[PHP-DEV] Re: [PHP-CVS] cvs: php4 /sapi/apache mod_php4.c

Thu, 13 Jun 2002 15:03:05 -0700 

It is actually my code and the uncommenting had to do with a bug in
Apache.  The deep meaning being that leaving this code in there will make
all authentication break for some versions of Apache.

-Rasmus

On Fri, 14 Jun 2002, Jani Taskinen wrote:

>
>      Yes, I did ask Stig who's code it is and he said
>      it was propably left commented by accident.
>
>      And I asked about this on php-dev a while ago..without
>      anybody bothering to reply.
>
>      So, what is the deep meaning for that to be different
>      from what our manual says?
>
>      --Jani
>
>
>
> On Thu, 13 Jun 2002, Rasmus Lerdorf wrote:
>
> >Uh Jani, how much research did you do on this one?  Don't you think there
> >is a reason that this code is commented out?
> >
> >On Thu, 13 Jun 2002, Jani Taskinen wrote:
> >
> >> sniper             Thu Jun 13 18:13:58 2002 EDT
> >>
> >>   Modified files:
> >>     /php4/sapi/apache      mod_php4.c
> >>   Log:
> >>   @- Fixed bug with Apache which let PHP_AUTH_* variables to be set when
> >>   @  external basic auth mechanism was used. (Jani)
> >>
> >>   Fixes bugs: #16653, #14534, #14370
> >>
> >>
> >>
> >> Index: php4/sapi/apache/mod_php4.c
> >> diff -u php4/sapi/apache/mod_php4.c:1.132 php4/sapi/apache/mod_php4.c:1.133
> >> --- php4/sapi/apache/mod_php4.c:1.132      Fri May 31 00:47:15 2002
> >> +++ php4/sapi/apache/mod_php4.c    Thu Jun 13 18:13:57 2002
> >> @@ -17,7 +17,7 @@
> >>     | PHP 4.0 patches by Zeev Suraski <[EMAIL PROTECTED]>                      |
> >>     +----------------------------------------------------------------------+
> >>   */
> >> -/* $Id: mod_php4.c,v 1.132 2002/05/31 04:47:15 rvenkat Exp $ */
> >> +/* $Id: mod_php4.c,v 1.133 2002/06/13 22:13:57 sniper Exp $ */
> >>
> >>  #include "php_apache_http.h"
> >>
> >> @@ -403,7 +403,7 @@
> >>            authorization = table_get(r->headers_in, "Authorization");
> >>    }
> >>    if (authorization
> >> -/*                && !auth_type(r) */
> >> +          && !auth_type(r)
> >>            && !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
> >>            tmp = uudecode(r->pool, authorization);
> >>            SG(request_info).auth_user = getword_nulls_nc(r->pool, &tmp, ':');
> >>
> >>
> >>
> >> --
> >> PHP CVS Mailing List (http://www.php.net/)
> >> To unsubscribe, visit: http://www.php.net/unsub.php
> >>
> >
>
> --
>


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to