diff --git a/functions/http.xml b/functions/http.xml index 93c005d524..b805876007 100644 --- a/functions/http.xml +++ b/functions/http.xml @@ -3,9 +3,10 @@ HTTP - - These functions let you manipulate the output sent back to the - remote browser right down to the HTTP protocol level. + + These functions let you manipulate the output sent back to the + remote browser right down to the HTTP protocol level. + @@ -25,44 +26,57 @@ header strings. See the HTTP 1.1 Specification for more information on raw http headers. Note: Remember that the - Header function must be called before any actual - output is sent either by normal HTML tags or from PHP. It is a very - common error to read code with include or with - auto_prepend and have spaces or empty lines in this code that force - output before header is called. - - - There are two special-case header calls. The first is the "Location" - header. Not only does it send this header back to the browser, it also returns - a REDIRECT status code to Apache. From a script writer's point of view this - should not be important, but for people who understand Apache internals it is - important to understand. - -header("Location: http://www.php.net"); /* Redirect browser to PHP web site */ -exit; /* Make sure that code below does not get executed when we redirect. */ - - - The second special-case is any header that starts with the string, "HTTP/" - (case is not significant). For example, if you have your ErrorDocument 404 Apache - directive pointed to a PHP script, it would be a good idea to make sure that your - PHP script is actually generating a 404. The first thing you do in your script should - then be: - -header("http/1.0 404 Not Found"); - - - + Header function must be called before any + actual output is sent either by normal HTML tags or from PHP. It + is a very common error to read code with + include or with auto_prepend and have spaces + or empty lines in this code that force output before + header is called. + + + There are two special-case header calls. The first is the + "Location" header. Not only does it send this header + back to the browser, it also returns a REDIRECT status code to + Apache. From a script writer's point of view this should not be + important, but for people who understand Apache internals it is + important to understand. + + +header ("Location: http://www.php.net"); /* Redirect browser + to PHP web site */ +exit; /* Make sure that code below does + not get executed when we redirect. */ + + + + + The second special-case is any header that starts with the + string, "HTTP/" (case is not significant). For + example, if you have your ErrorDocument 404 Apache directive + pointed to a PHP script, it would be a good idea to make sure + that your PHP script is actually generating a 404. The first + thing you do in your script should then be: + + +header ("http/1.0 404 Not Found"); + + + PHP scripts often generate dynamic HTML that must not be cached by the client browser or any proxy caches between the server and the client browser. Many proxies and clients can be forced to disable caching with - - header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past - header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // always modified - header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 - header("Pragma: no-cache"); // HTTP/1.0 - + + +header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past +header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); + // always modified +header ("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 +header ("Pragma: no-cache"); // HTTP/1.0 + + + @@ -88,92 +102,95 @@ header("http/1.0 404 Not Found"); before any other headers are sent (this is a restriction of cookies, not PHP). This requires you to place calls to this function before any <html> or - <head> tags. - + <head> tags. + - All the arguments except the name argument are - optional. If only the name argument is present, the cookie by that - name will be deleted from the remote client. You may also replace - any argument with an empty string ("") - in order to skip that argument. The expire - and secure arguments are integers - and cannot be skipped with an empty string. Use a zero - (0) instead. The expire - argument is a regular Unix time integer as returned by the - time or mktime functions. - The secure indicates that the cookie should - only be transmitted over a secure HTTPS connection. - + All the arguments except the name argument + are optional. If only the name argument is present, the cookie + by that name will be deleted from the remote client. You may + also replace any argument with an empty string + ("") in order to skip that + argument. The expire and + secure arguments are integers and cannot + be skipped with an empty string. Use a zero + (0) instead. The + expire argument is a regular Unix time + integer as returned by the time or + mktime functions. The + secure indicates that the cookie should + only be transmitted over a secure HTTPS connection. + - Common Pitfalls: - + Common Pitfalls: + Cookies will not become visible until the next loading of a page that - the cookie should be visible for. - + the cookie should be visible for. + Multiple calls to setcookie in the same script will be performed in reverse order. If you are trying to delete one cookie before inserting another you should put the - insert before the delete. - + insert before the delete. + Some examples follow: <function>setcookie</function> examples -setcookie("TestCookie","Test Value"); -setcookie("TestCookie",$value,time()+3600); /* expire in 1 hour */ -setcookie("TestCookie",$value,time()+3600,"/~rasmus/",".utoronto.ca",1); - - +setcookie ("TestCookie", "Test Value"); +setcookie ("TestCookie", $value,time()+3600); /* expire in 1 hour */ +setcookie ("TestCookie", $value,time()+3600, "/~rasmus/", ".utoronto.ca", 1); + + + Note that the value portion of the cookie will automatically be urlencoded when you send the cookie, and when it is received, it is automatically decoded and assigned to a variable by the same name as the cookie name. To see the contents of our test cookie in a script, simply use one of the following examples: - - + + echo $TestCookie; echo $HTTP_COOKIE_VARS["TestCookie"]; - - - - You may also set array cookies by using array notation in the - cookie name. This has the effect of setting as many cookies as - you have array elements, but when the cookie is received by your - script, the values are all placed in an array with the cookie's - name: - - -setcookie( "cookie[three]", "cookiethree" ); -setcookie( "cookie[two]", "cookietwo" ); -setcookie( "cookie[one]", "cookieone" ); -if ( isset( $cookie ) ) { - while( list( $name, $value ) = each( $cookie ) ) { - echo "$name == $value<br>\n"; - } + + + + + You may also set array cookies by using array notation in the + cookie name. This has the effect of setting as many cookies as + you have array elements, but when the cookie is received by your + script, the values are all placed in an array with the cookie's + name: + + +setcookie ("cookie[three]", "cookiethree"); +setcookie ("cookie[two]", "cookietwo"); +setcookie ("cookie[one]", "cookieone"); +if (isset ($cookie)) { + while (list ($name, $value) = each ($cookie)) { + echo "$name == $value<br>\n"; + } } - - - - - + + + For more information on cookies, see Netscape's cookie - specification at &spec.cookies;. - + specification at &spec.cookies;. + Microsoft Internet Explorer 4 with Service Pack 1 applied does not correctly deal with cookies that have their path parameter - set. - + set. + Netscape Communicator 4.05 and Microsoft Internet Explorer 3.x appear to handle cookies incorrectly when the path and time - are not set. - + are not set. + @@ -189,7 +206,7 @@ sgml-always-quote-attributes:t sgml-indent-step:1 sgml-indent-data:t sgml-parent-document:nil -sgml-default-dtd-file:"../manual.ced" +sgml-default-dtd-file:"../../manual.ced" sgml-exposed-tags:nil sgml-local-catalogs:nil sgml-local-ecat-files:nil