[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Open +Status: Feedback Bug Type: HTTP related Operating System: win32 (nt4 and 2000) PHP Version: 4.0.5 New Comment: [EMAIL PROTECTED] - Do you have a web site where this sample script you pasted here is running? It would help me analyze this if I could view the headers myself. I have a very strong suspicion about what is going on. The Location header is not simply another header, but rather it also alters the server response code to be a 300 level response rather than a 200 OK. I believe that the Location header might either be: 1) the only header in the response that is sent, so all of your authentication headers are not sent, or 2) the only header that the HTTP client (browser) bothers to interpret since the response code is a 301 Moved Permanently. Your feedback would be greatly appreciated. Thanks for helping! Previous Comments: [2001-06-22 01:13:09] [EMAIL PROTECTED] yes i've tried this second undocumented argument and like i've explained it this solve the first part of my problem. but i think that i not explain my problem correctly. I call some getallheader successivly after have sended my arguments but : it doesn't return that i see on the network and if after have written the content of getallheader if i do a redirection my code doesn't work (maybe the optimizer change the order of the execution ). Thanks [2001-06-21 17:58:53] [EMAIL PROTECTED] Did you try with the 2nd (undocumented before) argument for header() like Rasmus suggested?? And it still doesn't work? [2001-06-21 09:59:22] [EMAIL PROTECTED] thanks a lot ramus for your help.. the first part of the problem was my fault not the php fault.. but... the second part is always not functionnal... i can obtain the correct headers and response for the ntlm scheme but.. if i do a header(location : ); at the END of the program... the value are not written correctly !! maybe an optimizer miss optimization. It strange that on a test without redirection all seems correct but adding instruction after the write and the file was closed and flushed this is not functionnal... thank a lot and sorry to spam you with my little problem. but it's a mission critical projet for France Telecom Mobile service (ORANGE) and i prefer using php with linux than IIS... i need to prove the possibilities of the open source platform.. Thank. [2001-06-21 09:21:45] [EMAIL PROTECTED] By default PHP's header() function will replace the value of an http header with the value you give it. If you don't want it to replace, but instead add a second header with a different value, use the optional second arg to header() to tell PHP not to do this replace. So your code should be: header(www-authenticate: Negociate); header(www-authenticate: NTLM,0); I don't blame you for not knowing this though. It isn't documented anywhere. I will take care of that now. [2001-06-21 01:38:26] [EMAIL PROTECTED] I currently use the module version of php like indicated in my previous description. I've separed the bug in two part to be more understandable (i'm not familiar with english) the first part is with the function header : if i execute the following code : header(HTTP/1.1 401 acces refuse); header(www-authenticate: Negociate); header(www-authenticate: NTLM); (i know this not correct for rfc but IIS work like that..) and on the network dump i see: HTTP/1.1 401 unauthorized (not my message !!!) www-authenticate: NTLM (squizzed the negociate!!) now the second part of the message : during my challenge to obtain ntlm auth 3 messages are exchanged like that : c = client ; s = server 1 c - s GET 2 s - c http/1.1 401 unauthorized www-authenticate : NTLM 3 c - s authorization: msg1 4 s - c http/1.1 401 unauthorized www-authenticate : NTLM msg2 5 c - s authorization: msg3 so on the number 2 i do calls to header on the 3 i call getallheaders (return msg1) on the 4 i call header on the 5 i cal getallheaders i write it to a file (for tests) i close the file my first suprise was : on the network layer all is correct : 3 msg, 3 corrects contents and the 3 msg differents. on the php layer : msg1 is the same that msg 3 !!! if i do a redirection after have closed the file : it contains no more messages is the optmizer fault ? If i'am not clear i can try to reexplain The remainder of the comments for this
