php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #30169 PHP loses POST data when HTTP authentication is used
Submitted: 2004-09-20 15:26 UTC Modified: 2004-09-28 23:01 UTC
From: hcg26 at cam dot ac dot uk Assigned:
Status: Not a bug Package: Variables related
PHP Version: 4.3.8 OS: Linux vnm2 2.4.27 #4 SMP
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: hcg26 at cam dot ac dot uk
New email:
PHP Version: OS:

 

 [2004-09-20 15:26 UTC] hcg26 at cam dot ac dot uk 
Description:
------------
On a Linux Apache server (1.3.31), PHP loses request variables when they were sent using the POST method and the script is protected via .htaccess authentication 
(bug produced with user & password authentication).
The form data are nowhere to be found, not in $_REQUEST or $_POST.

My $_SERVER is as follows:

(
    [CONTENT_LENGTH] => 21
    [CONTENT_TYPE] => application/x-www-form-urlencoded
    [DOCUMENT_ROOT] => /home/www/<host name>/htdocs
    [HTTP________] => ----:-------------------------------
    [HTTP________________] => ----- -------
    [HTTP_ACCEPT] => image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
    [HTTP_ACCEPT_LANGUAGE] => de
    [HTTP_CACHE_CONTROL] => no-cache
    [HTTP_CONNECTION] => Keep-Alive
    [HTTP_HOST] => <host name>
    [HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; iOpus-I-M)
    [PATH] => /sbin:/bin:/usr/sbin:/usr/bin
    [REMOTE_ADDR] => 217.236.36.198
    [REMOTE_PORT] => 2029
    [SCRIPT_FILENAME] => /home/www/<host name>/htdocs/v1/phpbug/test.php
    [SCRIPT_URI] => http://<host name>/v1/phpbug/test.php
    [SCRIPT_URL] => /v1/phpbug/test.php
    [SERVER_ADDR] => 81.3.18.152
    [SERVER_ADMIN] => <removed>
    [SERVER_NAME] => <host name>
    [SERVER_PORT] => 80
    [SERVER_SIGNATURE] => 
    [SERVER_SOFTWARE] => Apache/1.3.31 (Unix) mod_ssl/2.8.19 OpenSSL/0.9.7d PHP/4.3.8
    [UNIQUE_ID] => QU7XaH8AAAEAAASeDko
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.1
    [REQUEST_METHOD] => POST
    [QUERY_STRING] => 
    [REQUEST_URI] => /v1/phpbug/test.php
    [SCRIPT_NAME] => /v1/phpbug/test.php
    [PATH_TRANSLATED] => /home/www/<host name>/htdocs/v1/phpbug/test.php
    [PHP_SELF] => /v1/phpbug/test.php
)


Reproduce code:
---------------
-- html input form
<form action="phpbug/test.php" method=post>
POST <input type=text name="a"> <input type=submit>
<hr>
<form action=phpbug/test.php" method=get>
GET <input type=text name="a"> <input type=submit>

--php script
<?php
echo "<pre>";
print_r($_POST);
echo "--";
print_r($_REQUEST);
echo "--";
print_r($_SERVER);
?>


Expected result:
----------------
Array
(
    [a] => dfdsfds
)
--Array
(
    [a] => dfdsfds
)

[as obtained when using the GET method]

Actual result:
--------------
Array
(
    [a] => 
)
--Array
(
    [a] => 
)

NOTE: the $_SERVER[CONTENT_LENGTH] is correct.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-09-20 15:29 UTC] hcg26 at cam dot ac dot uk 
My .htaccess is bog standard:

AuthType basic
AuthName "Test"
AuthUserFile /home/www/<...>/htdocs/v1/smsin/.htpasswd
require valid-user
 [2004-09-22 09:07 UTC] jorton@php.net 
This sounds like the 1.3.31 regression in request body handling.  Try this patch:

http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/main/http_request.c?r1=1.174&r2=1.175
 [2004-09-28 23:01 UTC] sniper@php.net 
Not PHP bug.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Jul 17 14:04:04 2025 UTC