PHP :: Bug #21620 :: $REMOTE_USER does not exist after a POST-request

Bug #21620	$REMOTE_USER does not exist after a POST-request
Submitted:	2003-01-13 11:36 UTC	Modified:	2003-01-13 16:29 UTC
From:	mklerx at eid dot nl	Assigned:
Status:	Not a bug	Package:	Scripting Engine problem
PHP Version:	4.3.0	OS:	Redhat 6.2
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	mklerx at eid dot nl
New email:
PHP Version:		OS:

New/Additional Comment:

[2003-01-13 11:36 UTC] mklerx at eid dot nl

In PHP 4.3.0 in safe mode the $PHP_AUTH_* variables do not exist anymore. It is recommended to use $REMOTE_USER instead.

The suggestion that $REMOTE_USER still works and can be used in Safe mode is only party true. I noticed that this variable is filled with the username supplied by the external basic auth mechanism (.htaccess) unless you are in a script which has been called by a <form action=XXX method="post">.
With method="get" it works OK.

I need the $REMOTE_USER to lookup users from the database and find their ID in the DB. The method="get" option is a workaround, but this does not work in upload scripts, which has to use "post".

Is this a new bug?

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-01-13 12:18 UTC] rasmus@php.net

Which web version of Apache?

I don't see anything on the PHP side of things that would make this behave differently based on the request type.

[2003-01-13 12:40 UTC] mklerx at eid dot nl

Forget about it. I just noticed that the .htaccess file contained 
<LIMIT GET>
  require valid-user
</LIMIT>

After deleteing the <LIMIT GET> and </LIMIT> tags the post version also worked. The $PHP_AUTH_USER worked even though the <LIMIT > tags were there, but the $REMOTE_USER obviously does not.

Forgive me for not thinking of this earlier.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Apr 25 15:01:30 2024 UTC