[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578 User Update by: [EMAIL PROTECTED] Old-Status: Feedback Status: Open Bug Type: HTTP related Operating system: win32 (nt4 and 2000) PHP Version: 4.0.5 Description: http header order not respected and messages not transmitted yes i've tried this second undocumented argument and like i've explained it this solve the first part of my problem. but i think that i not explain my problem correctly. I call some getallheader successivly after have sended my arguments but : it doesn't return that i see on the network and if after have written the content of getallheader if i do a redirection my code doesn't work (maybe the optimizer change the order of the execution ). Thanks Previous Comments: --- [2001-06-21 17:58:53] [EMAIL PROTECTED] Did you try with the 2nd (undocumented before) argument for header() like Rasmus suggested?? And it still doesn't work? --- [2001-06-21 09:59:22] [EMAIL PROTECTED] thanks a lot ramus for your help.. the first part of the problem was my fault not the php fault.. but... the second part is always not functionnal... i can obtain the correct headers and response for the ntlm scheme but.. if i do a header(location : ); at the END of the program... the value are not written correctly !! maybe an optimizer miss optimization. It strange that on a test without redirection all seems correct but adding instruction after the write and the file was closed and flushed this is not functionnal... thank a lot and sorry to spam you with my little problem. but it's a mission critical projet for France Telecom Mobile service (ORANGE) and i prefer using php with linux than IIS... i need to prove the possibilities of the open source platform.. Thank. --- [2001-06-21 09:21:45] [EMAIL PROTECTED] By default PHP's header() function will replace the value of an http header with the value you give it. If you don't want it to replace, but instead add a second header with a different value, use the optional second arg to header() to tell PHP not to do this replace. So your code should be: header(www-authenticate: Negociate); header(www-authenticate: NTLM,0); I don't blame you for not knowing this though. It isn't documented anywhere. I will take care of that now. --- [2001-06-21 01:38:26] [EMAIL PROTECTED] I currently use the module version of php like indicated in my previous description. I've separed the bug in two part to be more understandable (i'm not familiar with english) the first part is with the function header : if i execute the following code : header(HTTP/1.1 401 acces refuse); header(www-authenticate: Negociate); header(www-authenticate: NTLM); (i know this not correct for rfc but IIS work like that..) and on the network dump i see: HTTP/1.1 401 unauthorized (not my message !!!) www-authenticate: NTLM (squizzed the negociate!!) now the second part of the message : during my challenge to obtain ntlm auth 3 messages are exchanged like that : c = client ; s = server 1 c - s GET 2 s - c http/1.1 401 unauthorized www-authenticate : NTLM 3 c - s authorization: msg1 4 s - c http/1.1 401 unauthorized www-authenticate : NTLM msg2 5 c - s authorization: msg3 so on the number 2 i do calls to header on the 3 i call getallheaders (return msg1) on the 4 i call header on the 5 i cal getallheaders i write it to a file (for tests) i close the file my first suprise was : on the network layer all is correct : 3 msg, 3 corrects contents and the 3 msg differents. on the php layer : msg1 is the same that msg 3 !!! if i do a redirection after have closed the file : it contains no more messages is the optmizer fault ? If i'am not clear i can try to reexplain --- [2001-06-20 12:14:28] [EMAIL PROTECTED] Are you using the Apache module version of PHP on Windows or the standalone CGI binary version? And what do you mean the headers are in the wrong order? The order of HTTP headers is not significant. --- The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online. Full Bug description available at: http://bugs.php.net/?id=11578 -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578
User Update by: [EMAIL PROTECTED]
Old-Status: Feedback
Status: Open
Bug Type: HTTP related
Operating system: win32 (nt4 and 2000)
PHP Version: 4.0.5
Description: http header order not respected and messages not transmitted
I currently use the module version of php like indicated in my previous description.
I've separed the bug in two part to be more understandable (i'm not familiar with
english)
the first part is with the function header :
if i execute the following code :
header(HTTP/1.1 401 acces refuse);
header(www-authenticate: Negociate);
header(www-authenticate: NTLM);
(i know this not correct for rfc but IIS work like that..)
and on the network dump i see:
HTTP/1.1 401 unauthorized (not my message !!!)
www-authenticate: NTLM (squizzed the negociate!!)
now the second part of the message :
during my challenge to obtain ntlm auth 3 messages are exchanged like that :
c = client ; s = server
1 c - s GET
2 s - c http/1.1 401 unauthorized
www-authenticate : NTLM
3 c - s authorization: msg1
4 s - c http/1.1 401 unauthorized
www-authenticate : NTLM msg2
5 c - s authorization: msg3
so on the number 2 i do calls to header
on the 3 i call getallheaders (return msg1)
on the 4 i call header
on the 5 i cal getallheaders
i write it to a file (for tests)
i close the file
my first suprise was : on the network layer all is correct : 3 msg, 3 corrects
contents and the 3 msg differents.
on the php layer : msg1 is the same that msg 3 !!!
if i do a redirection after have closed the file :
it contains no more messages
is the optmizer fault ?
