On Tue, 13 Aug 2002 22:14:28 -0500, you wrote:
>I had some headers that were working on one server (4.0.6), but isn't
>working on my (nearly) fresh install of 4.2.2. Here's the conundrum:
> header("Set-Cookie: mid=$mid");
> header("Location: $location");
> exit;
>worked just fine. I moved it over, and now the cookie doesn't take
>effect.
[...]
>One other feasable difference is that the
>4.0.6 was on a *nix box with apache and the 4.2.2 is on 2k's IIS, but I
>doubt that is the problem.
Actually, that *IS* the problem. This is a bug in the way that IIS
handles CGI-generated headers, and is detailed in knowledgebase
article Q176113.
It seems that if a "Location: " header is sent from a CGI program, IIS
will ignore any other headers that come with it. So you cannot by
default set a cookie and redirect on the same page.
The workaround is to rename the script so that it begins with "nph-".
(I'm serious). This stands for "non-parsed headers mode" and it tells
IIS to leave the headers alone. Then you have to generate the headers
manually rather than using the setcookie() function built into IIS.
I had this exact same problem on a script that I was working on. In
my script I was attempting to set a cookie and then redirect the
browser upon successful authentication. When I discovered that this
does not work with IIS + PHP (cgi mode) I moved the login and logout
functionality to seperate files called nph-authenticate.php and
nph-logout.php, and I generate the headers manually, like so:
header("HTTP/1.0 302 Redirect");
header("Location: $location");
header("Set-Cookie: mid=$mid");
HTH
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
