From: [EMAIL PROTECTED]
Operating system: Linux
PHP version: 4.1.0
PHP Bug Type: Apache related
Bug description: Variables $PHP_AUTH_* is set, when use a traditional external auth
mechanism
.htaccess
AuthUserFile .htpasswd
AuthName "WARNING! ENTER ACCESS KEY!"
AuthType Basic
Require valid-user
index.php
<pre>
$PHP_AUTH_USER
<?
var_dump($PHP_AUTH_USER);
?>
$PHP_AUTH_PW
<?
var_dump($PHP_AUTH_PW);
?>
<pre>
http://www.php.net/manual/en/features.http-auth.php
<cut>
In order to prevent someone from writing a script which reveals the
password for a page that was authenticated through a traditional external
mechanism, the PHP_AUTH variables will not be set if external
authentication is enabled for that particular page. In this case, the
$REMOTE_USER variable can be used to identify the externally-authenticated
user.
</cut>
--
Edit bug report at: http://bugs.php.net/?id=14534&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