If i'am not clear i can try to reexplain
Previous Comments:
---
[2001-06-20 12:14:28] [EMAIL PROTECTED]
Are you using the Apache module version of PHP on Windows
or the standalone CGI binary version? And what do you
mean the headers are in the wrong order? The order of
HTTP headers is not significant.
---
[2001-06-20 09:10:55] [EMAIL PROTECTED]
?
//
// description : ntlm authentification module
//
//get the msg wich is contained in the headers of the apache server.
function get_msg_auth() {
//$msg=no auth scheme//;
$headers = getallheaders();
while (list($header, $value) = each($headers)) {
if ($header == Authorization) {
$msg=$value;
}
}
$msg=substr($msg,5,strlen($msg));
return $msg;
}
//return to the browser the first step of the ntlm authentification schema.
function beginntlm() {
header(HTTP/1.1 401 accès refusé);
header(WWW-Authenticate: NTLM);
}
//send the msg2 to the client.
function putmsg2($msg) {
header(HTTP/1.1 401 accès refusé);
header(www-authenticate: NTLM .$msg);
return($msg);
}
//do the authentification
function ntlm_auth () {
$fp = fopen(c:/test.txt,w+);
beginntlm();
fwrite($fp,msg1 = );
fwrite($fp,get_msg_auth());
fwrite($fp,nmsg2 = );
//msg2 not in the script cause it is too big
fwrite($fp,putmsg2(TlRMTVNTUAACDAAMADAFgoGgPhfzJ50JifsAAHIAcgA8RABPAE0ARwBFAE4AAgAMAEQATwBNAEcARQBOAAEAHABTAFIAVgBHAEUAVABJAFQAXwBJAFMAUwBZADEABAAMAGQAbwBtAGcAZQBuAAMAKgBzAHIAdgBnAGUAdABpAHQAXwBpAHMAcwB5ADEALgBkAG8AbQBnAGUAbgAA));
fwrite($fp,nmsg3 = );
fwrite($fp,get_msg_auth());
fclose($fp);
}
ntlm_auth();
// header(location: index.php);
?
the following code is working(IE only..), i get the correct test.txt but if i
uncomment the last line header(location..=) the redirection is done but the auth
header are not correct.. i've used tcpdump to see what is the problem and i've find
that the header are not transmitted in the correct order and are modified i
doesn't know if its the apache fault or the php optimer fault by my compagny really
wait for a php version that permit to send and to get the headers correctly..
Thanks a lot
the php used is the binary for win32 with default modules and default php.ini (apache
is used)
php is used an module of apache.
---
Full Bug description available at: http://bugs.php.net/?id=11578
--
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578
Updated by: rasmus
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: HTTP related
Operating system:
PHP Version: 4.0.5
Assigned To:
Comments:
By default PHP's header() function will replace the value
of an http header with the value you give it. If you don't
want it to replace, but instead add a second header with
a different value, use the optional second arg to header()
to tell PHP not to do this replace. So your code should be:
header(www-authenticate: Negociate);
header(www-authenticate: NTLM,0);
I don't blame you for not knowing this though. It isn't
documented anywhere. I will take care of that now.
Previous Comments:
---
[2001-06-21 01:38:26] [EMAIL PROTECTED]
I currently use the module version of php like indicated in my previous description.
