sessions and redirecting in opera

>>>
>>Could it be that Opera needs some kind of body content after a
>>redirection
>>header? Or could it perhaps be that Opera indeed thinks that it
>>should redirect back to the login page again, since it is redirected
>>to a page, that redirected to the login page in the first place. lol

>>>

>>On Fri, 10 Aug 2007 20:07:03 +0200, amygdala <noreply@norepl y.com>
>>wrote:
>>>>
>>>Could it be that Opera needs some kind of body content after a
>>>redirectio n
>>>header? Or could it perhaps be that Opera indeed thinks that it
>>>should redirect back to the login page again, since it is
>>>redirected to a page, that redirected to the login page in the
>>>first place. lol
>>>
>>Possiblity 1:
>>Opera -Tools -preferences -Advanced -Network -Enable
>>Automatic Redirection.
>>>
>>It's enabled by default, but can be disabled for whatever purpose.
>>All the more reason why a header redirect should be accompanied by
>>some information one is redirected, and a script should die()/exit()
>>after that.
>>Possibility 2:
>>Opera get's the redirect, but still has the page with the same URL
>>in cache, so decides to use that one. Set some header and/or html
>>information these pages should not be cached.
>>>
>>Possibility 3:
>>The script isn't terminated after the first header-redirect,
>>continues to run, and effectively changes the redirect by a second
>>header() call. Putting an echo directly after it will force the
>>headers to be sent, so they cannot be replaced anymore, resulting in
>>the first one being the only one, and thus the one obeyed by the
>>browser. Another example why one should die()/exit() after a
>>redirect. <?php
>>//this will offcourse end in /second.html
>>header('Locat ion: /first.html');
>>header('Locat ion: /second.html');
>>>>
>>>
>><?php
>>//this will end in /first.html
>>header('Locat ion: /first.html');
>>flush();
>>header('Locat ion: /second.html');

>>>
>>My SessionHandler class has the following method:
>>>
>> public function redirect( $url )
>> {
>> session_write_c lose();
>> header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
>> header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
>> header( 'Cache-Control: no-store, no-cache, must-revalidate' );
>> header( 'Cache-Control: post-check=0, pre-check=0', false );
>> header( 'Pragma: no-cache' );
>> header( 'HTTP/1.0 302 Moved Temporarily' );
>> header( 'Location: ' . $url );
>> // this part between the comments is important
>> echo 'You\'re being redirected to ' . $url . ' .
>> Click <a href="' . $url. '">here</aif it doesn\'t work';
>> // end important part
>> exit(); // exit doesn't really make a difference for Opera
>> }
>>>
>>Since I have now included the exit() statement I am sure that this
>>is the last thing done by the application when redirecting. Also, I
>>have added cache control headers and the likes. But still in Opera
>>the problem persists
>>if I leave out the echo part you see above between the comments.
>>>
>>So, from my experience it seems as if Opera wants some body content
>>for the
>>redirect to work and revalidate the url I landed on before I had to
>>log in.

>>This thing still has me puzzled. What I did is the following:
>>>
>>My SessionHandler class has the following method:
>>>
>> public function redirect( $url )
>> {
>> session_write_c lose();
>> header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
>> header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
>> header( 'Cache-Control: no-store, no-cache, must-revalidate' );
>> header( 'Cache-Control: post-check=0, pre-check=0', false );
>> header( 'Pragma: no-cache' );
>> header( 'HTTP/1.0 302 Moved Temporarily' );
>> header( 'Location: ' . $url );
>> // this part between the comments is important
>> echo 'You\'re being redirected to ' . $url . ' .
>> Click <a href="' . $url. '">here</aif it doesn\'t work';
>> // end important part
>> exit(); // exit doesn't really make a difference for Opera
>> }
>>>
>>Since I have now included the exit() statement I am sure that this
>>is the last thing done by the application when redirecting. Also, I
>>have added cache control headers and the likes. But still in Opera
>>the problem persists
>>if I leave out the echo part you see above between the comments.

