
! ;)
Cheers!
Mike
-
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Beckett Park, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Redirection Question (I spoke to soon)
Are you outputting BLANK LINES???
eg.. if you have blank lines after your last ? (closing PHP tag) in
ANY one of the require/include/script files, you're outputting something and
this cannot be the case.
eg. if in VI
echo $someecho
function dosomethig()
{
// whatever
}
?
- THIS blank line will be regarded as Output. Hence You can't
redirect!
~ -- These sort of tidle marks are vi's way of saying.. no blank line
below this.
~
~
~
~
`
Cheers,
Mun Heng, Ow
H/M Engineering
Western Digital M'sia
DID : 03-7870 5168
-Original Message-
From: Beauford.2005 [mailto:[EMAIL PROTECTED]
Sent: Friday, July 25, 2003 3:06 AM
To: [EMAIL PROTECTED]
Subject: RE: [PHP] Re: Redirection Question (I spoke to soon)
Errors are on and I get nothing, it won't even direct if I hard code
header(Location: www.microsoft.com);
-Original Message-
From: Jason Wong [mailto:[EMAIL PROTECTED]
Sent: July 23, 2003 12:48 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Re: Redirection Question (I spoke to soon)
On Thursday 24 July 2003 11:37, Beauford.2005 wrote:
I found one of my problems and also implemented your suggestions, and
still the same thing. It will not redirect.
The problem I found is that $_SERVER['SERVER_NAME'] does not include
the port number. On my Win PC I am using port 800. So I changed this
line
to:
$_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .:800 .
$_SERVER['REQUEST_URI'];
If I take the output from that and put it into my browser is works
just fine, but it will not work in the script.
[snip]
header(Location: . $_SESSION['goto']);
If I echo $_SESSION['goto'] right after session_start() it shows
exactly what it should be. So I am at a loss.
Have you checked your error logs? You should always, ALWAYS have error
reporting on full, and check for errors. It could be that you're getting
an
headers already sent sent error.
Does it work if you have a single line script:
header(Location: whatever_$_SESSION['goto']_is_supposed_to_be);
--
Jason Wong - Gremlins Associates - www.gremlins.biz
Open Source Software Systems Integrators
* Web Design Hosting * Internet Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
But Officer, I stopped for the last one, and it was green!
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Redirection Question (I spoke to soon)
Sorry all, apparently this doesn't work on either Windows or Linux.
Again, I thought it was working and once I got farther along I see that
it really wasn't. Basically what I get after I login is an empty screen.
Here is what I have :
This is the script that runs to see if the user is logged in.
session_start();
if(!$_SESSION['logged']) {
session_register('goto');
$_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .
$_SERVER['REQUEST_URI'];
$url = http://www.mysite.org/login/login.php;;
header(Location: $url);
}
The above works and redirects me to the login page and has the right
referring page as shown below.
goto|s:59:http://www.mysite.org/setup/inputs.php;;
This is in my login.php script. After I verify the user login is
correct, this piece of code is executed.
session_start();
session_register('logged');
session_register('user');
$_SESSION['logged'] = True;
$_SESSION['user'] = $row['user'];
$target = Location: . $_SESSION['goto'];
session_unregister('goto');
header($target);
What I get after this is a blank page. The user has been logged in and
shows in the session file, but it just isn't redirecting.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Redirection Question (I spoke to soon)
Beauford.2005 wrote:
Sorry all, apparently this doesn't work on either Windows or Linux.
Again, I thought it was working and once I got farther along I see that
it really wasn't. Basically what I get after I login is an empty screen.
Here is what I have :
This is the script that runs to see if the user is logged in.
session_start();
if(!$_SESSION['logged']) {
session_register('goto');
$_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .
$_SERVER['REQUEST_URI'];
$url = http://www.mysite.org/login/login.php;;
header(Location: $url);
}
The above works and redirects me to the login page and has the right
referring page as shown below.
goto|s:59:http://www.mysite.org/setup/inputs.php;;
This is in my login.php script. After I verify the user login is
correct, this piece of code is executed.
session_start();
session_register('logged');
session_register('user');
$_SESSION['logged'] = True;
$_SESSION['user'] = $row['user'];
$target = Location: . $_SESSION['goto'];
session_unregister('goto');
header($target);
What I get after this is a blank page. The user has been logged in and
shows in the session file, but it just isn't redirecting.