I've separed the bug in two part to be more understandable (i'm not familiar with
english)
the first part is with the function header :
if i execute the following code :
header(HTTP/1.1 401 acces refuse);
header(www-authenticate: Negociate);
header(www-authenticate: NTLM);
(i know this not correct for rfc but IIS work like that..)
and on the network dump i see:
HTTP/1.1 401 unauthorized (not my message !!!)
www-authenticate: NTLM (squizzed the negociate!!)
now the second part of the message :
during my challenge to obtain ntlm auth 3 messages are exchanged like that :
c = client ; s = server
1 c - s GET
2 s - c http/1.1 401 unauthorized
www-authenticate : NTLM
3 c - s authorization: msg1
4 s - c http/1.1 401 unauthorized
www-authenticate : NTLM msg2
5 c - s authorization: msg3
so on the number 2 i do calls to header
on the 3 i call getallheaders (return msg1)
on the 4 i call header
on the 5 i cal getallheaders
i write it to a file (for tests)
i close the file
my first suprise was : on the network layer all is correct : 3 msg, 3 corrects
contents and the 3 msg differents.
on the php layer : msg1 is the same that msg 3 !!!
if i do a redirection after have closed the file :
it contains no more messages
is the optmizer fault ?
If i'am not clear i can try to reexplain
---
[2001-06-20 12:14:28] [EMAIL PROTECTED]
Are you using the Apache module version of PHP on Windows
or the standalone CGI binary version? And what do you
mean the headers are in the wrong order? The order of
HTTP headers is not significant.
---
[2001-06-20 09:10:55] [EMAIL PROTECTED]
?
//
// description : ntlm authentification module
//
//get the msg wich is contained in the headers of the apache server.
function get_msg_auth() {
//$msg=no auth scheme//;
$headers = getallheaders();
while (list($header, $value) = each($headers)) {
if ($header == Authorization) {
$msg=$value;
}
}
$msg=substr($msg,5,strlen($msg));
return $msg;
}
//return to the browser the first step of the ntlm authentification schema.
function beginntlm() {
header(HTTP/1.1 401 accès refusé);
header(WWW-Authenticate: NTLM);
}
//send the msg2 to the client.
function putmsg2($msg) {
header(HTTP/1.1 401 accès refusé);
header(www-authenticate: NTLM .$msg);
return($msg);
}
//do the authentification
function ntlm_auth () {
$fp = fopen(c:/test.txt,w+);
beginntlm();
fwrite($fp,msg1 = );
fwrite($fp,get_msg_auth());
fwrite($fp,nmsg2 = );
//msg2 not in the script cause it is too big
fwrite($fp,putmsg2(TlRMTVNTUAACDAAMADAFgoGgPhfzJ50JifsAAHIAcgA8RABPAE0ARwBFAE4AAgAMAEQATwBNAEcARQBOAAEAHABTAFIAVgBHAEUAVABJAFQAXwBJAFMAUwBZADEABAAMAGQAbwBtAGcAZQBuAAMAKgBzAHIAdgBnAGUAdABpAHQAXwBpAHMAcwB5ADEALgBkAG8AbQBnAGUAbgAA));
fwrite($fp,nmsg3 = );
fwrite($fp,get_msg_auth());
fclose($fp);
}
ntlm_auth();
// header(location: index.php);
?
the following code is working(IE only..), i get the correct test.txt but if i
uncomment the last line header(location..=) the redirection is done but the auth
header are not correct.. i've used tcpdump to see what is the problem and i've find
that the header are not transmitted in the correct order and are modified i
doesn't know if its the apache fault or the php optimer fault by my compagny really
wait for a php version that permit to send and to get the headers correctly..
Thanks a lot
the php used is the binary for win32 with default modules and default php.ini (apache
is used)
php is used an module of apache.
---
ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at
[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578
User Update by: [EMAIL PROTECTED]
Status: Open
Bug Type: HTTP related
Operating system: win32 (nt4 and 2000)
PHP Version: 4.0.5
Description: http header order not respected and messages not transmitted
thanks a lot ramus for your help.. the first part of the problem was my fault not the
php fault.. but... the second part is always not functionnal...
i can obtain the correct headers and response for the ntlm scheme but.. if i do a
header(location : ); at the END of the program... the value are not written
correctly !!
maybe an optimizer miss optimization.
It strange that on a test without redirection all seems correct but adding instruction
after the write and the file was closed and flushed this is not functionnal...
thank a lot and sorry to spam you with my little problem. but it's a mission critical
projet for France Telecom Mobile service (ORANGE) and i prefer using php with linux
than IIS... i need to prove the possibilities of the open source platform..
Thank.
