AjaxCall with wrong http_response_code from php

Discussion forum for MOD Writers regarding MOD Development.
Locked
francois44
Registered User
Posts: 6
Joined: Sat Apr 18, 2015 9:34 am

AjaxCall with wrong http_response_code from php

Post by francois44 » Wed Nov 11, 2015 1:16 pm

I'm calling my PhpBB3 forum to control user/password in an external html document.
To do this functionality, I use Ajax and javascript.
I call a php program which do the login to verify user/password.
I want to use ajaxRequest.status to control the result of login in javascript.

In all the cases (good password/wrong password) the Php Code send me ajaxRequest.status=200
Firebug show me the wrong result.

The error is in the following php program :

Code: Select all

<?php            
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	//Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');

	$username = $_GET['name'];
	$password = $_GET['pwd'];

    $display_string = "";
	if(isset($username) && isset($password)) {
		$display_string .= "username ".$username."</br>";    
		$display_string .= "password ".$password."</br>";    
  		$result = $auth->login($username, $password, false, 1, 0);
  		
		$display_string .= "status ".$result['status']."</br>";    

  		if ($result['status'] == LOGIN_SUCCESS) {
			//Le username et mot de passe sont ok
		    $display_string .= "Username et mot de passe ok "."</br>";	    
	    	//affichage du resultat recupéré par la page appelante
   		    echo $display_string;  
			//par défaut 200 si tout ce passe bien
	    	http_response_code(200);
 		} elseif ($result['status'] == LOGIN_ERROR_ATTEMPTS) {
			//Le username et mot de passe ne correspondent pas
		    $display_string .= "Vous avez dépassé le maximum autorisé de tentatives de connexion, connectez vous au forum avant l'adhésion "."</br>";
			//affichage du resultat recupéré par la page appelante
	        echo $display_string;  
      	  	//temps d'attente de 7 secondes pour éviter les pirates
       		sleep (7);
    	    //en cas d'erreur non trouvé on sort en erreur 204 -  204 No Content
    	    http_response_code(206);
 		} else {
			//Le username et mot de passe ne correspondent pas
		    $display_string .= "Username et mot de passe invalide "."</br>";
			//affichage du resultat recupéré par la page appelante
	        echo $display_string;  
      	  	//temps d'attente de 7 secondes pour éviter les pirates
       		sleep (7);
    	    //en cas d'erreur non trouvé on sort en erreur 204 -  204 No Content
    	    http_response_code(204);
 		}
	} else {
		//Le username et mot de passe ne correspondent pas
	    $display_string .= "Username ou mot de passe non rempli "."</br>";
		//affichage du resultat recupéré par la page appelante
        echo $display_string;  
        //temps d'attente de 7 secondes pour éviter les pirates
        sleep (7);
        //en cas d'erreur non trouvé on sort en erreur 204 -  204 No Content
        http_response_code(204);
 	}
 			
?>

If I log http_response_code() the good value is logged (204/206)
but when i received the status, firebug always give me 200.

I have try to simplfy my code to identify the problem,
This code send me 200

Code: Select all

<?php
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	//Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');

	http_response_code(204);
	$display_string .= "http_response_code ".http_response_code()."</br>";    
	echo $display_string;
	return;
?>
And this code send me 204

Code: Select all

<?php
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	http_response_code(204);
	$display_string .= "http_response_code ".http_response_code()."</br>";    
	echo $display_string;
	return;
?>
I don't understand why the session management

Code: Select all

	//Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');
force status response to 200…
François

User avatar
AmigoJack
Registered User
Posts: 5423
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: AjaxCall with wrong http_response_code from php

Post by AmigoJack » Thu Nov 19, 2015 8:08 am

francois44 wrote:This code send me 200
Cannot reproduce - that one's response is clearly 204:

Code: Select all

http://127.0.0.1/phpBB3/aaa.php

GET /phpBB3/aaa.php HTTP/1.1
Host: 127.0.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Cookie: phpbb3_ruxob_u=2; phpbb3_ruxob_k=; phpbb3_ruxob_sid=ee2de622090c1396b547b965498668d7; style_cookie=null
Connection: keep-alive

HTTP/1.1 204 No Content
Date: Thu, 19 Nov 2015 08:00:22 GMT
Server: Apache/2.4.9 (Win32) OpenSSL/1.0.1g PHP/5.5.11
X-Powered-By: PHP/5.5.11
Set-Cookie: phpbb3_ruxob_u=1; expires=Fri, 18-Nov-2016 08:00:23 GMT; path=/; HttpOnly
Set-Cookie: phpbb3_ruxob_k=; expires=Fri, 18-Nov-2016 08:00:23 GMT; path=/; HttpOnly
Set-Cookie: phpbb3_ruxob_sid=6ee0bebde1f9a4058be0ab1ab90841fb; expires=Fri, 18-Nov-2016 08:00:23 GMT; path=/; HttpOnly
Content-Length: 27
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
I never heard of http_response_code() - is there a reason why you use that one? Be aware it needs PHP 5.4 at least.
The worst thing about censorship is ███████████
Affin wrote:
Tue Nov 20, 2018 9:51 am
The problem is probably not my English but you do not want to understand correctly.
...
We will not come anybody anyway, nevertheless, it's best to shit this.

francois44
Registered User
Posts: 6
Joined: Sat Apr 18, 2015 9:34 am

Re: AjaxCall with wrong http_response_code from php

Post by francois44 » Sun Nov 29, 2015 6:45 am

Thank you AmigoJack for your answer :

regarding to your question,
I'm using php 5.5.18, Regarding http_response_code, i have read this information :
- Since PHP 5.4 you can use http_response_code.
- http_response_code(404);
- This will take care of setting the proper HTTP headers.
I have read an other answer too
- $this->response->statusCode(200);
- return $this->response;

I have changed my program,
Instead using Javascript and AjaxCall to verify login information in my htlm document,
I directly use phpbb forum login to obliged the user to be logged when he use my page.
This is a better solution

Code: Select all

<?php
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../forum/';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	// Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');

	// Test if registred
	if (!$user->data['is_registered']) {
		// Si la personne n'est pas logué, elle se loggue
		// retour vers se formulaire après connexion
		login_box(request_var('redirect', "/../ATADARK/formulaire_adhesion_atadark.$phpEx"));
	} else {
		// Continue the programme
So I don't need to return an other http_response_code because there is no ajaxProgram,
Thank you for answering php questions on this forum
François

Locked

Return to “[3.0.x] MOD Writers Discussion”

Who is online

Users browsing this forum: No registered users and 18 guests