1. DON'T mix session_register() and $_SESSION.
2. Add an exit(); after you redirect with header().
--
---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
PHP|Architect: A magazine for PHP Professionals www.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Redirection Question (I spoke to soon)
Hi,
I found one of my problems and also implemented your suggestions, and
still the same thing. It will not redirect.
The problem I found is that $_SERVER['SERVER_NAME'] does not include the
port number. On my Win PC I am using port 800. So I changed this line
to:
$_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .:800 .
$_SERVER['REQUEST_URI'];
If I take the output from that and put it into my browser is works just
fine, but it will not work in the script.
This is the portion of the script in question now after I implemented
your changes.
session_start();
$_SESSION['logged'] = True;
$_SESSION['user'] = $row['user'];
header(Location: . $_SESSION['goto']);
If I echo $_SESSION['goto'] right after session_start() it shows exactly
what it should be. So I am at a loss.
Ideas??
-Original Message-
From: Ray Hunter [mailto:[EMAIL PROTECTED]
Sent: July 22, 2003 10:47 PM
To: Beauford.2005
Subject: Re: [PHP] Re: Redirection Question (I spoke to soon)
Try doing:
session_start();
$_SESSION['logged'] = True;
$_SESSION['user'] = $row['user'];
// you cant do this here.
// session_unregister('goto');
header( Location: .$_SESSION['goto'] );
That should work.
--
BigDog
On Wed, 2003-07-23 at 19:35, Beauford.2005 wrote:
Sorry all, apparently this doesn't work on either Windows or Linux.
Again, I thought it was working and once I got farther along I see
that it really wasn't. Basically what I get after I login is an empty
screen. Here is what I have :
This is the script that runs to see if the user is logged in.
session_start();
if(!$_SESSION['logged']) {
session_register('goto');
$_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .
$_SERVER['REQUEST_URI'];
$url = http://www.mysite.org/login/login.php;;
header(Location: $url);
}
The above works and redirects me to the login page and has the right
referring page as shown below.
goto|s:59:http://www.mysite.org/setup/inputs.php;;
This is in my login.php script. After I verify the user login is
correct, this piece of code is executed.
session_start();
session_register('logged');
session_register('user');
$_SESSION['logged'] = True;
$_SESSION['user'] = $row['user'];
$target = Location: . $_SESSION['goto'];
session_unregister('goto');
header($target);
What I get after this is a blank page. The user has been logged in and
shows in the session file, but it just isn't redirecting.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Redirection Question (I spoke to soon)
* Thus wrote Beauford.2005 ([EMAIL PROTECTED]):
Sorry all, apparently this doesn't work on either Windows or Linux.
Again, I thought it was working and once I got farther along I see that
it really wasn't. Basically what I get after I login is an empty screen.
Here is what I have :
This is the script that runs to see if the user is logged in.
session_start();
if(!$_SESSION['logged']) {
session_register('goto');
$_SESSION['goto'] = http://; . $_SERVER['SERVER_NAME'] .
$_SERVER['REQUEST_URI'];
$url = http://www.mysite.org/login/login.php;;
header(Location: $url);
}
The above works and redirects me to the login page and has the right
referring page as shown below.
goto|s:59:http://www.mysite.org/setup/inputs.php;;
This is in my login.php script. After I verify the user login is
correct, this piece of code is executed.
session_start();
session_register('logged');
session_register('user');
You don't need those two lines, they are only needed if ini.register_globals
is on and you want the variables $logged and $user to automatically be
sessioned as:
$_SESSION['logged']
$_SESSION['user']
quote
With $_SESSION, there is no need to use the session_register(),
session_unregister(), session_is_registered() functions. Session
variables are accessible like any other variables.
/quote
I think this is were your problem is.
Also what php version?
quote CAUTION
If you are using $_SESSION and disable register_globals, do not use
session_register(), session_is_registered() and session_unregister(), if
your scripts shall work in PHP 4.2 and earlier. You can use these
functions in 4.3 and later.
/quote
Hmm.. After looking at the session_* documentation there are CAUTIONS
all over the place.. The all seem to say dont use sesion_register,
unregister, and is_registered when your using $_SESSION;
$_SESSION['logged'] = True;
$_SESSION['user'] = $row['user'];
$target = Location: . $_SESSION['goto'];
session_unregister('goto');
Use: unset($_SESSION['goto']);
header($target);
what does echo($target) yeild?
What I get after this is a blank page. The user has been logged in and
shows in the session file, but it just isn't redirecting.
