PHPBuilder.com, the best resource for PHP tutorials, templates, PHP manuals, content management systems, scripts, classes and more.

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Hiermenus
DatabaseJournal
Technology Jobs

IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Covalent Extends Apache 2.0 to Microsoft ASP.NET
ShopWorX - Support for Windows
PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1
Network Risk Assessment
Full-Featured, Java-Based Apache GUI

Partners & Affiliates

An introduction to the ADOdb class library, Part 2
Oracle with PHP: a Developer�s View
b2evolution - A Comprehensive Blogging Engine
phpwiki - The Wiki for PHP Developers
Timing Script Execution

RE: [phplib] using POST in fall back mode From: Eric Ries (eric.ries <email protected>)
Date: 07/09/00

Next message: Kristian K�hntopp: "[phplib] Changes since 7.2b"
Previous message: Carl Youngblood: "RE: [phplib] using POST in fall back mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've actually resorted to modifying OOHFORMS to automatically include a
hidden tag with the session classname and ID in every post data, which I
have found to be quite handy, as my site uses a lot of forms. It's
especially handy if you have a GET form, as the values from the form will
override the data in the ACTION URL.

At 11:17 AM 7/12/00, Carl Youngblood wrote:
>Actually, this will work. The form's ACTION URL should use the
>$sess->purl() function to ensure that the GET fallback mode works.
>Embedding a hidden form variable would be overkill (and not standard
>procedure).
>
>Carl Youngblood
>
>-----Original Message-----
>From: Bryan McGuire [mailto:joefriday <email protected>]
>Sent: Wednesday, July 12, 2000 9:08 AM
>To: NickM; David West
>Cc: phplib <email protected>
>Subject: Re: [phplib] using POST in fall back mode
>
>
>Naw, that won't help. He's not talking about clicking on a link but
>clicking a submit button in a POST form. He needs to include a hidden
>field in his form that has the session id to pass it back to the server for
>when the user has cookies turned off.
>----- Original Message -----
>From: "NickM" <nick <email protected>>
>To: "David West" <westd <email protected>>
>Cc: <phplib <email protected>>
>Sent: Wednesday, July 12, 2000 10:52 AM
>Subject: Re: [phplib] using POST in fall back mode
>
>
> > Did you make sure that EVERY url you print is encapsulated within
> > $sess->url($url) otherwise the session id won't be passed on.
> >
> > So basically every url must be dealt with in the code and put through
>this,
> > none in the html, at least whereever you need to keep auth that is.
> >
> > Nick
> >
> > ----- Original Message -----
> > From: "David West" <westd <email protected>>
> > To: <phplib <email protected>>
> > Sent: Wednesday, July 12, 2000 4:11 PM
> > Subject: [phplib] using POST in fall back mode
> >
> >
> > > Hi,
> > >
> > > I'm using PHPLIB for basic session handling. My problem is thus:
> > >
> > > I have set the mode to cookie, and fallback mode to GET. What my page
> > does
> > > is submit a form using the POST method with a user's username and
> > password.
> > > This then accesses a MySQL database which picks out some information
>about
> > > the user. I then use $sess->register() to remember this info. This
>works
> > > fine with cookies turned on, and with GET set as the $mode.
> > >
> > > However, when I use GET as the fallback mode to cookies, and disable
> > cookies
> > > in my browser, a problem arises. When the 302 and location headers are
> > sent
> > > by PHPLIB with the session id as a URL parameter, the original posted
> > > username and password do not appear to be resent, and so I can't get the
> > > information about the user.
> > >
> > > Obviously if I change the original form to use GET instead of POST,
>it'll
> > > work, but I don't want the users password visible in the URL.
> > >
> > > Any help with this would be greatly appreciated.
> > > David West
> > >
> > > PS. I'm using PHPLIB as a bunch of includes, and I can't change php.ini,
> > > etc. I dunno if this is relevant?
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: phplib-unsubscribe <email protected>
> > > For additional commands, e-mail: phplib-help <email protected>
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: phplib-unsubscribe <email protected>
> > For additional commands, e-mail: phplib-help <email protected>
> >
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: phplib-unsubscribe <email protected>
>For additional commands, e-mail: phplib-help <email protected>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: phplib-unsubscribe <email protected>
>For additional commands, e-mail: phplib-help <email protected>

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>

Next message: Kristian K�hntopp: "[phplib] Changes since 7.2b"
Previous message: Carl Youngblood: "RE: [phplib] using POST in fall back mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]