Re: Re: Re: Re: redirect and cookie problems

Replies are listed 'Best First'.
Re: Re: Re: Re: Re: redirect and cookie problems by Masem (Monsignor) on Jun 14, 2001 at 15:53 UTC
Here's a quick review of the HTTP protocol: After the browser and web server have handshook over TCPIP, the first text that the server sends is the HTTP header, which usually is as simple as: `Content-Type: text/html` [download] (Note that that it ends with "\n\n"; this indicates the end of the header). This block of text tells the browser that what will follow is HTML, and the browser should react to it as such; most browsers will render that HTML (obviously). The header is the only point where you can tell the browser to do special operations unrelated to displaying the web page. This means that if you want to set cookies, they have to be in the header; attempting to send them anytime else will simply have the browser treat them as regular text in the page's text stream. So the HTTP header with a cookie being set will looking something like : `Content-Type: text/html Cookie: cookie-data-here` [download] Alternatively, you may cause the page to be redirected to another site, basically having the browser immediately jump to the new page upon seeing the redirect header: `Redirect: http://www.my.other.url/` [download] But note that Redirect and Content-Type are mututally exclusive; you can only use one or the other in the HTTP header. Coming back to CGI, you print a standard HTTP header (optionally with cookies) by having the first thing that is printed out by your script being the $cgi->header( -cookie=>$cookie ) line. Alternatively, if you want to redirect, the first thing that your script must print out is $cgi->redirect( "http://my.other.url" ). Once you have printed either the header() or redirect() lines, any further printing of these lines will simply be treated as part of the HTML (or other data) stream that you are sending, as opposed to being interpreted as HTTP header data. Note that you can set a cookie in the redirect() step just as easily as you can in the header() step. What you are problem looking to do is redirect users that have validated their log in to a second page, with unvalidated users being given the login box. Here's psuedocode that describes one way to do it: `Create $cgi variable Check for existing and valid cookie --> if so, print $cgi->redirect() to new page, optionally refreshing t +heir cookie Check for CGI parameters from login form --> if valid, print $cgi->redirect() to new page, and create new cookie for them # At this point, if no valid cookie and no valid login, they will need + to relogin print $cgi->header(); print login form; print optional link to creating account` [download] And that's it. Note that no matter what path they follow, the is only one call to either of redirect() or header(). Dr. Michael K. Neylon - mneylon-pm@masemware.com \|\| "You've left the lens cap of your mind on again, Pinky" - The Brain	[reply] [d/l] [select]

Replies are listed 'Best First'.

Re: Re: Re: Re: Re: redirect and cookie problems
by Masem (Monsignor) on Jun 14, 2001 at 15:53 UTC

After the browser and web server have handshook over TCPIP, the first text that the server sends is the HTTP header, which usually is as simple as:

Content-Type: text/html
[download]

The header is the only point where you can tell the browser to do special operations unrelated to displaying the web page. This means that if you want to set cookies, they have to be in the header; attempting to send them anytime else will simply have the browser treat them as regular text in the page's text stream. So the HTTP header with a cookie being set will looking something like :

Content-Type: text/html
Cookie: cookie-data-here
[download]

Redirect: http://www.my.other.url/
[download]

Coming back to CGI, you print a standard HTTP header (optionally with cookies) by having the first thing that is printed out by your script being the $cgi->header( -cookie=>$cookie ) line. Alternatively, if you want to redirect, the first thing that your script must print out is $cgi->redirect( "http://my.other.url" ). Once you have printed either the header() or redirect() lines, any further printing of these lines will simply be treated as part of the HTML (or other data) stream that you are sending, as opposed to being interpreted as HTTP header data.

Note that you can set a cookie in the redirect() step just as easily as you can in the header() step.

What you are problem looking to do is redirect users that have validated their log in to a second page, with unvalidated users being given the login box. Here's psuedocode that describes one way to do it:

Create $cgi variable
Check for existing and valid cookie
--> if so, print $cgi->redirect() to new page, optionally refreshing t
+heir cookie

Check for CGI parameters from login form
--> if valid, print $cgi->redirect() to new page, and create
new cookie for them

# At this point, if no valid cookie and no valid login, they will need
+ to relogin
print $cgi->header();
print login form;
print optional link to creating account
[download]

Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain

[reply]
[d/l]
[select]