About the Author

Chris Shiflett

Hi, I'm Chris, a web developer and a founding member of Analog. I live and work in Brooklyn, NY.

PHP Magazine December Issue

PHP Magazine just published their December issue. The cover article is an introduction to design patterns by Robert Peake. My column, Guru Speak, discusses the interesting things you can do with output buffering.

My favorite output buffering trick isn't really a trick at all - it's a relatively new (PHP 4.3+) function called output_add_rewrite_var(). This function makes the otherwise tedious chore of rewriting URLs very easy. For example, if you decide you want to propagate an auth token to strengthen your session mechanism, it's very easy:

<?php 
 
output_add_rewrite_var('auth''412e11'); 
 
?>

Here's a larger example that demonstrates what this does:

<?php 
 
output_add_rewrite_var('auth''412e11'); 
 
?> 
<a href="link.php">Click Here</a> 
<form action="form.php" method="POST"> 
<input type="submit" /> 
</form>

PHP propagates the auth token in both the link and the form:

<a href="link.php?auth=412e11">Click Here</a> 
<form action="form.php" method="POST"> 
<input type="hidden" name="auth" value="412e11" /> 
<input type="submit" /> 
</form>

About This Post

PHP Magazine December Issue was posted on Fri, 02 Dec 2005 at 16:46:00 GMT.

4 Comments

1. Matthew Weier O'Phinney's GravatarMatthew Weier O'Phinney said:

I wish I'd seen that one earlier... I had to do something like that for a client last year, as they had some specific session handling stuff they were handing off to us that we needed to retain. I figured out a solution, but it wasn't optimal.

Nice pointer.

Fri, 02 Dec 2005 at 19:11:17 GMT Link

2. Kick The Donkey's GravatarKick The Donkey said:

Do you have be using output buffering to use that function? The documentation is unclear...

Sun, 04 Dec 2005 at 01:53:33 GMT Link

3. funkatron's Gravatarfunkatron said:

Donkey, it looks like there's an implicit ob_start when you call this function. Also note that this function only modifies URLs that don't contains a protocol://domain, so if you use "full" URLs within your app, this won't work.

Sun, 04 Dec 2005 at 05:13:55 GMT Link

4. Karen's GravatarKaren said:

To avoid the "resend" message on forms when using the browser's back button, I use a separate page to do the processing and then redirect using Location headers. When I use the output_add_rewrite_var, it doesn't effect the URL passed to the header. I just have my redir function add it on. Is there a better way?

Sat, 18 Apr 2009 at 04:30:08 GMT Link

Post A Comment

Personal Details and Comment

Style Guide

Line breaks are converted to paragraphs. Also use:

  • <a href="" title="">text</a>1
  • <em>text</em>
  • <blockquote><p>text</p></blockquote>
  • <code>2  <?php  if ($foo) {      $foo = TRUE;  }  ?></code>
  1. Note: <code> can be used inline (e.g. in paragraphs) or in a block as shown. Include whitespace and newlines in blocks.

Please enter Chris (my first name) below. This is a primitive spam prevention technique, and I apologize for the inconvenience.

Preview and Submit

Upcoming Events

Brooklyn Beta

21 - 22 Oct 2010

At The Invisible Dog, Brooklyn, New York.

New Comments

Mario Arroyo wrote:

The article is really very good and the users comments and external links to another articles jus...

Posted in Session Fixation
Raphael Almeida wrote:

I realy like hiphop music, but this is very crazy! We'll use it in user group PHP conference at ...

Posted in PHP Anthem
Mal wrote:

Having used smarty for many years, this has never been a problem for me, but after building a web...

Posted in PHP Stripping Newlines
Satya wrote:

Thanks for the info. I have posted the news here on my page: http://www.facebook.com/pages/Web-Sc...

Posted in PHP Anthem
John wrote:

Oh, you need to press "save your password".

Posted in Mozilla Account Manager

Browse Comments

Work and Books

Analog Essential PHP Security HTTP Developer's Handbook