Jump to content


Photo

Ch. 6 Authorize.php Script


  • Please log in to reply
4 replies to this topic

#1 memilanuk

memilanuk

    Active Member

  • Members
  • PipPip
  • 33 posts

Posted 29 October 2009 - 08:38 PM

Hello all,

Winding my way through the book, on or about pg 315 where we are to move the php script that uses headers for HTTP authentication from the beginning of admin.php and stick it in a separate include file called 'authorize.php', and put the relevant hooks via 'require_once()' in both 'admin.php' and 'removescore.php'.

What works:

The HTTP authentication header script in the beginning of admin.php works fine. Just like it should. But when I cut-n-paste that script into a new file called authorize.php, save that file, and put

CODE
<?php
require_once('authorize.php');
?>


at the very beginning of admin.php, exactly where the previous script was 'cut' from... this is what I get instead of a log-in window:

QUOTE
Warning: Cannot modify header information - headers already sent by (output started at E:\xampplite\htdocs\guitarwars\authorize.php:1) in E:\xampplite\htdocs\guitarwars\authorize.php on line 9

Warning: Cannot modify header information - headers already sent by (output started at E:\xampplite\htdocs\guitarwars\authorize.php:1) in E:\xampplite\htdocs\guitarwars\authorize.php on line 10

Guitar Wars
Sorry, you must enter a valid user name and password to access this page.


Lines 9 & 10 are the lines in authorize.php where it sends the headers. Again, nothing has changed from before when it *did* work, except which file its stored in. I've been looking at the final versions of admin.php and authorize.php from the code archive, but as of yet I can't seem to pin point where I went wrong.

Any help or nudges in the right direction would be much appreciated.

TIA,

Monte

#2 Guest_23.12.2012_*

Guest_23.12.2012_*
  • Guests

Posted 30 October 2009 - 08:20 AM

The authorization script must be the first in the document. That is, place it before the HTML DOCTYPE and everything. Just post your authorize.php and the page where you're including it.

#3 memilanuk

memilanuk

    Active Member

  • Members
  • PipPip
  • 33 posts

Posted 30 October 2009 - 02:28 PM

QUOTE (23.12.2012 @ Oct 30 2009, 08:20 AM) <{POST_SNAPBACK}>
The authorization script must be the first in the document. That is, place it before the HTML DOCTYPE and everything. Just post your authorize.php and the page where you're including it.



Well, as it turns out, it appears that I had everything right; it was(is) something queer to Notepad ++ and the settings therein.

The beginning of my 'admin.php' file looks like this...

CODE
<?php
require_once('authorize.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>


Everything is where it should be.

If I take the code archive files downloaded from HF Labs, and go to Examples->Ch06->page315 and open up the 'authorize.php' script listed there... it is functionally equal to what I typed in manually from the book (surprise). If I take that file, copy it to my 'guitarwars' folder on my XAMPP server, and rename it authorize-book.php, and then open it in Notepad ++ and cut-n-paste from that tab window to another tab and save it as 'authorize.php'...

CODE
<?php
  // User name and password for authentication
  $username = 'rock';
  $password = 'roll';

  if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']) ||
    ($_SERVER['PHP_AUTH_USER'] != $username) || ($_SERVER['PHP_AUTH_PW'] != $password)) {
    // The user name/password are incorrect so send the authentication headers
    header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: Basic realm="Guitar Wars"');
    exit('<h2>Guitar Wars</h2>Sorry, you must enter a valid user name and password to access this page.');
  }
?>


This does not work. It is the same as what was in the 'authorize.php' file included from the code archive downloaded, literally cut-n-pasted, but it coughs up the errors mentioned in my first post.

Literally copying the whole file from the code archive, not just the text within, to my guitarwars directory and renaming it 'authorize.php', does work. Works just fine.

So at that point... it starts to look like the problem is not within the code, but in the text editor and how it brings it across. I tinkered with the settings in Notepad++ to see if maybe it was saving or encoding the document in some funky standard other than ANSI/UTF-8, but everything looked fine. Turned on 'Show All Characters' and it showed that an extra carriage return was being inserted (along with the existing line feed) at the end of every line when I cut-n-pasted from one tab window to another. I though that might be it, despite some disagreement from some people on another site.

This afternoon I decided to try again from Komodo Edit instead of Notepad++... I deleted 'authorize.php', opened up 'authorize-book.php' in a tab inside KE and then did the 'select all', and then cut-n-paste across to a new tab, and saved that as 'authorize.php'. It showed the same [CR][LF] characters at the end of every line, but that version worked. I'd found some specific method (can't remember which menu layer it was buried under) in Notepad++ to get it to behave also, by selecting 'Paste as ANSI/UTF-8' - still 'looked' the same but it worked right.

Somehow, somewhere, there is something happening that doesn't show up even with 'Show All Characters' turned on that is munging the script so that a whitespace or something is snuck in there when it shouldn't be. The code works fine.

Guess I'm back to Komodo Edit for the time being. Just can't make myself go with emacs or vim, or else I'd be done with this gui text editor silliness wink.gif

#4 dtritus315

dtritus315

    New Member

  • Members
  • Pip
  • 2 posts

Posted 27 December 2009 - 09:04 AM

Thanks for this info. I have been seeing some strange errors returned on my site when creating files with notepad++ also. I'll see if changing the paset settings will help.

I'm also going to tryout the other program you mentioned and see if it works better for me.

#5 Big Lew

Big Lew

    Active Member

  • Members
  • PipPip
  • 10 posts

Posted 02 June 2014 - 05:53 PM

The authorization script must be the first in the document. That is, place it before the HTML DOCTYPE and everything. Just post your authorize.php and the page where you're including it.


Thank you for the advice. You helped me a great deal. Initially, in the admin.php and removescore.php files, I placed the require_once for authorize file between the DOCTYPE and the opening HTML and I got the same error, as well. Then I placed it directly above the DOCTYPE and it worked perfectly.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users