Solved

Back button: "The page cannot be displayed"

Posted on 2004-10-03
13
345 Views
Last Modified: 2012-06-21
Hi, I have a whole site set up in PHP, and only one problem (at the moment).  The user goes to the login page, logs in, form info is submitted to test.php, the redirected to home.php.  From there the user clicks on any link, goes to page1.php.  Then hits back, and gets a "The page cannot be displayed" error.  If the reload button is hit, home.php comes up fine, without even loosing any session variables.  What is even wierder is that this only has to be done once.  After that they can press back and it goes to home.php witout having to reload.

I have a line `header("Cache-control: public");` at the top, and this hasn't fixed it.  This is not really in my area of php, so I am hoping someone knows how to deal with this.  This same question was asked before and I found it in my search, but I couldn't glean a real answer to it.  Thanks in advance.
0
Comment
Question by:zixp
  • 8
  • 5
13 Comments
 
LVL 27

Expert Comment

by:Diablo84
ID: 12212523
try

header("Cache-control: private");

after

session_start();
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12212533
It sounds like the IE6 bug that comes up when using sessions, discussed here: http://www.phpfreaks.com/tutorials/41/1.php
0
 

Author Comment

by:zixp
ID: 12212695
sorry, I meant to say that I had tried private as well
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 27

Expert Comment

by:Diablo84
ID: 12212765
hmm, that one usually resolves this problem, you have definitely added the header before any output? (echo/print, html, new lines outside of <?php tags).

Just checking before looking towards a work around.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12213583
Failing that heres a couple of ideas off the top of my head:

1) Prevent caching of the form page altogether (take note as i recall this does not usually fix this problem but as the traditional fix here has failed its something to try):

header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

http://www.php.net/manual/en/function.header.php

Same principles as usual with headers, before any output they must go.

2) Not sure how well this one will work here, this is typically the method i use to prevent a page resending form data upon refresh.

Point the form the the current page, ie actioon="<?php echo $_SERVER['PHP_SELF']; ?>" then assign the post data to session variables temporarily, for example, at the start of the file

session_start();

if (isset($_POST['submit'])) {
 $_SESSION['username'] = $_POST['username'];
 $_SESSION['password'] = $_POST['password'];
 header("location: your_processing_page.php");
 exit;
}

On the processing page (make sure you have session_start(); at the top of it) you can then validate the data as you would normally only referencing the session variables rather then the post variables, after validation you can then reset the values and do what ever needs to be done. This should in theory avoid the page cannot be displayed error however its an untested unusual method for this purpose.

The last thing i would suggest you do, prehaps before any of the above, is turn on error reporting for the script temporarily just to make sure that the headers you tried initially (in particular the private cache one) were being sent correctly. You can do this by adding:

error_reporting(E_ALL ^ E_NOTICE);

To the top of your file.

I will doubtfully be checking back before tomorrow so if the problem persists post back and i will either return to the issue in the morning or someone else will be able to provide you with help. Best of luck in the mean time.

|)iablo

0
 

Author Comment

by:zixp
ID: 12214639
After having tried your suggestions I must sadly report that none seems to have changed anything.  I did however realize that I cut out the intermediary php page, so here is what it looks like (pseudo code):

login.php:
          post:username
          post:password
             submit:home.php
home.php
          if !isset($_session vars)  && isset($_post vars),
               post vars => session vars
          else check_login_and_pass()
page1.php
          check_login_and_pass()
          <a href="home.php">
home.php
====It is at this point that the page cannot be displayed until it is refreshed=====
--[REFRESH]--
home.php
         <a href="page1.php">
page1.php
         <a href="home.php">
home.php
         No problems loading anymore.


Strange, and like I said, I have tried all sorts of cache-limiting headers on home.php, including the ones that you had there.

I will increase the points
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12215400
Does it also happen when clicking the link back to home.php for the first time or is it just when hitting back in your browser?

Can you also post your code from home.php, atleast the relevant part that handles the post and sessions, i would like to have a look and see whats going wrong here if possible.
0
 

Author Comment

by:zixp
ID: 12216800
1) No, as a matter of fact it does not have this problem when clicking on the home link. I forgot to mention that.

