Advice on modifying a URL?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
blades
Forum Newbie
Posts: 7
Joined: Thu Dec 30, 2004 10:23 pm

Advice on modifying a URL?

Post by blades »

I have a login form page, that on 'submit' is set to start a PHP session and go to my landing page, using...

Code: Select all

<?php
	// ...
	// ...
	if (isset($_POST['submit'])) {
	// ...
  	// Much more stuff in between: form authentication, initiating session values, etc.
	// ...
	session_start();
		$_SESSION['last_name'] = $row[2];
		$_SESSION['first_name'] = $row[1];
		$_SESSION['user_id'] = $row[0];
		$_SESSION['db_name'] = $db;
		$_SESSION['project'] = $proj;
		$_SESSION['url_prefix'] = $urlp;
		
	mysql_close();
	ob_end_clean();

	header ("Location:  http://" . $_SERVER['HTTP_HOST'] . "/subdir/landing_pg.php");
	exit();
}
?>
Vars. $db, $proj and $urlp are all needed on the landing page too, so they are set again at the start of my script there...

Code: Select all

<?php
	ob_start();
	session_start();
	$db = $_SESSION['db_name'];
	$proj = $_SESSION['project'];
	$urlp = $_SESSION['url_prefix'];

	require_once ('../dbc/db_connect.php');
?>
My MySQL connection script needs only $db. All works fine. So far so good.

.....

Now, our web server has a virtual hosting scheme which allows the insertion of a string directly before the domain name ($_SERVER['HTTP_HOST']) segment of the URL string such that...

http://domainname.com/subdir/landing_pg.php

...and...

http://whatever.domainname.com/subdir/landing_pg.php

... are both equivalent URLs to my landing page.

I can confirm that this works anywhere on the site when I manually type "whatever." into my browser's address bar directly before the domain.

But I'm trying to accomplish this through my login script. What I've come up with is to modify the header like so...

Code: Select all

header ("Location:  http://" . $urlp . "."  . $_SERVER['HTTP_HOST'] . "/subdir/landing_pg.php");
I get the desired URL...

http://project01.domainname.com/subdir/landing_pg.php

... but fail to connect with mysql again. It returns the default error from my connection script. I suppose I should include that script as well:

Code: Select all

<?php
DEFINE ('DB_USER', 'user01');
DEFINE ('DB_PASSWORD', 'password01');
DEFINE ('DB_HOST', 'mysql1.domainname.com');
DEFINE ('DB_NAME', $db);

$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );
mysql_select_db (DB_NAME) OR die ('Unable to connect with your Project: ' . mysql_error());
?>
So, the error returned when submitting the form is...

"Unable to connect with your Project: No Database Selected"

What I infer from this is that there seems to be no problem with my DB_HOST, DB_USER or DB_PASSWORD, but that it is unable to parse DB_NAME as $db.

.....

Again, all was working fine before I added the complication of $urlp in the header() function on my login page.

Does concatenating a variable in the header seem like the right approach or is there a better way to create the URL I want? Unfortunately, I'm not able to access Apache or modify the environment variables on our server.

Jcart | Please use

Code: Select all

and

Code: Select all

tags where appropriate when posting code. Read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
(Thanks, Jcart, will do in the future. Blades)
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

I think this might have to do with the type of sessions you are using. If you are using Cookie based sessions that all of your session will not be available on a subdomain because cookies are only accessible from the domain that set them. I am pretty sure (not totally, maybe someone else can answer this here for me) that if you set a cookie at http://www.mydomain.com that you cannot view the contents of that cookie at example.mydomain.com.

This might be giving you the database connection problems because the var $db is set using sessions.
blades
Forum Newbie
Posts: 7
Joined: Thu Dec 30, 2004 10:23 pm

Post by blades »

Everah wrote:I think this might have to do with the type of sessions you are using. If you are using Cookie based sessions that all of your session will not be available on a subdomain because cookies are only accessible from the domain that set them. I am pretty sure (not totally, maybe someone else can answer this here for me) that if you set a cookie at http://www.mydomain.com that you cannot view the contents of that cookie at example.mydomain.com.

