php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #30169 PHP loses POST data when HTTP authentication is used
Submitted: 2004-09-20 15:26 UTC Modified: 2004-09-28 23:01 UTC
From: hcg26 at cam dot ac dot uk Assigned:
Status: Not a bug Package: Variables related
PHP Version: 4.3.8 OS: Linux vnm2 2.4.27 #4 SMP
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: hcg26 at cam dot ac dot uk
New email:
PHP Version: OS:

 

 [2004-09-20 15:26 UTC] hcg26 at cam dot ac dot uk 
Description:
------------
On a Linux Apache server (1.3.31), PHP loses request variables when they were sent using the POST method and the script is protected via .htaccess authentication 
(bug produced with user & password authentication).
The form data are nowhere to be found, not in $_REQUEST or $_POST.

My $_SERVER is as follows:

(
    [CONTENT_LENGTH] => 21
    [CONTENT_TYPE] => application/x-www-form-urlencoded
    [DOCUMENT_ROOT] => /home/www/<host name>/htdocs
    [HTTP________] => ----:-------------------------------
    [HTTP________________] => ----- -------
    [HTTP_ACCEPT] => image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-shockwave-flash, */*
    [HTTP_ACCEPT_LANGUAGE] => de
    [HTTP_CACHE_CONTROL] => no-cache
    [HTTP_CONNECTION] => Keep-Alive
    [HTTP_HOST] => <host name>
    [HTTP_USER_AGENT] => Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; iOpus-I-M)
    [PATH] => /sbin:/bin:/usr/sbin:/usr/bin
    [REMOTE_ADDR] => 217.236.36.198
    [REMOTE_PORT] => 2029
    [SCRIPT_FILENAME] => /home/www/<host name>/htdocs/v1/phpbug/test.php
    [SCRIPT_URI] => http://<host name>/v1/phpbug/test.php
    [SCRIPT_URL] => /v1/phpbug/test.php
    [SERVER_ADDR] => 81.3.18.152
    [SERVER_ADMIN] => <removed>
    [SERVER_NAME] => <host name>
    [SERVER_PORT] => 80
    [SERVER_SIGNATURE] => 
    [SERVER_SOFTWARE] => Apache/1.3.31 (Unix) mod_ssl/2.8.19 OpenSSL/0.9.7d PHP/4.3.8
    [UNIQUE_ID] => QU7XaH8AAAEAAASeDko
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.1
    [REQUEST_METHOD] => POST
    [QUERY_STRING] => 
    [REQUEST_URI] => /v1/phpbug/test.php
    [SCRIPT_NAME] => /v1/phpbug/test.php
    [PATH_TRANSLATED] => /home/www/<host name>/htdocs/v1/phpbug/test.php
    [PHP_SELF] => /v1/phpbug/test.php
)


Reproduce code:
---------------
-- html input form
<form action="phpbug/test.php" method=post>
POST <input type=text name="a"> <input type=submit>
<hr>
<form action=phpbug/test.php" method=get>
GET <input type=text name="a"> <input type=submit>

--php script
<?php
echo "<pre>";
print_r($_POST);
echo "--";
print_r($_REQUEST);
echo "--";
print_r($_SERVER);
?>


Expected result:
----------------
Array
(
    [a] => dfdsfds
)
--Array
(
    [a] => dfdsfds
)

[as obtained when using the GET method]

Actual result:
--------------
Array
(
    [a] => 
)
--Array
(
    [a] => 
)

NOTE: the $_SERVER[CONTENT_LENGTH] is correct.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-09-20 15:29 UTC] hcg26 at cam dot ac dot uk 
My .htaccess is bog standard:

AuthType basic
AuthName "Test"
AuthUserFile /home/www/<...>/htdocs/v1/smsin/.htpasswd
require valid-user
 [2004-09-22 09:07 UTC] jorton@php.net 
This sounds like the 1.3.31 regression in request body handling.  Try this patch:

http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/main/http_request.c?r1=1.174&r2=1.175
 [2004-09-28 23:01 UTC] sniper@php.net 
Not PHP bug.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Jul 17 14:04:04 2025 UTC