2)
::LOGIN.HTML::
<html><head></head><body>
<form name="login" method="post" action="home.php">
</body</html>

::HOME.PHP::
<?php

//error_reporting(E_ALL ^ E_NOTICE);
//ini_set("error_reporting"," E_ALL & ~E_NOTICE");

session_start();
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

if ( !isset($HTTP_SESSION_VARS['username']) && (isset($_POST))){
      
      //get vars from $_POST
      if ((!$HTTP_POST_VARS['username']) || (!$HTTP_POST_VARS['pass'])){ echo "you must <a href=\"http://***.***.com\">log in</a>"; exit;}
      
      $username = $HTTP_POST_VARS['username'];
      $pass = $HTTP_POST_VARS['pass'];

      //convert to $_SESSION
      $HTTP_SESSION_VARS['username'] = $username;
      $HTTP_SESSION_VARS['canary'] = 'set in home';
      $HTTP_SESSION_VARS['encryptpass'] = crypt($pass, $username);

      //clean up variables for security
      unset($HTTP_POST_VARS['username']);
      unset($HTTP_POST_VARS['pass']);
      unset($pass);
}

require ("credentials.php");
?>
<html>
<head>
...
::CREDENTIALS.PHP::
@session_start();
@$login = addslashes($HTTP_SESSION_VARS['username']);
@$password = addslashes($HTTP_SESSION_VARS['encryptpass']);
if ( $HTTP_SESSION_VARS['username'] == "" || $HTTP_SESSION_VARS['encryptpass'] == ""){echo "Im sorry, but you must be logged in to see this page. Please <a href=\"http://***.***.com\">login</a>"; exit;}
if (!$login || !$password){echo "You are not authoirzied to view this page";}
          ...the script then proceedes to look up the user from the database

and BTW, dont worry about $HTTP_SESSION instead of $_SESSION, or the like for post, I have heard it before, but thats how I learned it, and there is no real reason to go and change it.


0
 
LVL 27

Accepted Solution

by:
Diablo84 earned 450 total points
ID: 12216966
Ok, as there isn't as such an error with your code i am going to have to target potential suspects within your script as it were to try and find the cause.


>> if ( !isset($HTTP_SESSION_VARS['username']) && (isset($_POST))){

The post array is always set* so you should focus on checking a specific post array item,
eg: if (!isset($HTTP_SESSION_VARS['username']) && isset($_POST['username'])){

* You will notice that

if (isset($_POST)) echo "POST array is set";

will always return true


>> @session_start();

If CREDENTIALS.PHP is -only- being included in HOME.PHP (as opposed to being accessed directly) then you do not need to declare session start again as it will only result in a notice and will be ignored by the interpreter. I presume the reason you are supressing errors for this line may mean that it is also accessed directly.


There is not a lot else wrong with your code so if you could try the above and see how that works out. Also if you have the Firefox or Mozilla browser available could you try the script there, i suspect it may just be an IE bug again.


>> and BTW, dont worry about $HTTP_SESSION instead of $_SESSION, or the like for post...

Thats definitely a personal preference matter at this point in time so no problem. It is however likely that at some point they will chose to deprecate the old methods so as long as you are aware of the "current method" its ok.
0
 

Author Comment

by:zixp
ID: 12217053
still no dice. Furthermore,  I have the same list of no-cache headers in login.html, but it keeps resubmitting bad post info if your login is incorrect.  Is there some header that says something like header("I_am_so_serriously, dont_cache_this")?
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12218193
:) In a perfect world

>>  it keeps resubmitting bad post info if your login is incorrect

This sounds dubious, its either the post data being resent or prehaps data being recalled from a cookie, not sure without seeing code.

And speaking of which i think we could end up going around in circles with this one, it would be easier if i could see the error for myself and figure out the problem that way, so, could you possibly post the code from each of the scripts involved here (minus anything which has nothing to do with the problem - queries etc). If i can reconstruct the problem i may be able to get to the bottom of it.
0
 

Author Comment

by:zixp
ID: 12219251
You have more than earned any points for this question, even though I havent fixed it yet.  So I will accept your answer, and if you are so inclined you can contact me at 34263406@ithrowmylifeaway.com (a disposable email) and I will send you the code.  I take no offense if you dont though.

Thank you for your effort to help me.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12219401
no problem zixp

if you could zip the files and send them to the address i my profile i will be happy to have a look through them for you when i have the chance.

0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
editing example file and creating an accessible same directory error log txt file 2 55
Link failure 16 31
Ahax pagination 9 32
AJAX Wordpress Not Reading Variable 2 26
Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question