Quote:
Originally Posted by ReSpawN
Then I've got a question for ya Wildhoney. Yesterday I saw a script, calling up header in a switch, midpage, with outputs all around. He used sessions & cookies, with my (basically yours) salt script, enhanced IP (browser, lang, windows & IP combined) and a bit more (with the lardge encoding sha1+md5.
Anyways, what's the big deal about header? I really don't get it, but still, I know how to use it. Header can define the page properties but you can use it as a redirect as well. (ofcourse after the header(''); you call up exit(); (with, if you want, a message between the ().
So, can you explain this to me? :D
|
Well, there's no way he would have got away with that. Basically the header function is used to transmit header information - that is, header information that is interpreted by the browser, but not necessarily displayed. The packet that comes after are the HTML pages and all the images - all coming from simple GET/POST requests.
So, if you send the body before you issue the header function then because the header function has already been dispatched, you cannot send another header function once the first header has gone. Thus:
Send: HTML GET/POST Request -> Receive: HTML Header -> Receive: HTML Body.
After the HTML body comes nothing, but more body stuff. With the way HTTP works you cannot set another header function - that is, those items in <head>.
To get around this problem you can prevent the body stuff being sent prematurely by using such functions as as the
ob_* library. This stores the body in an internal buffer until you tell it to send that buffer to the client. Therefore it allows you to send all the header stuff, still interpret the body as well, but send them in order: header then body.
The best way to go about it though is to not use the
ob_* library at all and simply create your PHP script so that all PHP is processed before any output is displayed, then just mingle the PHP echoes amongst the HTML.