#28174 [Opn->Bgs]: $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] not set

Mon, 26 Apr 2004 17:32:28 -0700 

 ID:               28174
 Updated by:       [EMAIL PROTECTED]
 Reported By:      edman007x at mac dot com
-Status:           Open
+Status:           Bogus
 Bug Type:         Variables related
 Operating System: Slackware-current
 PHP Version:      5.0.0RC2
 New Comment:

$_SERVER['PHP_AUTH_USER']and $_SERVER['PHP_AUTH_PW'] do 
not work with the CGI version of PHP.

You'r probably using the Apache module version of 4.3.6.


Previous Comments:
------------------------------------------------------------------------

[2004-04-27 02:24:36] edman007x at mac dot com

Description:
------------
after a browser sends the username and pass using a simple HTTP
authentication script php fails to set $_SERVER['PHP_AUTH_USER']  and
$_SERVER['PHP_AUTH_PW'] with the password and username

i'm using CGI version of php and apache 1.3.29

this is my configure command

./configure --prefix=/usr/local/php5 --with-zlib --with-bz2 --with-curl
--with-curlwrappers --with-gd=/usr/local/gd --with-mysql --enable-ftp
--with-mysql-sock --with-ttf --with-freetype-dir --enable-calendar
--with-jpeg-dir --with-png-dir --enable-force-cgi-redirect

and i'm using the php.ini-recommended config file with no
modifications

the exact code i'm using works in php4.3.6

Reproduce code:
---------------
$username = 'user';
$password = 'pass';
if (!isset($_SERVER['PHP_AUTH_USER'])){
        header('WWW-Authenticate: Basic realm="realm"');
        header('HTTP/1.0 401 Unauthorized');
        echo '401 ERROR';
} elseif ($_SERVER['PHP_AUTH_USER'] != $username ||
$_SERVER['PHP_AUTH_PW'] != $password){
        header('WWW-Authenticate: Basic realm="realm"');
        header('HTTP/1.0 401 Unauthorized');
        echo '401 ERROR';
        exit();
}
echo 'YOU logged in!!!';

Expected result:
----------------
should tell the browser to authenticate and send the username and pass
to php, if its the wrong username and pass tell it to re-authenticate
or echo "YOU logged in!!" if the username and pass are correct

Actual result:
--------------
it always tells the browser to re-authenticate because
$_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] are never set


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=28174&edit=1

Reply via email to