>>amygdala wrote:
>>>Rik wrote:
>>>>On Fri, 10 Aug 2007 20:07:03 +0200, amygdala <noreply@norepl y.com>
>>>>wrote:
>>>>>Could it be that Opera needs some kind of body content after a
>>>>>redirectio n
>>>>>header? Or could it perhaps be that Opera indeed thinks that it
>>>>>should redirect back to the login page again, since it is
>>>>>redirect ed to a page, that redirected to the login page in the
>>>>>first place. lol
>>>>Possiblit y 1:
>>>>Opera -Tools -preferences -Advanced -Network -Enable
>>>>Automatic Redirection.
>>>>>
>>>>It's enabled by default, but can be disabled for whatever purpose.
>>>>All the more reason why a header redirect should be accompanied by
>>>>some information one is redirected, and a script should
>>>>die()/exit() after that.
>>>>Possibili ty 2:
>>>>Opera get's the redirect, but still has the page with the same
>>>>URL in cache, so decides to use that one. Set some header and/or
>>>>html information these pages should not be cached.
>>>>>
>>>>Possibili ty 3:
>>>>The script isn't terminated after the first header-redirect,
>>>>continues to run, and effectively changes the redirect by a second
>>>>header() call. Putting an echo directly after it will force the
>>>>headers to be sent, so they cannot be replaced anymore, resulting
>>>>in the first one being the only one, and thus the one obeyed by
>>>>the browser. Another example why one should die()/exit() after a
>>>>redirect. <?php
>>>>//this will offcourse end in /second.html
>>>>header('Loc ation: /first.html');
>>>>header('Loc ation: /second.html');
>>>><?php
>>>>//this will end in /first.html
>>>>header('Loc ation: /first.html');
>>>>flush();
>>>>header('Loc ation: /second.html');
>>>This thing still has me puzzled. What I did is the following:
>>>>
>>>My SessionHandler class has the following method:
>>>>
>>> public function redirect( $url )
>>> {
>>> session_write_c lose();
>>> header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
>>> header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT'
>>> ); header( 'Cache-Control: no-store, no-cache, must-revalidate'
>>> ); header( 'Cache-Control: post-check=0, pre-check=0', false );
>>> header( 'Pragma: no-cache' );
>>> header( 'HTTP/1.0 302 Moved Temporarily' );
>>> header( 'Location: ' . $url );
>>> // this part between the comments is important
>>> echo 'You\'re being redirected to ' . $url . ' .
>>> Click <a href="' . $url. '">here</aif it doesn\'t work';
>>> // end important part
>>> exit(); // exit doesn't really make a difference for Opera
>>> }
>>>>
>>>Since I have now included the exit() statement I am sure that this
>>>is the last thing done by the application when redirecting. Also,
>>>I have added cache control headers and the likes. But still in
>>>Opera the problem persists if I leave out the echo part you see
>>>above between the comments. So, from my experience it seems as if Opera
>>>wants some body
>>>content for the redirect to work and revalidate the url I landed
>>>on before I had to log in.
>>>>
>>>Does anyone have any other clue as to what might be going on here?
>>>>
>>>Thanks.
>>Why are you sending a message they will never see, anyway? Normally a
>>redirect header has NO text associated with it.
>>>
>>If you have your header set up appropriately, they will be
>>redirected. All the message might do is screw things up for the
>>browser.

>>>This thing still has me puzzled. What I did is the following:
>>>>
>>>My SessionHandler class has the following method:
>>>>
>>> public function redirect( $url )
>>> {
>>> session_write_c lose();
>>> header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
>>> header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT'
>>> ); header( 'Cache-Control: no-store, no-cache, must-revalidate'
>>> ); header( 'Cache-Control: post-check=0, pre-check=0', false );
>>> header( 'Pragma: no-cache' );
>>> header( 'HTTP/1.0 302 Moved Temporarily' );
>>> header( 'Location: ' . $url );
>>> // this part between the comments is important
>>> echo 'You\'re being redirected to ' . $url . ' .
>>> Click <a href="' . $url. '">here</aif it doesn\'t work';
>>> // end important part
>>> exit(); // exit doesn't really make a difference for Opera
>>> }
>>>>
>>>Since I have now included the exit() statement I am sure that this
>>>is the last thing done by the application when redirecting. Also, I
>>>have added cache control headers and the likes. But still in Opera
>>>the problem persists
>>>if I leave out the echo part you see above between the comments.
>>>
>>Can you set this up somewhere accessable? I'm curious what happens
>>if I try it in Opera here. Never gave me problems before.

>>I've set up little example (without the echo part in the redirect
>>method) which you should be able to access temporarily through:
>>>
>>http://amygdala.kicks-ass.net/profile/
>>>
>>(Please let me know if you are not able to access it.)