Previous Comments:
---
[2001-06-21 09:21:45] [EMAIL PROTECTED]
By default PHP's header() function will replace the value
of an http header with the value you give it. If you don't
want it to replace, but instead add a second header with
a different value, use the optional second arg to header()
to tell PHP not to do this replace. So your code should be:
header(www-authenticate: Negociate);
header(www-authenticate: NTLM,0);
I don't blame you for not knowing this though. It isn't
documented anywhere. I will take care of that now.
---
[2001-06-21 01:38:26] [EMAIL PROTECTED]
I currently use the module version of php like indicated in my previous description.
I've separed the bug in two part to be more understandable (i'm not familiar with
english)
the first part is with the function header :
if i execute the following code :
header(HTTP/1.1 401 acces refuse);
header(www-authenticate: Negociate);
header(www-authenticate: NTLM);
(i know this not correct for rfc but IIS work like that..)
and on the network dump i see:
HTTP/1.1 401 unauthorized (not my message !!!)
www-authenticate: NTLM (squizzed the negociate!!)
now the second part of the message :
during my challenge to obtain ntlm auth 3 messages are exchanged like that :
c = client ; s = server
1 c - s GET
2 s - c http/1.1 401 unauthorized
www-authenticate : NTLM
3 c - s authorization: msg1
4 s - c http/1.1 401 unauthorized
www-authenticate : NTLM msg2
5 c - s authorization: msg3
so on the number 2 i do calls to header
on the 3 i call getallheaders (return msg1)
on the 4 i call header
on the 5 i cal getallheaders
i write it to a file (for tests)
i close the file
my first suprise was : on the network layer all is correct : 3 msg, 3 corrects
contents and the 3 msg differents.
on the php layer : msg1 is the same that msg 3 !!!
if i do a redirection after have closed the file :
it contains no more messages
is the optmizer fault ?
If i'am not clear i can try to reexplain
---
[2001-06-20 12:14:28] [EMAIL PROTECTED]
Are you using the Apache module version of PHP on Windows
or the standalone CGI binary version? And what do you
mean the headers are in the wrong order? The order of
HTTP headers is not significant.
---
[2001-06-20 09:10:55] [EMAIL PROTECTED]
?
//
// description : ntlm authentification module
//
//get the msg wich is contained in the headers of the apache server.
function get_msg_auth() {
//$msg=no auth scheme//;
$headers = getallheaders();
while (list($header, $value) = each($headers)) {
if ($header == Authorization) {
$msg=$value;
}
}
$msg=substr($msg,5,strlen($msg));
return $msg;
}
//return to the browser the first step of the ntlm authentification schema.
function beginntlm() {
header(HTTP/1.1 401 accès refusé);
header(WWW-Authenticate: NTLM);
}
//send the msg2 to the client.
function putmsg2($msg) {
header(HTTP/1.1 401 accès refusé);
header(www-authenticate: NTLM .$msg);
return($msg);
}
//do the authentification
function ntlm_auth () {
$fp = fopen(c:/test.txt,w+);
beginntlm();
fwrite($fp,msg1 = );
fwrite($fp,get_msg_auth());
fwrite($fp,nmsg2 = );
//msg2 not in the script cause it is too big
[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578
Updated by: sniper
Reported By: [EMAIL PROTECTED]
Old-Status: Open
Status: Feedback
Bug Type: HTTP related
Operating system:
PHP Version: 4.0.5
Assigned To:
Comments:
Did you try with the 2nd (undocumented before) argument
for header() like Rasmus suggested??
And it still doesn't work?
Previous Comments:
---
[2001-06-21 09:59:22] [EMAIL PROTECTED]
thanks a lot ramus for your help.. the first part of the problem was my fault not the
php fault.. but... the second part is always not functionnal...
i can obtain the correct headers and response for the ntlm scheme but.. if i do a
header(location : ); at the END of the program... the value are not written
correctly !!
maybe an optimizer miss optimization.
It strange that on a test without redirection all seems correct but adding instruction
after the write and the file was closed and flushed this is not functionnal...
thank a lot and sorry to spam you with my little problem. but it's a mission critical
projet for France Telecom Mobile service (ORANGE) and i prefer using php with linux
than IIS... i need to prove the possibilities of the open source platform..
Thank.
