ID: 14550
Comment by: [EMAIL PROTECTED]
Old Reported By: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Closed
Bug Type: Apache related
Operating System: Debian Linux 2.4.12
PHP Version: 4.1.0
New Comment:
The problem is not solved in 4.1.1, if the debian package
4.1.1-1 contains the recent bug fixes.
If this is the same effect, the error shows up only if safe_mode is
On.
environment: debian "woody" on
Linux finnegan 2.4.17 #11 SMP Fri Dec 28 14:41:15 CET 2001 i686
unknown
packages:
apache 1.3.22-5,
php4 4.1.1-1
test browsers: netscape navigator 4.77, opera 6.0 TP2
Tested with the following script:
<?PHP
if ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER == "" ) {
$aLog = fopen( "/tmp/test.log", "a" );
fputs( $aLog, "noauth\n" );
fclose( $aLog );
Header( "WWW-Authenticate: Basic realm=\"test\"" );
Header( "HTTP/1.0 401 Unauthorized" );
echo "Zugriff nicht gestattet.";
exit;
}
else {
$aLog = fopen( "/tmp/test.log", "a" );
fputs( $aLog, "login: $PHP_AUTH_USER:$PHP_AUTH_PW => $bAuth\n" );
fclose( $aLog );
echo "Autorisation: $PHP_AUTH_USER:$PHP_AUTH_PW";
}
?>
<html>
<head><title>test</title></head>
<body><h1>test</h1></body>
</html>
BTW: the bugs.php.net page seems to suffer from a similar problem. opera
seemed to get into a loop for
a considerable amount of tries until this page did show up. or am i
already seeing ghosts now? ;-)
Previous Comments:
------------------------------------------------------------------------
[2001-12-16 16:19:42] [EMAIL PROTECTED]
This should be fix in CVS now. Can you try the latest snapshot from
snaps.php.net?
Derick
------------------------------------------------------------------------
[2001-12-16 15:36:21] [EMAIL PROTECTED]
fixing type. (website problem is for problems with php.net websites.)
------------------------------------------------------------------------
[2001-12-16 15:25:20] [EMAIL PROTECTED]
HTTP: Basic Authentication fails
--------------------------------
PHP: 4.1.0
Server API: Apache (1.3.22)
OS: Linux 2.4.12 (Debian)
The following PHP script should trigger a basic authentication dialog in
the client browser (see
http://www.zend.com/manual/features.http-auth.php):
<?php
if(!isset($PHP_AUTH_USER))
{
header("WWW-Authenticate: Basic realm=\"MyRealm\"");
header("HTTP/1.0 401 Unauthorized");
echo "Text to send if user hits Cancel button\n";
exit;
}
else
{
echo "<p>Hello $PHP_AUTH_USER.</p>";
echo "<p>You entered $PHP_AUTH_PW as your password.</p>";
}
?>
Under PHP 4.0.6. the script worked fine and the user was prompted for
username and password.
After the upgrade to PHP 4.1.0. the script does not produce the expected
results, but leads to browser errors on the client side in most cases.
In rare cases the authentication dialog appears and the script works as
expected. Most of the times the browser reports an error message or
shows an empty document:
Netscape 4.77/Linux: "the document contained no data"
Lynx/Linux: "Unexpected network read error; connection aborted."
Netscape 4.7/Win2k: "the document contained no data"
Netscape 3.0/Win2k: "the document contained no data"
IE 6.0/Win2k: "server or dns not found"
Opera 5.01/Win2k: "The server requested a login authentication method
that is not supported"
Opera 6.0 (Beta TP1) / Linux: shows an empty document
If examined via telnet, the server closes the connection after the URL
with the above script has been requested, e.g.
telnet (domain name) 80
GET /auth.php HTTP/1.1
Host: (domain name)
-> connection closed by server
16.12.2001
------------------------------------------------------------------------
Edit this bug report at http://bugs.php.net/?id=14550&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
