PHP serving blank pages
hman
I have a web site that uses session variables and cookies. In-house and at
most clients the web sites functions great, exactly how it should behave.
However, at a few sites, the users will get the login page and as soon as
they submit, they get served a page with just the banner image on top and
blank underneath it. The page is two frames, top and bottom with the banner
image on the top. When viewing the source, the bottom page contains
<html></html> only. Looking at my PHP scripts, there are no scripts that
could generate that kind of a blank page, it would at least have a <head> in
it.
So far what I've found that's different between the sites that work and the
one that doesn't is as follows.
The machine name is SQL1 with an IP address of 10.1.1.100. On this machine
is a web site set up in IIS with an IP address of 10.1.1.150. All of the
users at this site use a url of http://statuspage.cosite.com to get into the
site.
If you use a URL of http://SQL1/statuspage/userlogin.php - everything works
fine.
If you use a URL of http://10.1.1.100/statuspage/userlogin.php - everything
works fine.
If you use a URL of http://statuspage.cosite.com - They get the blank page
after the login page.
I'm thinking it has something to do with domains and cookies but I'm not
sure.
My cookies are set as:
setcookie("UserKey", $UK,$expiretime);
setcookie("PHPSESSID",$_COOKIE["PHPSESSID"],$expiretime);
$expiretime is a variable containing the expiration time of the cookie
Any help would be GREATLY appreciated.
Harry Hambrick
J.O. Aho
> If you use a URL of http://SQL1/statuspage/userlogin.php - everything works
> fine.
> If you use a URL of http://10.1.1.100/statuspage/userlogin.php - everything
> works fine.
> If you use a URL of http://statuspage.cosite.com - They get the blank page
> after the login page.
Check so that your DNS is working correctly.
> I'm thinking it has something to do with domains and cookies but I'm not
> sure.
>
> My cookies are set as:
>
> setcookie("UserKey", $UK,$expiretime);
>
> setcookie("PHPSESSID",$_COOKIE["PHPSESSID"],$expiretime);
If using microsoft browsers, it's always a good idea to give the full domain
in the setcookie(), or else you may get troubles.
--
//Aho
hman
happening.
What should I use for the full domain in this case. I can't find a good
explanation on use of the domain when setting cookies.
I need to cookies to work for SQL1, 10.1.1.100 AND for
statuspage.cosite.com.
Thanks,
Harry Hambrick
"J.O. Aho" <us...@example.net> wrote in message
news:52ru59F...@mid.individual.net...
Rik
> On Tue, 6 Feb 2007 13:21:07 -0500, hman wrote...
>>
>> The DNS is working correctly according to the client where this is
>> happening.
>>
>> What should I use for the full domain in this case. I can't find a good
>> explanation on use of the domain when setting cookies.
>>
>> I need to cookies to work for SQL1, 10.1.1.100 AND for
>> statuspage.cosite.com.
>>
>> Thanks,
>> Harry Hambrick
>
>
> From my understanding a cookie can only be generated from a server in its
> domain, since there would be problems with outside sides trying to forge
> cookies
> for another domain. You might not be able to use "SQL1, 10.1.1.100 and
> statuspage.cosite.com." in one cookie and may need to generate three
> separate
> cookies.
@OP Pffffft... crossposting.....evil.. mmkay?
Rik wrote in comp.lang.php:
"> As far as the cookies go, do I need to specify the domain and path in
the
> cookies for them to work with both the domain and the machine name?
Normally, no, server and path default to the current. Users connecting by
one address should have no trouble continuing using that address, and the
cookies it sets. Switching would make your cookies invalid for that
ip/name/server, as they've been set for the other. The browser just won't
send them. You can _try_ to set a cookie for another domain/ip/machine
name, but this would cookie would be declined by the standard settings of
most modern browsers. "
Moral of the story: either allow all users to stay on their current
address/server, or enforce one immediately at the beginning, possibly
using a 301.
--
Rik Wasmus
J.O. Aho
> Tom <t...@to.com> wrote:
>
>> On Tue, 6 Feb 2007 13:21:07 -0500, hman wrote...
>>>
>>> The DNS is working correctly according to the client where this is
>>> happening.
>>>
>>> What should I use for the full domain in this case. I can't find a good
>>> explanation on use of the domain when setting cookies.
>>>
>>> I need to cookies to work for SQL1, 10.1.1.100 AND for
>>> statuspage.cosite.com.
>>>
>>> Thanks,
>>> Harry Hambrick
>>
>>
>> From my understanding a cookie can only be generated from a server in its
>> domain, since there would be problems with outside sides trying to
>> forge cookies
>> for another domain. You might not be able to use "SQL1, 10.1.1.100 and
>> statuspage.cosite.com." in one cookie and may need to generate three
>> separate
>> cookies.
You can always get the domain that the user has used to request the page, and
therefore be able to send a correct domain with the cookie, no needs of more
than one.
setcookie(... ,$_SERVER['SERVER_NAME']);
> @OP Pffffft... crossposting.....evil.. mmkay?
No, he didn't crosspost, this thread is only posted to alt.php, he did a
multipost if you found a similar post/thread at comp.lang.php.
--
//Aho
Rik
>>> From my understanding a cookie can only be generated from a server in
>>> its
>>> domain, since there would be problems with outside sides trying to
>>> forge cookies
>>> for another domain. You might not be able to use "SQL1, 10.1.1.100 and
>>> statuspage.cosite.com." in one cookie and may need to generate three
>>> separate
>>> cookies.
>
> You can always get the domain that the user has used to request the
> page, and therefore be able to send a correct domain with the cookie, no
> needs of more than one.
>
> setcookie(... ,$_SERVER['SERVER_NAME']);
Yup, but it alreasy defaults to that, so it normally shouldn;t be
necessary.
>> @OP Pffffft... crossposting.....evil.. mmkay?
>
> No, he didn't crosspost, this thread is only posted to alt.php, he did a
> multipost if you found a similar post/thread at comp.lang.php.
Yup, my bad, normally I say don't crosspost. Multi posting is somewhat
more evil but luckily less frequent. Slip of the keyboard :P
--
Rik Wasmus
J.O. Aho
> J.O. Aho <us...@example.net> wrote:
>>>> From my understanding a cookie can only be generated from a server
>>>> in its
>>>> domain, since there would be problems with outside sides trying to
>>>> forge cookies
>>>> for another domain. You might not be able to use "SQL1, 10.1.1.100 and
>>>> statuspage.cosite.com." in one cookie and may need to generate three
>>>> separate
>>>> cookies.
>>
>> You can always get the domain that the user has used to request the
>> page, and therefore be able to send a correct domain with the cookie,
>> no needs of more than one.
>>
>> setcookie(... ,$_SERVER['SERVER_NAME']);
>
> Yup, but it alreasy defaults to that, so it normally shouldn;t be
> necessary.
For browsers like Mozilla/Firefox/SeaMonkey/Opera and so on, it seem to work
fine, but for some reasons MSIE can get troubles so that the cookie isn't set,
so even if it's supposed to be automatically set right if it's omitted (if I
remember it right, in this case it's the client who sets the domain), there is
something broke in MSIE.
--
//Aho
Rik
> For browsers like Mozilla/Firefox/SeaMonkey/Opera and so on, it seem to
> work fine, but for some reasons MSIE can get troubles so that the cookie
> isn't set, so even if it's supposed to be automatically set right if
> it's omitted (if I remember it right, in this case it's the client who
> sets the domain), there is something broke in MSIE.
Never ran into trouble with MSIE here, but indeed it's the browser that
interprets it, not the webserver or PHP.
--
Rik Wasmus