Thanks, Stuart.

I'll admit I don't "fully" I understand register_globals.  Beyond that, I am
sure I am not clear on the value of NOT using register_globals.  I am wading
through the docs constantly.  Haven't quite finished.

Regardless, thanks for the assist.


----- Original Message -----
From: "Stuart Dallas" <[EMAIL PROTECTED]>
Sent: Saturday, May 11, 2002 10:03 PM
Subject: Re: [PHP] Authentication with register_globals OFF

On Sat, 11 May 2002 21:21:27 -0400, you wrote:
>Trying to get accustomed to PHP 4.2.0 and PHP's preference for
>register_globals off, I have register_globals off.
>However, when I try to use $PHP_AUTH_USER and $PHP_AUTH_PW, my script fails
>(attempting to validate username and password credectials against
>error message and my login failure message does not show up, even after
>three unsuccessful challenge responses.
>When I set register_globals on, I am successful in gaining authorization
>(ie, the header('WWW-Auth....' is correct, the script works, the MySQL
>connection works and the query works).
>How, then do I define th $PHP_AUTH_USER and $PHP_AUTH_PW variables up front
>with register_globals off?

They are in the $_SERVER superglobal. Change your references to them


You might want to read up on what register_globals actually does since
it's clear that you don't fully understand it yet:


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to