>>>I've set up little example (without the echo part in the redirect
>>>method) which you should be able to access temporarily through:
>>>>
>>>http://amygdala.kicks-ass.net/profile/
>>>>
>>>(Please let me know if you are not able to access it.)
>>>
>>HTTP/1.x 302 Moved Temporarily
>>...
>>Set-Cookie: PHPSESSID=jhikt dcd4efk720iqahh hquokhm24ill; path=/
>>Set-Cookie: PHPSESSID=upgdi hd7gbiqnen492ad vkiu0c0piv4v; path=/
>>Location: http://127.0.0.1/user/login/
>>...
>>>
>>I haven't set up your site on my local box, so no, it's not working
>>:).

>>"Jerry Stuckle" <jstucklex@attg lobal.netschree f in bericht
>>news:xqKdnb9U 2fBnMyLbnZ2dnUV Z_uLinZ2d@comca st.com...
>>>amygdala wrote:
>>>>Rik wrote:
>>>>>On Fri, 10 Aug 2007 20:07:03 +0200, amygdala <noreply@norepl y.com>
>>>>>wrote:
>>>>>>Could it be that Opera needs some kind of body content after a
>>>>>>redirecti on
>>>>>>header? Or could it perhaps be that Opera indeed thinks that it
>>>>>>should redirect back to the login page again, since it is
>>>>>>redirecte d to a page, that redirected to the login page in the
>>>>>>first place. lol
>>>>>Possibli ty 1:
>>>>>Opera -Tools -preferences -Advanced -Network -Enable
>>>>>Automati c Redirection.
>>>>>>
>>>>>It's enabled by default, but can be disabled for whatever purpose.
>>>>>All the more reason why a header redirect should be accompanied by
>>>>>some information one is redirected, and a script should
>>>>>die()/exit() after that.
>>>>>Possibilit y 2:
>>>>>Opera get's the redirect, but still has the page with the same
>>>>>URL in cache, so decides to use that one. Set some header and/or
>>>>>html information these pages should not be cached.
>>>>>>
>>>>>Possibilit y 3:
>>>>>The script isn't terminated after the first header-redirect,
>>>>>continue s to run, and effectively changes the redirect by a second
>>>>>header() call. Putting an echo directly after it will force the
>>>>>headers to be sent, so they cannot be replaced anymore, resulting
>>>>>in the first one being the only one, and thus the one obeyed by
>>>>>the browser. Another example why one should die()/exit() after a
>>>>>redirect . <?php
>>>>>//this will offcourse end in /second.html
>>>>>header('Lo cation: /first.html');
>>>>>header('Lo cation: /second.html');
>>>>><?php
>>>>>//this will end in /first.html
>>>>>header('Lo cation: /first.html');
>>>>>flush();
>>>>>header('Lo cation: /second.html');
>>>>This thing still has me puzzled. What I did is the following:
>>>>>
>>>>My SessionHandler class has the following method:
>>>>>
>>>> public function redirect( $url )
>>>> {
>>>> session_write_c lose();
>>>> header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
>>>> header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT'
>>>> ); header( 'Cache-Control: no-store, no-cache, must-revalidate'
>>>> ); header( 'Cache-Control: post-check=0, pre-check=0', false );
>>>> header( 'Pragma: no-cache' );
>>>> header( 'HTTP/1.0 302 Moved Temporarily' );
>>>> header( 'Location: ' . $url );
>>>> // this part between the comments is important
>>>> echo 'You\'re being redirected to ' . $url . ' .
>>>> Click <a href="' . $url. '">here</aif it doesn\'t work';
>>>> // end important part
>>>> exit(); // exit doesn't really make a difference for Opera
>>>> }
>>>>>
>>>>Since I have now included the exit() statement I am sure that this
>>>>is the last thing done by the application when redirecting. Also,
>>>>I have added cache control headers and the likes. But still in
>>>>Opera the problem persists if I leave out the echo part you see
>>>>above between the comments. So, from my experience it seems as if Opera
>>>>wants some body
>>>>content for the redirect to work and revalidate the url I landed
>>>>on before I had to log in.
>>>>>
>>>>Does anyone have any other clue as to what might be going on here?
>>>>>
>>>>Thanks.
>>>Why are you sending a message they will never see, anyway? Normally a
>>>redirect header has NO text associated with it.
>>>>
>>>If you have your header set up appropriately, they will be
>>>redirected . All the message might do is screw things up for the
>>>browser.
>>PS.: Correct me if I'm wrong, but are my headers not set up properly?
>>>
>>>