---
[2001-06-21 09:21:45] [EMAIL PROTECTED]
By default PHP's header() function will replace the value
of an http header with the value you give it. If you don't
want it to replace, but instead add a second header with
a different value, use the optional second arg to header()
to tell PHP not to do this replace. So your code should be:
header(www-authenticate: Negociate);
header(www-authenticate: NTLM,0);
I don't blame you for not knowing this though. It isn't
documented anywhere. I will take care of that now.
---
[2001-06-21 01:38:26] [EMAIL PROTECTED]
I currently use the module version of php like indicated in my previous description.
I've separed the bug in two part to be more understandable (i'm not familiar with
english)
the first part is with the function header :
if i execute the following code :
header(HTTP/1.1 401 acces refuse);
header(www-authenticate: Negociate);
header(www-authenticate: NTLM);
(i know this not correct for rfc but IIS work like that..)
and on the network dump i see:
HTTP/1.1 401 unauthorized (not my message !!!)
www-authenticate: NTLM (squizzed the negociate!!)
now the second part of the message :
during my challenge to obtain ntlm auth 3 messages are exchanged like that :
c = client ; s = server
1 c - s GET
2 s - c http/1.1 401 unauthorized
www-authenticate : NTLM
3 c - s authorization: msg1
4 s - c http/1.1 401 unauthorized
www-authenticate : NTLM msg2
5 c - s authorization: msg3
so on the number 2 i do calls to header
on the 3 i call getallheaders (return msg1)
on the 4 i call header
on the 5 i cal getallheaders
i write it to a file (for tests)
i close the file
my first suprise was : on the network layer all is correct : 3 msg, 3 corrects
contents and the 3 msg differents.
on the php layer : msg1 is the same that msg 3 !!!
if i do a redirection after have closed the file :
it contains no more messages
is the optmizer fault ?
If i'am not clear i can try to reexplain
---
[2001-06-20 12:14:28] [EMAIL PROTECTED]
Are you using the Apache module version of PHP on Windows
or the standalone CGI binary version? And what do you
mean the headers are in the wrong order? The order of
HTTP headers is not significant.
---
[2001-06-20 09:10:55] [EMAIL PROTECTED]
?
//
// description : ntlm authentification module
//
//get the msg wich is contained in the headers of the apache server.
function get_msg_auth() {
//$msg=no auth scheme//;
$headers = getallheaders();
while (list($header, $value) = each($headers)) {
if ($header == Authorization) {
$msg=$value;
}
}
$msg=substr($msg,5,strlen($msg));
return $msg;
}
//return to the browser the first step of the ntlm authentification schema.
function beginntlm() {
header(HTTP/1.1 401 accès refusé);
header(WWW-Authenticate: NTLM);
}
//send the msg2 to the client.
function putmsg2($msg) {
header(HTTP/1.1 401 accès refusé);
header(www-authenticate: NTLM .$msg);
return($msg);
}
//do the authentification
function ntlm_auth () {
$fp = fopen(c:/test.txt,w+);
beginntlm();
fwrite($fp,msg1 = );
fwrite($fp,get_msg_auth());
fwrite($fp,nmsg2 = );
//msg2 not in the script cause it is too big
[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578
Updated by: rasmus
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: HTTP related
Operating system:
PHP Version: 4.0.5
Assigned To:
Comments:
Are you using the Apache module version of PHP on Windows
or the standalone CGI binary version? And what do you
mean the headers are in the wrong order? The order of
HTTP headers is not significant.
Previous Comments:
---
[2001-06-20 09:10:55] [EMAIL PROTECTED]
?
//
// description : ntlm authentification module
//
//get the msg wich is contained in the headers of the apache server.
function get_msg_auth() {
//$msg=no auth scheme//;
$headers = getallheaders();
while (list($header, $value) = each($headers)) {
if ($header == Authorization) {
$msg=$value;
}
}
$msg=substr($msg,5,strlen($msg));
return $msg;
}
//return to the browser the first step of the ntlm authentification schema.
function beginntlm() {
header(HTTP/1.1 401 accès refusé);
header(WWW-Authenticate: NTLM);
}
//send the msg2 to the client.
