php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Doc Bug #14804 PHP_AUTH_* - what is it?
Submitted: 2002-01-02 12:44 UTC Modified: 2002-06-10 19:02 UTC
From: msopacua at idg dot nl Assigned:
Status: Closed Package: Documentation problem
PHP Version: 4.1.1 OS: Any
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2002-01-02 12:44 UTC] msopacua at idg dot nl 
Please see:
http://www.php.net/manual/en/language.variables.predefined.php
as opposed to:
http://www.php.net/manual/en/features.http-auth.php

PHP_AUTH vars, are not listed in the Apache list, while the features page, qualifies them as such.

Under ISAPI however, these vars are available as:
AUTH_PASSWORD and AUTH_USER, so people looking for a reason why their script won't work, either bum out, when viewing the second page, or look at phpinfo and see nothing, because you need to be logged in first, to see them (yes, there are ways less obvious).

So, either they should be listed as Apache variables in the first page, or they should not be called Apache variables in the second page.

In any case, I think mentioning, they are called differently in ISAPI on the second page, is not a luxury.

Also - I think example 17-1 should be changed to:
<?php
  if (!isset($_SERVER['REMOTE_USER'])) {
    header("WWW-Authenticate: Basic realm=\"My Realm\"");
    header("HTTP/1.0 401 Unauthorized");
    echo "Text to send if user hits Cancel button\n";
    exit;
  } else {
    // The variables below could be called differently.
    // If so, change the code below to phpinfo() and look
    // them up
    echo "<p>Hello $PHP_AUTH_USER.</p>";
    echo "<p>You entered $PHP_AUTH_PW as your password.</p>";
  }
?>

which should work on any platform, that supports the feature, independant of register_globals settings.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-01-02 12:51 UTC] msopacua at idg dot nl 
Correction:
the $PHP_AUTH_USER and $PHP_AUTH_PW in the bottom half of the example script, should be changed to their $_SERVER equivalent also.
 [2002-06-10 19:02 UTC] mfischer@php.net 
This bug has been fixed in CVS. You can grab a snapshot of the
CVS version at http://snaps.php.net/. In case this was a documentation 
problem, the fix will show up soon at http://www.php.net/manual/.
In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites.
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Mon Jul 01 22:01:30 2024 UTC