#28174 [NEW]: $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] not set

Mon, 26 Apr 2004 17:24:41 -0700 

From:             edman007x at mac dot com
Operating system: Slackware-current
PHP version:      5.0.0RC2
PHP Bug Type:     Variables related
Bug description:  $_SERVER['PHP_AUTH_USER']  and $_SERVER['PHP_AUTH_PW'] not set

Description:
------------
after a browser sends the username and pass using a simple HTTP
authentication script php fails to set $_SERVER['PHP_AUTH_USER']  and
$_SERVER['PHP_AUTH_PW'] with the password and username

i'm using CGI version of php and apache 1.3.29

this is my configure command

./configure --prefix=/usr/local/php5 --with-zlib --with-bz2 --with-curl
--with-curlwrappers --with-gd=/usr/local/gd --with-mysql --enable-ftp
--with-mysql-sock --with-ttf --with-freetype-dir --enable-calendar
--with-jpeg-dir --with-png-dir --enable-force-cgi-redirect

and i'm using the php.ini-recommended config file with no modifications

the exact code i'm using works in php4.3.6

Reproduce code:
---------------
$username = 'user';
$password = 'pass';
if (!isset($_SERVER['PHP_AUTH_USER'])){
        header('WWW-Authenticate: Basic realm="realm"');
        header('HTTP/1.0 401 Unauthorized');
        echo '401 ERROR';
} elseif ($_SERVER['PHP_AUTH_USER'] != $username ||
$_SERVER['PHP_AUTH_PW'] != $password){
        header('WWW-Authenticate: Basic realm="realm"');
        header('HTTP/1.0 401 Unauthorized');
        echo '401 ERROR';
        exit();
}
echo 'YOU logged in!!!';

Expected result:
----------------
should tell the browser to authenticate and send the username and pass to
php, if its the wrong username and pass tell it to re-authenticate or echo
"YOU logged in!!" if the username and pass are correct

Actual result:
--------------
it always tells the browser to re-authenticate because
$_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] are never set

-- 
Edit bug report at http://bugs.php.net/?id=28174&edit=1
-- 
Try a CVS snapshot (php4):  http://bugs.php.net/fix.php?id=28174&r=trysnapshot4
Try a CVS snapshot (php5):  http://bugs.php.net/fix.php?id=28174&r=trysnapshot5
Fixed in CVS:               http://bugs.php.net/fix.php?id=28174&r=fixedcvs
Fixed in release:           http://bugs.php.net/fix.php?id=28174&r=alreadyfixed
Need backtrace:             http://bugs.php.net/fix.php?id=28174&r=needtrace
Need Reproduce Script:      http://bugs.php.net/fix.php?id=28174&r=needscript
Try newer version:          http://bugs.php.net/fix.php?id=28174&r=oldversion
Not developer issue:        http://bugs.php.net/fix.php?id=28174&r=support
Expected behavior:          http://bugs.php.net/fix.php?id=28174&r=notwrong
Not enough info:            http://bugs.php.net/fix.php?id=28174&r=notenoughinfo
Submitted twice:            http://bugs.php.net/fix.php?id=28174&r=submittedtwice
register_globals:           http://bugs.php.net/fix.php?id=28174&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28174&r=php3
Daylight Savings:           http://bugs.php.net/fix.php?id=28174&r=dst
IIS Stability:              http://bugs.php.net/fix.php?id=28174&r=isapi
Install GNU Sed:            http://bugs.php.net/fix.php?id=28174&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=28174&r=float

Reply via email to