Re: [phplib] page_open being called twice? From: Simon Hawkins (s.hawkins <email protected>)
Date: 08/20/00

Hi,

The following may be what is causing your problem, no guarantee, but it is a
problem I have found...

I have been testing an application I have written based on phplib. When
testing with cookies turned off I kept receiving the sign-on screen when a
form was 'post'ing it's submission (this only occurs when a form is being
submitted, when it's a get string everything is ok). The problem is in
session.inc in
release_token()

Here's the changed function...

  function release_token(){
    global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_HOST,
$HTTPS;
    if ( isset($this->fallback_mode)
    && ( "get" == $this->fallback_mode )
    && ( "cookie" == $this->mode )
    && ( ! isset($HTTP_COOKIE_VARS[$this->name]) ) ) {
      if ( isset($HTTP_GET_VARS[$this->name]) or
isset($HTTP_POST_VARS[$this->name]) ) {
        $this->mode = $this->fallback_mode;
      } else {
        header("Status: 302 Moved Temporarily");
        $this->get_id($sid);
 $this->mode = $this->fallback_mode;
        if( isset($HTTPS) && $HTTPS == 'on' ){
        ## You will need to fix suexec as well, if you use Apache and CGI
PHP
          $PROTOCOL='https';
        } else {
          $PROTOCOL='http';
        }
        header("Location: ". $PROTOCOL. "://".$HTTP_HOST.$this->self_url());
        exit;
      }
    }
  }

The change is (addition of $HTTP_POST_VARS)...
{
      if ( isset($HTTP_GET_VARS[$this->name]) or
isset($HTTP_POST_VARS[$this->name]) ) {

to check if the session id has been past by post variables rather than get.
Only other change is obviously to put $HTTP_POST_VARS in the global.

I'm not sure if this is causing your problem, but it certainly is a issue
with session.inc when using get mode.

Best regards

Simon Hawkins

----- Original Message -----
From: A Lohla <alohla <email protected>>
To: <phplib <email protected>>
Sent: Sunday, August 20, 2000 5:06 AM
Subject: Re: [phplib] page_open being called twice?

> Hello again,
> I accidentally sent that before I was finished. Just wanted to add a
thank
> you to anyone who tries to figure it out. You know it's bothering me if
I'm
> trying to fix it on a saturday night!
>
> thanks,
> Ande Lohla
>
> Here's the other message:
> ---------------------------------------------------------
> Hi Everyone,
>
> I'm having some puzzling behavior from one of my pages using phplib
> authentication. Somehow, only sometimes, on loading this page,
> page_open is called twice, according to my error logs.
>
> I've done logging output before and after each call to a phplib
> function in the page, and it resembles the following sequence in just ONE
> load of the page:
>
> page_open() about to begin
> (inside page_open, user proves to be already authenticated)
> after page_open()
> (authentication data exists and is valid)
> before page_close() *
> page_open() about to begin
> (inside page_open, authentication fails; displays login form)
> after page_open()
> (authentication is now uid "nobody")
> after page_close() *
>
> I don't understand it, but I believe the after/before (*) marked
> above for page_close are a pair. Thus, page_close is triggering a reload
of
> the page, thereby calling page_open a second time?! How can this be?
>
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: phplib-unsubscribe <email protected>
> For additional commands, e-mail: phplib-help <email protected>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>