>>amygdala wrote:
>>>"Jerry Stuckle" <jstucklex@attg lobal.netschree f in bericht
>>>news:xqKdnb9 U2fBnMyLbnZ2dnU VZ_uLinZ2d@comc ast.com...
>>>>amygdala wrote:
>>>>>Rik wrote:
>>>>>>On Fri, 10 Aug 2007 20:07:03 +0200, amygdala
>>>>>><noreply@ noreply.comwrot e:
>>>>>>>Could it be that Opera needs some kind of body content after a
>>>>>>>redirect ion
>>>>>>>header ? Or could it perhaps be that Opera indeed thinks that it
>>>>>>>should redirect back to the login page again, since it is
>>>>>>>redirect ed to a page, that redirected to the login page in the
>>>>>>>first place. lol
>>>>>>Possiblit y 1:
>>>>>>Opera -Tools -preferences -Advanced -Network -Enable
>>>>>>Automat ic Redirection.
>>>>>>>
>>>>>>It's enabled by default, but can be disabled for whatever
>>>>>>purpose . All the more reason why a header redirect should be
>>>>>>accompani ed by some information one is redirected, and a script
>>>>>>should die()/exit() after that.
>>>>>>Possibili ty 2:
>>>>>>Opera get's the redirect, but still has the page with the same
>>>>>>URL in cache, so decides to use that one. Set some header and/or
>>>>>>html information these pages should not be cached.
>>>>>>>
>>>>>>Possibili ty 3:
>>>>>>The script isn't terminated after the first header-redirect,
>>>>>>continu es to run, and effectively changes the redirect by a
>>>>>>second header() call. Putting an echo directly after it will
>>>>>>force the headers to be sent, so they cannot be replaced
>>>>>>anymore , resulting in the first one being the only one, and
>>>>>>thus the one obeyed by the browser. Another example why one
>>>>>>should die()/exit() after a redirect. <?php
>>>>>>//this will offcourse end in /second.html
>>>>>>header('L ocation: /first.html');
>>>>>>header('L ocation: /second.html');
>>>>>><?php
>>>>>>//this will end in /first.html
>>>>>>header('L ocation: /first.html');
>>>>>>flush() ;
>>>>>>header('L ocation: /second.html');
>>>>>This thing still has me puzzled. What I did is the following:
>>>>>>
>>>>>My SessionHandler class has the following method:
>>>>>>
>>>>> public function redirect( $url )
>>>>> {
>>>>> session_write_c lose();
>>>>> header( 'Expires: Mon, 26 Jul 1997 05:00:00 GMT' );
>>>>> header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT'
>>>>> ); header( 'Cache-Control: no-store, no-cache, must-revalidate'
>>>>> ); header( 'Cache-Control: post-check=0, pre-check=0', false );
>>>>> header( 'Pragma: no-cache' );
>>>>> header( 'HTTP/1.0 302 Moved Temporarily' );
>>>>> header( 'Location: ' . $url );
>>>>> // this part between the comments is important
>>>>> echo 'You\'re being redirected to ' . $url . ' .
>>>>> Click <a href="' . $url. '">here</aif it doesn\'t work';
>>>>> // end important part
>>>>> exit(); // exit doesn't really make a difference for Opera
>>>>> }
>>>>>>
>>>>>Since I have now included the exit() statement I am sure that
>>>>>this is the last thing done by the application when redirecting.
>>>>>Also,
>>>>>I have added cache control headers and the likes. But still in
>>>>>Opera the problem persists if I leave out the echo part you see
>>>>>above between the comments. So, from my experience it seems as
>>>>>if Opera wants some body
>>>>>content for the redirect to work and revalidate the url I landed
>>>>>on before I had to log in.
>>>>>>
>>>>>Does anyone have any other clue as to what might be going on
>>>>>here? Thanks.
>>>>Why are you sending a message they will never see, anyway?
>>>>Normally a redirect header has NO text associated with it.
>>>>>
>>>>If you have your header set up appropriately, they will be
>>>>redirecte d. All the message might do is screw things up for the
>>>>browser.
>>>PS.: Correct me if I'm wrong, but are my headers not set up
>>>properly?
>>Well, I don't see why you have the session_write_c lose() - the
>>session will be closed during exit() processing, anyway.
>>>
>>I also don't see why you have all of the cache control stuff. It's
>>completely unnecessary in this case.
>>>
>>Keep it simple - the 302 moved and location should be all you need.