This might be giving you the database connection problems because the var $db is set using sessions.
Hey, Everah,

Thanks. I'm not using cookies, just regular php sessions. Like you I think the problem centers on my $db session variable, so I've been testing for it in my connection script:

Code: Select all

<?php
$db = $_SESSION['db_name'];

DEFINE ('DB_HOST', 'mysql1.domainname.com');
DEFINE ('DB_USER', 'user01');
DEFINE ('DB_PASSWORD', 'password01');
DEFINE ('DB_NAME', $db);

$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );

mysql_select_db (DB_NAME) OR die ("The selected database is {$_SESSION['db_name']}. Unable to connect with {$db}: " . mysql_error());
?>
Now, the error I'm returned is...

"The selected database is . Unable to connect with : No Database Selected"

It's getting past mysql_connect (), so host, user and password are fine, but it fails on mysql_select_db(). I don't seem to be able to access my session variables in the connection script.

I AM getting the URL I want:

http://project01.domainname.com/subdir/landing_pg.php

...but it's trashing my session.

As a test, I even tried hard-coding the database name in place of $_SESSION['db_name']. That connected to mysql just fine, but when landing_page.php loaded, all of my session variables were gone, except for my session ID.

Time for a break, I think

Blades
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

The PHP Manual wrote: Section: Sessions
The behaviour of these functions is affected by settings in php.ini.
...
session.use_cookies boolean
session.use_cookies specifies whether the module will use cookies to store the session id on the client side. Defaults to 1 (enabled).
What this means is if you are using a default installation of PHP, or unless you specifically tell PHP at runtime not to, it will use cookie based session variables. Two things for you to do:

1) Make sure you are using session_start() at the top of all your session'ed pages; and
2) Try outputting all of your session (via echo) when you get to your landing page.

I would suspect the reason you CAN connect to MySQL but NOT to your database is because you are hard coding the values of your connection parameters into the constants, but trying to use a passed session var as the database name. If the session var is coming from a serialized cookie string and the domain cannot access the cookie, all of your sessions vars will be empty.

Try it and see what happens. Post the results and we can look more from there.
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

Everah wrote:I think this might have to do with the type of sessions you are using.
You're right here, Everah.
I am pretty sure (not totally, maybe someone else can answer this here for me) that if you set a cookie at http://www.mydomain.com that you cannot view the contents of that cookie at example.mydomain.com.
And here you're wrong, you could use cookie set at http://www.domain.com on example.domain.com if the cookie was set with Domain=.domain.com.

As for the problem the original poster is facing, the solution is to use session_set_cookie_params()
User avatar
phpdevuk
Forum Contributor
Posts: 220
Joined: Mon Jul 04, 2005 5:31 am
Location: UK
Contact:

Post by phpdevuk »

would passing the sessionid solve the problem?
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Thanks Weirdan, I knew there was something I was forgetting. You gotta love the Mod team.

blades, that should give you what you need to get going in the right direction.
blades
Forum Newbie
Posts: 7
Joined: Thu Dec 30, 2004 10:23 pm

Post by blades »

Everah wrote:
The PHP Manual wrote:Section:Sessions
The behaviour of these functions is affected by settings in php.ini.
...
session.use_cookies boolean
session.use_cookies specifies whether the module will use cookies to store the session id on the client side. Defaults to 1 (enabled).
What this means is if you are using a default installation of PHP, or unless you specifically tell PHP at runtime not to, it will use cookie based session variables. Two things for you to do:

1) Make sure you are using session_start() at the top of all your session'ed pages; and
2) Try outputting all of your session (via echo) when you get to your landing page.
I can clarify what I was saying about cookies. The php.ini settings on my production server are:

Code: Select all

session.use_cookies	On	On
session.use_only_cookies	Off	Off
I begin all of my scripts with session_start() to generate the session ID cookie (32 hex.string), but all other session variables are stored on the server for each visitor as a regular PHP session.