function putmsg2($msg) {
header(HTTP/1.1 401 accès refusé);
header(www-authenticate: NTLM .$msg);
return($msg);
}
//do the authentification
function ntlm_auth () {
$fp = fopen(c:/test.txt,w+);
beginntlm();
fwrite($fp,msg1 = );
fwrite($fp,get_msg_auth());
fwrite($fp,nmsg2 = );
//msg2 not in the script cause it is too big
fwrite($fp,putmsg2(TlRMTVNTUAACDAAMADAFgoGgPhfzJ50JifsAAHIAcgA8RABPAE0ARwBFAE4AAgAMAEQATwBNAEcARQBOAAEAHABTAFIAVgBHAEUAVABJAFQAXwBJAFMAUwBZADEABAAMAGQAbwBtAGcAZQBuAAMAKgBzAHIAdgBnAGUAdABpAHQAXwBpAHMAcwB5ADEALgBkAG8AbQBnAGUAbgAA));
fwrite($fp,nmsg3 = );
fwrite($fp,get_msg_auth());
fclose($fp);
}
ntlm_auth();
// header(location: index.php);
?
the following code is working(IE only..), i get the correct test.txt but if i
uncomment the last line header(location..=) the redirection is done but the auth
header are not correct.. i've used tcpdump to see what is the problem and i've find
that the header are not transmitted in the correct order and are modified i
doesn't know if its the apache fault or the php optimer fault by my compagny really
wait for a php version that permit to send and to get the headers correctly..
Thanks a lot
the php used is the binary for win32 with default modules and default php.ini (apache
is used)
php is used an module of apache.
---
ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at http://bugs.php.net/?id=11578edit=2
--
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] Bug #11578 Updated: http header order not respected and messages not transmitted
ID: 11578
Updated by: sniper
Reported By: [EMAIL PROTECTED]
Old-Status: Open
Status: Feedback
Bug Type: HTTP related
Operating system:
PHP Version: 4.0.5
Assigned To:
Comments:
Previous Comments:
---
[2001-06-20 09:10:55] [EMAIL PROTECTED]
?
//
// description : ntlm authentification module
//
//get the msg wich is contained in the headers of the apache server.
function get_msg_auth() {
//$msg=no auth scheme//;
$headers = getallheaders();
while (list($header, $value) = each($headers)) {
if ($header == Authorization) {
$msg=$value;
}
}
$msg=substr($msg,5,strlen($msg));
return $msg;
}
//return to the browser the first step of the ntlm authentification schema.
function beginntlm() {
header(HTTP/1.1 401 accès refusé);
header(WWW-Authenticate: NTLM);
}
//send the msg2 to the client.
function putmsg2($msg) {
header(HTTP/1.1 401 accès refusé);
header(www-authenticate: NTLM .$msg);
return($msg);
}
//do the authentification
function ntlm_auth () {
$fp = fopen(c:/test.txt,w+);
beginntlm();
fwrite($fp,msg1 = );
fwrite($fp,get_msg_auth());
fwrite($fp,nmsg2 = );
//msg2 not in the script cause it is too big
fwrite($fp,putmsg2(TlRMTVNTUAACDAAMADAFgoGgPhfzJ50JifsAAHIAcgA8RABPAE0ARwBFAE4AAgAMAEQATwBNAEcARQBOAAEAHABTAFIAVgBHAEUAVABJAFQAXwBJAFMAUwBZADEABAAMAGQAbwBtAGcAZQBuAAMAKgBzAHIAdgBnAGUAdABpAHQAXwBpAHMAcwB5ADEALgBkAG8AbQBnAGUAbgAA));
fwrite($fp,nmsg3 = );
fwrite($fp,get_msg_auth());
fclose($fp);
}
ntlm_auth();
// header(location: index.php);
?
the following code is working(IE only..), i get the correct test.txt but if i
uncomment the last line header(location..=) the redirection is done but the auth
header are not correct.. i've used tcpdump to see what is the problem and i've find
that the header are not transmitted in the correct order and are modified i
doesn't know if its the apache fault or the php optimer fault by my compagny really
wait for a php version that permit to send and to get the headers correctly..
Thanks a lot
the php used is the binary for win32 with default modules and default php.ini (apache
is used)
php is used an module of apache.
---
ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at http://bugs.php.net/?id=11578edit=2
--
PHP Development Mailing List http://www.php.net/
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