HTH,
Curt
--
I used to think I was indecisive, but now I'm not so sure.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: Redirection Question
Beauford.2005 [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi, I am trying to figure out how to redirect a user back to a page but not having much luck. For example: I click on a menu item on my site which goes to a.php. This file includes another file that determines if they are logged in or not. If not, they are sent to login.php using header(:Location: ). How would I automatically redirect them back to a.php after they have logged in successfully. I have tried using HTTP_REFERRER, but it isn't redirecting. Any help is appreciated. When you redirect to login.php store the refering page in a hidden form field field and redirect back to that url after the user has logged in succesfully. HTH, Kevin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: redirection
Renaldo,
Of course, I use:
?php
header('Location: http://www.whereIWantToGo.com');
?
A less simple way is to creatre an .htaccess file (Apache server)
redirect /MyCurrentWebDirectory http://www.whereIWantToGo.com
There is no slash at the end of that line. Careful,
John
Renaldo De Silva wrote:
is there any way other than
header(Location: http://www.php.net/;);
to redirect to another page.
--
John Taylor-Johnston
-
' ' ' Collège de Sherbrooke:
ô¿ô http://www.collegesherbrooke.qc.ca/languesmodernes/
- Université de Sherbrooke:
http://compcanlit.ca/
819-569-2064
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: redirection rather than include()
use the: ? header(Location: http://www.whatever.com/whatever.php); ? MAKE SURE header is used before any code that outputs anything, other wise it won't work (as header sends additional HTTP header commands). Alternatively the frameset could just be sent back to browser (i.e. make your frameset dynamic (if user valid then outpust frameset etc) - and thereby more secure - as some can't just bypass your script to get to the frameset directly. Hope that helps Ollie Benjamin Deruyter [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]... This is a PHP newbie trying to figure something out. I am creating a web-app which begins with a login page and goes through the typical user/pass validation and upon success moves to a frameset where the application will run. The action of the login form is act_login.php. In that script I validate the user/pass and, upon validation, include() the frameset script. However, I would rather redirect the browser to the frameset script. In other words I want to progression to go like this... login form -- successful login (determined by act_login.php) -- redirect browser to app frameset This scenario is probably swimming in technicalities, and I'm probably just fine using the include() statement. However, I guess my overall question is... is there a way to redirect the browser to a new URL (eg. php script) inside something as simple as an if/then statement? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: redirection rather than include()
In article [EMAIL PROTECTED], [EMAIL PROTECTED] says... This is a PHP newbie trying to figure something out. I am creating a web-app which begins with a login page and goes through the typical user/pass validation and upon success moves to a frameset where the application will run. The action of the login form is act_login.php. In that script I validate the user/pass and, upon validation, include() the frameset script. However, I would rather redirect the browser to the frameset script. In other words I want to progression to go like this... login form -- successful login (determined by act_login.php) -- redirect browser to app frameset This scenario is probably swimming in technicalities, and I'm probably just fine using the include() statement. However, I guess my overall question is... is there a way to redirect the browser to a new URL (eg. php script) inside something as simple as an if/then statement? Thanks! You can use header() to force redirection - ther's a sample in the manual but remember that you can't output anything _at all_ to the browser before attempting to use header. -- David Robley Temporary Kiwi! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: Redirection and Passing Data (arrays)
how do you mean it echo in the login script
here is what I mean
do{
$product_type= $db-f(Product_Type);
$part_number = $db-f(Part_Search);
$make = $db-f(Make);
$model = $db-f(Model);
$model_year = $db-f(Model_Year);
$engine = $db-f(Engine);
$part_specs = $db-f(Part_Specs);
$part_desc = $db-f(Part_Description);
$price = $db-f(price);
$product_id = $db-f(product_id);
$discount_price = round($price - (0.35 * $price),2); // the price is
35% off
$str = explode (., $discount_price);
if(strlen($str[1]) 2 ){
$discount_price = $discount_price.0;
}
$color = ($coloralternator++ %2 ? D9D9D9 : E9E9E9);
$product_info = $make . .$model. .$model_year
./.$engine./.$part_specs;
echo TR BGCOLOR=\#$color\TDfont size=\1\ face=\Verdana,
Arial, Helvetica, sans-serif\$product_type/FONT/TD;
