php stupidity ticking me off

  • saybrah
  • Student
  • Student
  • saybrah
  • Posts: 69

Post 3+ Months Ago

i don't know what the heck is going on but this is the most retarded problem i have ever run into.

i have a md5 protection for my download links. here is the problem that has me throwing out wtfs and being p'd off.

Code: [ Select ]
if($code!=$verify){header("Location: http://www.mydomain.com");}


i can change the hashed code and it isn't redirected

i'm like wtf so i did
Code: [ Select ]
echo($code!=$verify)?"false":"true";


if i change the hash everything works fine

it's like the if statement is ignored and just want to redirect

i've never ran into anything like this especially since i have the exact same code on numerous sites

i settled with just doing what i should have just done from the beginning since it eliminated the extra code

Code: [ Select ]
$link=[download code];
if($code!=$verify){$link="http://www.mydomain.com";}
header("Location: http://www.mydomain.com");
  1. $link=[download code];
  2. if($code!=$verify){$link="http://www.mydomain.com";}
  3. header("Location: http://www.mydomain.com");
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Truce
  • Guru
  • Guru
  • Truce
  • Posts: 1477
  • Loc: Washington DC

Post 3+ Months Ago

Well for starters you've got your code all jumbled up and I'm going to assume it's because you tried to public-safety it by replacing the domains.

A few things could be going on here. Either $code does == $verify (hard for us to say without more info) or you might be sending output to the browser after you send the header to the browser (or you could have send output to the browser before you sent the header).

Whatever the case, you should always use exit; when you have a header redirect and there is additional code down the page you don't want executed. More here:

http://www.php.net/manual/en/function.header.php#85254
  • saybrah
  • Student
  • Student
  • saybrah
  • Posts: 69

Post 3+ Months Ago

actually
$data=$_GET['file'].$secret;
$code=$_GET['code'];
$verify=md5($data);

so the problem was that even if i change a value in the 'code' for some reason it was still redirected
  • may
  • Proficient
  • Proficient
  • User avatar
  • Posts: 328
  • Loc: Holland [NL]

Post 3+ Months Ago

Code: [ Select ]
$link=[download code];
if($code!=$verify){$link="http://www.mydomain.com";}
header("Location: http://www.mydomain.com");
  1. $link=[download code];
  2. if($code!=$verify){$link="http://www.mydomain.com";}
  3. header("Location: http://www.mydomain.com");


Your remark "Im like wtf so i did" is just as confusing to me as reading this piece of code. I cant realy figure out what you are trying to do.

In all cases when im reading the following:

"so the problem was that even if i change a value in the 'code' for some reason it was still redirected"

im assuming that you are actually trying to "send" some file to "some" browser by setting the correct "header" instead of redirecing someone to the location where a download is offered from.

ie.

Code: [ Select ]
$filename = 'myfile.txt';
$handle = fopen($filename, "r");
$contents = fread($handle, filesize($filename));
header("Pragma: public");
header("Expires: 0"); // set expiration time
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Disposition: attachment; filename=".basename($filename).";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".strlen($contents));
echo $contents;
exit();
  1. $filename = 'myfile.txt';
  2. $handle = fopen($filename, "r");
  3. $contents = fread($handle, filesize($filename));
  4. header("Pragma: public");
  5. header("Expires: 0"); // set expiration time
  6. header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
  7. header("Content-Type: application/force-download");
  8. header("Content-Type: application/octet-stream");
  9. header("Content-Type: application/download");
  10. header("Content-Disposition: attachment; filename=".basename($filename).";");
  11. header("Content-Transfer-Encoding: binary");
  12. header("Content-Length: ".strlen($contents));
  13. echo $contents;
  14. exit();


Or something like that...

Rgrds...
  • saybrah
  • Student
  • Student
  • saybrah
  • Posts: 69

Post 3+ Months Ago

sorry i'm a hit and runner which leaves me often short of a full question/reply

$link=[download code]; is just pretty much $link="http://www.domain.xxx/$productlink";

it's not as simple as that since i'm actually using linklokurl. the only reason i had to jump through a hoop is because for some reason the membership script i use has an issue with linkloks link output so they don't work.

another page. sure i could have used the correct code or change the variables but i didn't so i apologize for the confusion.

may wrote:
Code: [ Select ]
 
$link=[download code];
if($code!=$verify){$link="http://www.mydomain.com";}
header("Location: http://www.mydomain.com");
 
  1.  
  2. $link=[download code];
  3. if($code!=$verify){$link="http://www.mydomain.com";}
  4. header("Location: http://www.mydomain.com");
  5.  


Your remark "Im like wtf so i did" is just as confusing to me as reading this piece of code. I cant realy figure out what you are trying to do.

In all cases when im reading the following:

"so the problem was that even if i change a value in the 'code' for some reason it was still redirected"

im assuming that you are actually trying to "send" some file to "some" browser by setting the correct "header" instead of redirecing someone to the location where a download is offered from.

ie.

Code: [ Select ]
 
$filename = 'myfile.txt';
$handle = fopen($filename, "r");
$contents = fread($handle, filesize($filename));
header("Pragma: public");
header("Expires: 0"); // set expiration time
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Disposition: attachment; filename=".basename($filename).";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".strlen($contents));
echo $contents;
exit();
 
  1.  
  2. $filename = 'myfile.txt';
  3. $handle = fopen($filename, "r");
  4. $contents = fread($handle, filesize($filename));
  5. header("Pragma: public");
  6. header("Expires: 0"); // set expiration time
  7. header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
  8. header("Content-Type: application/force-download");
  9. header("Content-Type: application/octet-stream");
  10. header("Content-Type: application/download");
  11. header("Content-Disposition: attachment; filename=".basename($filename).";");
  12. header("Content-Transfer-Encoding: binary");
  13. header("Content-Length: ".strlen($contents));
  14. echo $contents;
  15. exit();
  16.  


Or something like that...

Rgrds...
  • Sabu
  • Beginner
  • Beginner
  • Sabu
  • Posts: 47

Post 3+ Months Ago

Keep in mind that sending header() does not stop the rest of the page from running. Always follow a redirect header() with exit();

Post Information

  • Total Posts in this topic: 6 posts
  • Users browsing this forum: No registered users and 122 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.