1 / 21

Output Buffers Control and HTTP Headers

Output Buffers Control and HTTP Headers. Nikolay Kostov. Telerik Corporation. www.telerik.com. Contents. HTTP headers Output buffer control Browser cache Redirecting the browser. HTTP Headers. Each HTTP request and response contains of headers and body

jake
Download Presentation

Output Buffers Control and HTTP Headers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Output Buffers Controland HTTP Headers Nikolay Kostov Telerik Corporation www.telerik.com

  2. Contents • HTTP headers • Output buffer control • Browser cache • Redirecting the browser

  3. HTTP Headers • Each HTTP request and response contains of headers and body • Headers describe the transferred data • Type • Length • Encoding • Etc. • PHP can modify the response headers • header function

  4. HTTP Headers (2) • header($header, $replace, $response_code) • Adds or modifies HTTP header of the response • $headeris string in the following form • Name: Value • $replacesets whether to replace existing similar header with the same name or add it • $response_code sets the HTTP response code (e.g. 302, 404, etc.)

  5. HTTP Headers – Example • Redirect the Web browser • Set multiple headers with one name • Example: force browser to require HTTP authentication • Example: page inaccessible header ("Location: http://otherplace.net"); header ("WWW-Authenticate: Negotiate"); header ('WWW-Authenticate: Basicrealm="SecureArea"', false); header ("HTTP/1.0 404 Not Found"); // or maybe header ("HTTP/1.1 403 Forbidden");

  6. HTTP Headers – Example • Example: Page receives get parameter "down" that is some MP3 file ID in directory (MP3DIR constant) • This script will either send 404 error on request or will return the MP3 file for download $file = MP3DIR.$_GET['down'].".mp3"; if (!file_exists($file)) header ("HTTP/1.0 404 Not Found", true,404); else { header ('Content-Type: audio/x-mp3'); header ('Content-Length: '. filesize($file)); header('Content-Disposition: attachment; '. 'filename='.$_GET['down'].'.mp3'); echo file_get_contents($file); }

  7. Control Browser Cache • Browser cache resources, downloaded over network • On next request they use the headers to detect if they should re-download or reuse the cached resource • Resources carry set of headers to control the browser caching • Expires header, Last-Modified, If-Modified-Since header • ETag, If-None-Match • Cache-Control

  8. Control Browser Cache GET /index.html HTTP/1.0 User-Agent: Mozilla/5.0 From: something.somewhere.net Accept: text/html,text/plain,application/* Host: www.example.com If-Modified-Since: Wed, 19 Oct 2005 10:50:00 GMT HTTP/1.1 304 NotModified Date: Fri, 31 Dec 1999 23:59:59 GMT HTTP Request Example: HTTP Response Example:

  9. Modification Date • Server sends Last-Modified and Expires dates in response for the resource • Tells the browser how long the resource should be kept as current version • Both in GMT format • Browser sends If-Modified-Since header on each request with the date of the resource it has cached • If version is latest, server replies with "303 Not Modified" HTTP code

  10. ETag approach • ETag is unique identifier for the resource and its version • Sent by the server, stored by the browser • Browser sends on next request the ETag of the cached version • Sends the ETag in If-None-Match header • Newer approach • Most web servers send both Last-Modified and ETag headers

  11. Controlling browser cache engine • Server can send Cache-Control header that instruct the browser cache engine • Value consists of comma separated name=value pairs or only names • max-age=seconds – sets maximum time that version should be considered fresh • s-maxage=seconds – same as max-age but applies to proxies • public – marks headers of response as cacheable

  12. Controlling browser cache engine • no-cache – instructs revalidation to be required on next request • Usually performed as HEAD request • no-store – instructs not to store version of the resource under any circumstances • must-revalidate – tells cache engines they must obey and freshness information you give them • Some caches load older version under some circumstances • proxy-revalidate – similar to must-revalidate but applies to proxies

  13. Disable Browser Cache - Example header('Cache-Control: no-cache');header('Pragma: no-cache'); header("Expires: 0");

  14. Output model • The Web server (Apache) buffers the script output • Sends it automatically if there is enough data to send (buffer is full) • Buffer can be controlled • Multiple buffers can be defined and flushed, canceled or stored • Allows reordering of the output data • Example – first run script that generates page body, then print head • Example – first print output, then send headers

  15. Output buffer • Functions for buffer control are prefixed with ob_ in PHP • ob_start ($callback, $chunk, $erase) – starts new buffer • After this function is called no output is sent to the browser, except headers • Output buffers are stackable • Can call second ob_start while another is active

  16. ob_start • All parameters are optional • $callback is function name to call when buffer is flushed • This function can modify the data to be sent • Receives one parameter – the data in the buffer • Must return string – the data to be sent • If $chunk is specified, buffer will flush if stored data reaches this size • Value of 0 means no automatic flush • Value of 1 sets $chunk to 4096 • $erase sets whether the buffer should not be deleted until script ends

  17. Flushing the buffer • ob_flush – sends the buffer content and erases all stored data • Keeps the buffer active • ob_end_flush – similar to ob_flush but destroys the buffer • ob_implicit_flush ($mode) – sets implicit flush on or off • $mode is optional boolean, defaults to true • With implicit flush, all writing to the buffer is automatically sent

  18. Reading the buffer data • ob_get_contents – returns the content of the current buffer as string • Doesn't clear or stop the buffer • ob_get_clean – returns the buffer content and deletes it • ob_get_flush – returns the buffer content, flushes it and deletes it

  19. Destroying buffer • ob_clean – erases the data in the output buffer but does not delete the buffer • ob_end_clean – cleans the output buffer data and deletes the buffer • ob_end_flush – flushes the output buffer and deletes it

  20. Output Buffers Control ? Questions? ? ? ? ? ? ? ? ? ? http://academy.telerik.com

  21. Create pages login.php and main.php and implement the following logic: The login.php displays login form (username/password) If successfully authenticated, the user is redirected to the main.php Otherwise an error message is shown and the login form is displayed again If main.php is requested and the user is not logged in, it redirects to login.php Implement also “Logout” functionality Exercises

More Related