echo TDfont size=\1\ face=\Verdana, Arial, Helvetica,
sans-serif\$part_number/FONT/TD;
echo TDfont size=\1\ face=\Verdana, Arial, Helvetica,
sans-serif\$make/FONT/TD;
echo TDfont size=\1\ face=\Verdana, Arial, Helvetica,
sans-serif\$model/FONT/TD;
echo TDfont size=\1\ face=\Verdana, Arial, Helvetica,
sans-serif\$model_year/FONT/TD;
echo TDfont size=\1\ face=\Verdana, Arial, Helvetica,
sans-serif\$engine/FONT/TD;
echo TDfont size=\1\ face=\Verdana, Arial, Helvetica,
sans-serif\$part_specs/FONT/TD;
echo TDfont size=\1\ face=\Verdana, Arial, Helvetica,
sans-serif\$part_desc/FONT/TD;
echo TD ALIGN=\RIGHT\/afont size=\1\ face=\Verdana,
Arial, Helvetica, sans-serif\$discount_price/font/TD;
echo TDinput type=\value\ size=\2\
name=\quantity[$product_id]\ value=\1\ style=\font-family: Verdana,
Geneva, Helvetica; font-weight: regular; font-style: regular;
font-size: 10px; color: #00; height:18px\/TD;
echo TDinput type=\checkbox\ name=\product[$product_id]\
value=\$product_id\/TD;
echo input type=\hidden\ value=\$part_number\
name=\part_number[$product_id]\/;
echo input type=\hidden\ value=\$discount_price\
name=\discount_price[$product_id]\/;
echo input type=\hidden\ value=\$product_info\
name=\product_info[$product_id]\/;
$is_next_record = @$db-next_record();
} while($is_next_record );
i need to forward the hidden variables values + the checkboxes values after
the login to the schopping cart account
how can i make them being seen through over the login script
thanx
Bogdan Stancescu [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
...or echo some hidden inputs in the login form?
Julio Nobrega Trabalhando wrote:
session_register('array_of_selected_checkboxes');
Just use sessions! ;-)
--
Julio Nobrega.
Um dia eu chego lá:
http://sourceforge.net/projects/toca
Ajudei? Salvei? Que tal um presentinho?
http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884
M. Ali [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
hi
may can some body help me
I'm writing a shopping cart system where the user can search for a
product.
the search result is a page with number of items where the user can
select
some them using checkboxes and enter the quantity that he needs, then
add
them to his shopping cart this works fine when his logged in but when
he
is
not logged in, after the search and selecting the items when he comes
to
add
them to the shopping cart a login screen appears where he enters his
login
user/password his shopping cart appears.
the problem is that the items that he selected in the result page are
not
passed after his login so how can i pass these arrays of checkboxes
and
textfields with the login script.
thanx for your help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Re: Redirection and Passing Data (arrays)
session_register('array_of_selected_checkboxes');
Just use sessions! ;-)
--
Julio Nobrega.
Um dia eu chego lá:
http://sourceforge.net/projects/toca
Ajudei? Salvei? Que tal um presentinho?
http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884
M. Ali [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
hi
may can some body help me
I'm writing a shopping cart system where the user can search for a
product.
the search result is a page with number of items where the user can select
some them using checkboxes and enter the quantity that he needs, then add
them to his shopping cart this works fine when his logged in but when he
is
not logged in, after the search and selecting the items when he comes to
add
them to the shopping cart a login screen appears where he enters his login
user/password his shopping cart appears.
the problem is that the items that he selected in the result page are not
passed after his login so how can i pass these arrays of checkboxes and
textfields with the login script.
thanx for your help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Re: Redirection and Passing Data (arrays)
...or echo some hidden inputs in the login form?
Julio Nobrega Trabalhando wrote:
session_register('array_of_selected_checkboxes');
Just use sessions! ;-)
--
Julio Nobrega.
Um dia eu chego lá:
http://sourceforge.net/projects/toca
Ajudei? Salvei? Que tal um presentinho?
http://www.submarino.com.br/wishlistclient.asp?wlid=664176742884
M. Ali [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
hi
may can some body help me
I'm writing a shopping cart system where the user can search for a
product.
the search result is a page with number of items where the user can select
some them using checkboxes and enter the quantity that he needs, then add
them to his shopping cart this works fine when his logged in but when he
is
not logged in, after the search and selecting the items when he comes to
add
them to the shopping cart a login screen appears where he enters his login
user/password his shopping cart appears.
the problem is that the items that he selected in the result page are not
passed after his login so how can i pass these arrays of checkboxes and
textfields with the login script.
thanx for your help
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
