AjaxCall with wrong http_response_code from php

Discussion forum for MOD Writers regarding MOD Development.
Locked
francois44
Registered User
Posts: 6
Joined: Sat Apr 18, 2015 9:34 am

AjaxCall with wrong http_response_code from php

Post by francois44 » Wed Nov 11, 2015 1:16 pm

I'm calling my PhpBB3 forum to control user/password in an external html document.
To do this functionality, I use Ajax and javascript.
I call a php program which do the login to verify user/password.
I want to use ajaxRequest.status to control the result of login in javascript.

In all the cases (good password/wrong password) the Php Code send me ajaxRequest.status=200
Firebug show me the wrong result.

The error is in the following php program :

Code: Select all

<?php            
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	//Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');

	$username = $_GET['name'];
	$password = $_GET['pwd'];

    $display_string = "";
	if(isset($username) && isset($password)) {
		$display_string .= "username ".$username."</br>";    
		$display_string .= "password ".$password."</br>";    
  		$result = $auth->login($username, $password, false, 1, 0);
  		
		$display_string .= "status ".$result['status']."</br>";    

  		if ($result['status'] == LOGIN_SUCCESS) {
			//Le username et mot de passe sont ok
		    $display_string .= "Username et mot de passe ok "."</br>";	    
	    	//affichage du resultat recupéré par la page appelante
   		    echo $display_string;  
			//par défaut 200 si tout ce passe bien
	    	http_response_code(200);
 		} elseif ($result['status'] == LOGIN_ERROR_ATTEMPTS) {
			//Le username et mot de passe ne correspondent pas
		    $display_string .= "Vous avez dépassé le maximum autorisé de tentatives de connexion, connectez vous au forum avant l'adhésion "."</br>";
			//affichage du resultat recupéré par la page appelante
	        echo $display_string;  
      	  	//temps d'attente de 7 secondes pour éviter les pirates
       		sleep (7);
    	    //en cas d'erreur non trouvé on sort en erreur 204 -  204 No Content
    	    http_response_code(206);
 		} else {
			//Le username et mot de passe ne correspondent pas
		    $display_string .= "Username et mot de passe invalide "."</br>";
			//affichage du resultat recupéré par la page appelante
	        echo $display_string;  
      	  	//temps d'attente de 7 secondes pour éviter les pirates
       		sleep (7);
    	    //en cas d'erreur non trouvé on sort en erreur 204 -  204 No Content
    	    http_response_code(204);
 		}
	} else {
		//Le username et mot de passe ne correspondent pas
	    $display_string .= "Username ou mot de passe non rempli "."</br>";
		//affichage du resultat recupéré par la page appelante
        echo $display_string;  
        //temps d'attente de 7 secondes pour éviter les pirates
        sleep (7);
        //en cas d'erreur non trouvé on sort en erreur 204 -  204 No Content
        http_response_code(204);
 	}
 			
?>

If I log http_response_code() the good value is logged (204/206)
but when i received the status, firebug always give me 200.

I have try to simplfy my code to identify the problem,
This code send me 200

Code: Select all

<?php
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	//Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');

	http_response_code(204);
	$display_string .= "http_response_code ".http_response_code()."</br>";    
	echo $display_string;
	return;
?>
And this code send me 204

Code: Select all

<?php
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	http_response_code(204);
	$display_string .= "http_response_code ".http_response_code()."</br>";    
	echo $display_string;
	return;
?>
I don't understand why the session management

Code: Select all

	//Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');
force status response to 200…
François

User avatar
AmigoJack
Registered User
Posts: 4993
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: AjaxCall with wrong http_response_code from php

Post by AmigoJack » Thu Nov 19, 2015 8:08 am

francois44 wrote:This code send me 200
Cannot reproduce - that one's response is clearly 204:

Code: Select all

http://127.0.0.1/phpBB3/aaa.php

GET /phpBB3/aaa.php HTTP/1.1
Host: 127.0.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Cookie: phpbb3_ruxob_u=2; phpbb3_ruxob_k=; phpbb3_ruxob_sid=ee2de622090c1396b547b965498668d7; style_cookie=null
Connection: keep-alive

HTTP/1.1 204 No Content
Date: Thu, 19 Nov 2015 08:00:22 GMT
Server: Apache/2.4.9 (Win32) OpenSSL/1.0.1g PHP/5.5.11
X-Powered-By: PHP/5.5.11
Set-Cookie: phpbb3_ruxob_u=1; expires=Fri, 18-Nov-2016 08:00:23 GMT; path=/; HttpOnly
Set-Cookie: phpbb3_ruxob_k=; expires=Fri, 18-Nov-2016 08:00:23 GMT; path=/; HttpOnly
Set-Cookie: phpbb3_ruxob_sid=6ee0bebde1f9a4058be0ab1ab90841fb; expires=Fri, 18-Nov-2016 08:00:23 GMT; path=/; HttpOnly
Content-Length: 27
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
I never heard of http_response_code() - is there a reason why you use that one? Be aware it needs PHP 5.4 at least.
The worst thing about censorship is ███████████

francois44
Registered User
Posts: 6
Joined: Sat Apr 18, 2015 9:34 am

Re: AjaxCall with wrong http_response_code from php

Post by francois44 » Sun Nov 29, 2015 6:45 am

Thank you AmigoJack for your answer :

regarding to your question,
I'm using php 5.5.18, Regarding http_response_code, i have read this information :
- Since PHP 5.4 you can use http_response_code.
- http_response_code(404);
- This will take care of setting the proper HTTP headers.
I have read an other answer too
- $this->response->statusCode(200);
- return $this->response;

I have changed my program,
Instead using Javascript and AjaxCall to verify login information in my htlm document,
I directly use phpbb forum login to obliged the user to be logged when he use my page.
This is a better solution

Code: Select all

<?php
	define('IN_PHPBB', true);
	// Include files
	$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../forum/';
	$phpEx = substr(strrchr(__FILE__, '.'), 1);
	require($phpbb_root_path . 'common.' . $phpEx);

	// Start session management
	$user->session_begin();
	$auth->acl($user->data);
	$user->setup('');

	// Test if registred
	if (!$user->data['is_registered']) {
		// Si la personne n'est pas logué, elle se loggue
		// retour vers se formulaire après connexion
		login_box(request_var('redirect', "/../ATADARK/formulaire_adhesion_atadark.$phpEx"));
	} else {
		// Continue the programme
So I don't need to return an other http_response_code because there is no ajaxProgram,
Thank you for answering php questions on this forum
François

Locked

Return to “[3.0.x] MOD Writers Discussion”

Who is online

Users browsing this forum: No registered users and 14 guests

cron