Can I ask a REALLY stupid question about PHP?

Hi - I'm trying to find a way of password protecting a web page
without the IE script blocker getting in the way. I found a site
(www.zubrag.com) that described how to use a piece of PHP code at the
top of the page to be protected. I gleaned from this that the page
had to be a .php file, and I checked that my host (Heart Internet)
supported PHP. Zubrag showed me how to save a piece of PHP script on
my host, but I haven't done that yet. I created an HTML page, renamed
is as .php then ftp'ed it up to the host. I put a link to it from
another page, loaded that and then tested the link, just to make sure
the PHP page opened. No password code yet - just testing. When I
clicked the link, I got a standard Run/Save box identifying the file
as a PhotoParade Album file - did I want to run it or save it etc?
Not quite what I was expecting...
I'm willing to suffer dog's abuse for even trying this with my level
of knowledge, but if anyone can give me a few hints I'd be very
grateful! Cheers - Mad Malc

On Feb 22, 5:16 pm, Mad Malc <m...@omlgroup.demon.co.uk> wrote:
> Hi - I'm trying to find a way of password protecting a web page
> without the IE script blocker getting in the way. I found a site
> (www.zubrag.com) that described how to use a piece of PHP code at the
> top of the page to be protected. I gleaned from this that the page
> had to be a .php file, and I checked that my host (Heart Internet)
> supported PHP. Zubrag showed me how to save a piece of PHP script on
> my host, but I haven't done that yet. I created an HTML page, renamed
> is as .php then ftp'ed it up to the host. I put a link to it from
> another page, loaded that and then tested the link, just to make sure
> the PHP page opened. No password code yet - just testing. When I
> clicked the link, I got a standard Run/Save box identifying the file
> as a PhotoParade Album file - did I want to run it or save it etc?
> Not quite what I was expecting...
> I'm willing to suffer dog's abuse for even trying this with my level
> of knowledge, but if anyone can give me a few hints I'd be very
> grateful! Cheers - Mad Malc

The problem your getting means that the server has a different MIME
type for ".php" extensions. To get around this, you can send a header
to the browser. Headers must be sent to the browser before anything
else is printed to the screen, even "<html>". To send the header you
need just add the line: header("Content-type: application/php"); to
the beginning of the script.

P.s. You can use ob_start(); and ob_end_flush(); (or any other
coordinating output buffering methods) to get around having to put
headers at the beginning.

P.P.s. That isn't a stupid question. I'm positive many people have
been in the same ordeal.

On Fri, 22 Feb 2008 23:34:07 +0100, icu5545 <chris4ester@gmail.com> wrote:

> On Feb 22, 5:16 pm, Mad Malc <m...@omlgroup.demon.co.uk> wrote:
>> Hi - I'm trying to find a way of password protecting a web page
>> without the IE script blocker getting in the way. I found a site
>> (www.zubrag.com) that described how to use a piece of PHP code at the
>> top of the page to be protected. I gleaned from this that the page
>> had to be a .php file, and I checked that my host (Heart Internet)
>> supported PHP. Zubrag showed me how to save a piece of PHP script on
>> my host, but I haven't done that yet. I created an HTML page, renamed
>> is as .php then ftp'ed it up to the host. I put a link to it from
>> another page, loaded that and then tested the link, just to make sure
>> the PHP page opened. No password code yet - just testing. When I
>> clicked the link, I got a standard Run/Save box identifying the file
>> as a PhotoParade Album file - did I want to run it or save it etc?
>> Not quite what I was expecting...
>> I'm willing to suffer dog's abuse for even trying this with my level
>> of knowledge, but if anyone can give me a few hints I'd be very
>> grateful! Cheers - Mad Malc
>
> The problem your getting means that the server has a different MIME
> type for ".php" extensions.

If the server is properly set up, PHP's default mime-type would totally
override the server's... See
<http://nl2.php.net/manual/en/ini.core.php#ini.default-mimetype>, I've
seldomly seen it set to anything else then HTML, and certainly not on a
regular shared host.

> To get around this, you can send a header
> to the browser. Headers must be sent to the browser before anything
> else is printed to the screen, even "<html>". To send the header you
> need just add the line: header("Content-type: application/php"); to
> the beginning of the script.

Which is totally NOT what you want. The Conten-Type of an HTML page is
text/html, or application/xhtml+xml for XHTML. Doing as you advise would
CAUSE this unwanted behaviour to happen, it doesn't solve it.

What's most likely going on is that the PHP script isn't executed at all,
causing it to be server to the end user with some mimetype NOT being html,
which would cause a download of the raw script, not it's output. Simply
checkable by saving the forced download, and opening it in a text editor.
If php files aren't run, check with the host wether or not you have it
enabled, or start out by testing g a very small proven script, like:
<?php
phpinfo();
?>
--
Rik Wasmus

On Feb 22, 5:56 pm, "Rik Wasmus" <luiheidsgoe...@hotmail.com> wrote:
> On Fri, 22 Feb 2008 23:34:07 +0100, icu5545 <chris4es...@gmail.com> wrote:
> > On Feb 22, 5:16 pm, Mad Malc <m...@omlgroup.demon.co.uk> wrote:
> >> Hi - I'm trying to find a way of password protecting a web page
> >> without the IE script blocker getting in the way. I found a site
> >> (www.zubrag.com) that described how to use a piece of PHP code at the
> >> top of the page to be protected. I gleaned from this that the page
> >> had to be a .php file, and I checked that my host (Heart Internet)
> >> supported PHP. Zubrag showed me how to save a piece of PHP script on
> >> my host, but I haven't done that yet. I created an HTML page, renamed
> >> is as .php then ftp'ed it up to the host. I put a link to it from
> >> another page, loaded that and then tested the link, just to make sure
> >> the PHP page opened. No password code yet - just testing. When I
> >> clicked the link, I got a standard Run/Save box identifying the file
> >> as a PhotoParade Album file - did I want to run it or save it etc?
> >> Not quite what I was expecting...
> >> I'm willing to suffer dog's abuse for even trying this with my level
> >> of knowledge, but if anyone can give me a few hints I'd be very
> >> grateful! Cheers - Mad Malc
>
> > The problem your getting means that the server has a different MIME
> > type for ".php" extensions.
>
> If the server is properly set up, PHP's default mime-type would totally
> override the server's... See
> <http://nl2.php.net/manual/en/ini.core.php#ini.default-mimetype>, I've
> seldomly seen it set to anything else then HTML, and certainly not on a
> regular shared host.
>
> > To get around this, you can send a header
> > to the browser. Headers must be sent to the browser before anything
> > else is printed to the screen, even "<html>". To send the header you
> > need just add the line: header("Content-type: application/php"); to
> > the beginning of the script.
>
> Which is totally NOT what you want. The Conten-Type of an HTML page is
> text/html, or application/xhtml+xml for XHTML. Doing as you advise would
> CAUSE this unwanted behaviour to happen, it doesn't solve it.
>
> What's most likely going on is that the PHP script isn't executed at all,
> causing it to be server to the end user with some mimetype NOT being html,
> which would cause a download of the raw script, not it's output. Simply
> checkable by saving the forced download, and opening it in a text editor.
> If php files aren't run, check with the host wether or not you have it
> enabled, or start out by testing g a very small proven script, like:
> <?php
> phpinfo();
> ?>
> --
> Rik Wasmus

Very true. 'Guess I didn't think that through. :X
Sorry for the bad reply.

Thanks guys

I guess I've got a bit to learn! I'll check with the host before I go
any further

Cheers