And I have a block of lines on landing_pg.php to test for my session vars. using the print () function. That's how I knew that only my session ID was surviving the trip through my connection script.
Everah wrote: I would suspect the reason you CAN connect to MySQL but NOT to your database is because you are hard coding the values of your connection parameters into the constants, but trying to use a passed session var as the database name. If the session var is coming from a serialized cookie string and the domain cannot access the cookie, all of your sessions vars will be empty.
This sounds like a reasonable explanation. I do tend to forget that the the session ID cookie is not stored with the other session data. So it makes sense to me that mysql would handle it as coming from a different source.
Weirdan wrote:...you could use cookie set at http://www.domain.com on example.domain.com if the cookie was set with Domain=.domain.com.

As for the problem the original poster is facing, the solution is to use session_set_cookie_params()
Yes! I think this is probably what I've been looking for -- a "session-specific" function that will recognize my clumsy concatenated header().

Or come to think of it, maybe something like...

Code: Select all

ini_set ('session.cookie_domain', '.domainname.com');
phpdevuk wrote:would passing the sessionid solve the problem?
I might as well give it a try, too.

Thanks alot, guys, for your help. This looks promising.

Blades
blades
Forum Newbie
Posts: 7
Joined: Thu Dec 30, 2004 10:23 pm

Post by blades »

Hey, folks.

Setting session.cookie_domain on landing_pg.php did the trick! Rather than session_set_cookie_params(), I used the ini_set() function instead.

Code: Select all

ini_set ('session.cookie_domain', '.domainname.com');
My thanks to everyone here who helped me through this.

Below is my final revised code:

login.php

Code: Select all

<?php
// ...
if (isset($_POST['submit'])) {
// ...
// Other stuff here: form authentication, variables set, etc.
// ...
session_start();
    $_SESSION['last_name'] = $row[2];
    $_SESSION['first_name'] = $row[1];
    $_SESSION['user_id'] = $row[0];
    $_SESSION['db_name'] = $db;
    $_SESSION['project'] = $proj;
    $_SESSION['url_prefix'] = $urlp;

    mysql_close();
    ob_end_clean();

    header ("Location: http://" . $urlp . "." . $_SERVER['HTTP_HOST'] . "/subdir/landing_pg.php");
    exit();
}
?>
landing_pg.php (opening script)

Code: Select all

<?php
ob_start();
ini_set ('session.cookie_domain', '.domainname.com');
session_start(); // Start the session.

$page_title = 'Project Chapter List';
$db = $_SESSION['db_name'];
$proj = $_SESSION['project'];
$urlp = $_SESSION['url_prefix'];
$rid = $_SESSION['rvwr_id'];
if (!isset($proj)) {
    $argstring = "Location: ../login.php";
    header ($argstring);
    exit();
}

require_once ('../dbc/db_connect.php');

print "Session ID: <b>".session_id()."</b><br>";
if (isset($_SESSION['rvwr_id'])) { echo "\$_SESSION['rvwr_id']: <b>{$_SESSION['rvwr_id']}</b><br>\n";
}
print "\$_SESSION['db_name']: <b>{$_SESSION['db_name']}</b><br>";
print "\$_SESSION['project']: <b>{$_SESSION['project']}</b><br>";
print "\$_SESSION['url_prefix']: <b>{$_SESSION['url_prefix']}</b><br>";
print "\$urlp: <b>$urlp</b><br>";
print "\$_SERVER['HTTP_HOST']: <b>{$_SERVER['HTTP_HOST']}</b><br><br>";
?>

db_connect.php

Code: Select all

<?php
DEFINE ('DB_HOST', 'mysql1.dommainname.com');
DEFINE ('DB_USER', 'user01');
DEFINE ('DB_PASSWORD', 'password');

DEFINE ('DB_NAME', $db);

$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Could not connect to MySQL: ' . mysql_error() );

mysql_select_db (DB_NAME) OR die ("Unable to connect with your Project: " . mysql_error());
?>
And for good measure, here's the output returned from the print() block on landing_page.php:

Session ID: b6259fa14fa473fee9da13b30140c1cf
$_SESSION['rvwr_id']: 001
$_SESSION['db_name']: db_project01
$_SESSION['project']: Smith, Biology 8e
$_SESSION['url_prefix']: project01
$urlp: project01
$_SERVER['HTTP_HOST']: project01.domainname.com
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Doesn't it make you want to sit back and slowly sigh out load, "Ahhhhh"? Congrats, I'm glad you got this working.
Post Reply