SillyDog701

[osciva]

I've posted this question on a number of php forums with no luck, so maybe you can help me here if its a pure firefox issue?

I have the below code. I write an encrypted message to a database. With a password sent in the url I can fetch the text from the database and print it on the screen. As soon as it is printed I want it removed from the database so it can not be fetched and read again.

The below code works perfectly according to the above description in both internet explorer and google chrome, but in firefox the text dont get printed, or gets printed on the screen but very soon afterwards disappears, and only removed from the database.

Since it works in ie and chome I guess it might have something to do with how firefox renders pages or executes php code? Maybe it doesn't print any values before all code is run through and then its too late because then the text is already removed from the database? I tried inserting ob_flush(), flush() and sleep(5) right after I echo the text. This prints the text even in firefox and leaves it there for the time defined in sleep(), however it is removed again as soon as the 5 seconds are over.

Code: Select all

<?php
    $open = mysql_connect('localhost', 'user', 'pass');
    mysql_select_db('db');

    if ($_GET['m'] == "write"){

        /**
        * Write message to database
        */
        $password = md5(uniqid(rand(), true));
        mysql_query("INSERT INTO message (message, pass) VALUES (AES_ENCRYPT('" . $_POST["message"] . "','" . $password . "'),'" . md5($password) . "')");
        echo "link to message: ?p=" . $password . "";

    } elseif (strlen($_GET['p']) >= 1){

        /**
        * Read message from database
        */
        $data = mysql_query("SELECT AES_DECRYPT(message, '" . $_GET['p'] . "') AS decryptedMessage FROM message WHERE pass = '" . md5($_GET['p']) . "'");
        $data = mysql_fetch_array($data);
        echo $data["decryptedMessage"];  // Prints the message on the screen

    } else {
        echo "
            <FORM METHOD=\"post\" ACTION=\"?m=write\">
                <TEXTAREA NAME=\"message\"></TEXTAREA>
                <INPUT TYPE=\"submit\">
            </FORM>
        ";
    }

    /**
    * Delete the post from the database
    */
    /**
    * The below line seems to make the text printed on the screen
    * on line 21 above disappear from the screen when using firefox
    * but it stays printed on the screen when using ie and chome
    */
    mysql_query("DELETE FROM message WHERE pass = '" . md5($_GET['p']) . "'");

    mysql_close($open);
?>

Anybody with some ideas for a solution?

Any help is very appreciated!

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 6.0; sv-SE; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1

[Don_HH2K]

Firefox doesn't render PHP code; that's something done by the server. What Firefox will do is render the HTML source that's being generated by the PHP interpreter on the server.

That said, is your script generating the desired forms in HTML when Firefox loads the page? Right-click anywhere on the generated page and select View Page Source; see if you can find the HTML source similar to this (which I derived from your script):

Code: Select all

<FORM METHOD="post" ACTION="?m=write">
<TEXTAREA NAME="message"></TEXTAREA>
<INPUT TYPE="submit">
</FORM>

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.2 x64; en-US; rv:1.9.0.1) Gecko/2008071912 Minefield/3.0.1 (mmoy CE K8Q-X06)

[osciva]

Ah, I see, maybe I should dig into the servers PHP interpreter as well then... thanks.

Regarding the HTML forms, the source looks exactly like you wrote.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 6.0; sv-SE; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1