php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #13115 .htaccess password secured Script is run twice
Submitted: 2001-09-03 15:18 UTC Modified: 2001-09-03 17:24 UTC
From: matthias-php at kopolt dot de Assigned:
Status: Not a bug Package: Apache related
PHP Version: 4.0.4pl1 OS: RedHat Linux 7.1
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: matthias-php at kopolt dot de
New email:
PHP Version: OS:

 

 [2001-09-03 15:18 UTC] matthias-php at kopolt dot de
given: a directory secured with http basic authentication and only accessible by using username and password supplied in a password and a group file. The Access.Logfile shows 2 requests for the same page, with the first being denied by 401 and the second with a correct reply (200)
The PHP script runs twice, with the first Output being garbaged.

Reproduced on Standard Redhat rpm installation as well as on specific compilation. Always as php-apache-module

here 2 Lines from the log

1.1.1.1 - - [03/Sep/2001:19:02:54 +0000] "POST /_admin_/phpQLAdmin/domain_add.php HTTP/1.0" 401 397 "http://myserver/_admin_/phpQLAdmin/home.php" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
1.1.1.1 - admin [03/Sep/2001:19:02:55 +0000] "POST /_admin_/phpQLAdmin/domain_add.php HTTP/1.0" 200 352 "http://myserver/_admin_/phpQLAdmin/home.php" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-09-03 15:31 UTC] mfischer@php.net
That's how it is supposed to work. The browser accesses the page, get's a not authorized error (401), and, if the user has already entered the authentication incredents, requests the page again with the auth data; else you will be prompted for them and then the page is requested again.

Not a PHP bug, bogusified.

- Markus
 [2001-09-03 16:50 UTC] matthias-php at kopolt dot de
ok, sorry! remove this report!!
My script code was indeed executed twice but as a result of having the script doing a "apachectl restart" in an invoked "sudo shellscript".
authentication is fine, and killing one's own PID resulted in the Browser reloading the page and reexecuting the first part of the script without being logged twice (the interupted request probably).
sorry



 [2001-09-03 17:24 UTC] mfischer@php.net
Bogusified (again?) on user request.

- Markus
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu May 30 22:01:29 2024 UTC