php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #29132 $_SERVER["PHP_AUTH_USER"] is not in headers anymore?
Submitted: 2004-07-14 06:40 UTC Modified: 2004-07-14 13:08 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:2 of 2 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: endrju at itrisinajumi dot lv Assigned:
Status: Closed Package: *General Issues
PHP Version: 5.0.0 OS: FreeBSD 5.2.1
Private report: No CVE-ID: None
View Developer Edit
 [2004-07-14 06:40 UTC] endrju at itrisinajumi dot lv 
Description:
------------
When making HTTP authentication there is no $_SERVER["PHP_AUTH_USER"] in headers (but there is $_SERVER["PHP_AUTH_PW"]).

I noticed this when i upgraded to PHP 5.0.0 and checked phpMyAdmin - it hanged. After some investigation I found that there's no $_SERVER["PHP_AUTH_USER"] in headers.

'./configure' '--with-apxs=/usr/local/apache/bin/apxs' '--with-openssl' '--with-imap=../imap-2004/' '--with-mysql=/usr/local/mysql' '--with-mssql' '--with-pgsql' '--with-gd' '--with-png' '--with-zlib' '--with-jpeg' '--with-iconv' '--with-gettext' '--with-xml' '--with-mcrypt' '--enable-mbstring' '--enable-sockets' '--with-bz2' '--enable-calendar' '--enable-bcmath'

Reproduce code:
---------------
<?php
  if (!isset($_SERVER['PHP_AUTH_USER'])) {
   header('WWW-Authenticate: Basic realm="My Realm"');
   header('HTTP/1.0 401 Unauthorized');
   echo 'Text to send if user hits Cancel button';
   exit;
  } else {
   echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
   echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
  }
?> 

Expected result:
----------------
(This is from http://lv.php.net/manual/en/features.http-auth.php).
I Expected that when i enter username, password and press OK, the code will output my entered username and password.

Actual result:
--------------
Script keeps asking the username and password indefinitely;

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-07-14 06:49 UTC] endrju at itrisinajumi dot lv 
Changed category - General Issues;
 [2004-07-14 11:58 UTC] sesser@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip

This Bug should be fixed in CVS now...

Please test next snapshot.
 [2004-07-14 13:05 UTC] alex dot pagnoni at solarix dot it 
Stefan, I can confirm you that $_SERVER['PHP_AUTH_USER']  
now works fine again with the latest php5 snapshot  
(php5-200407141030).
 [2004-07-14 13:08 UTC] derick@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 [2004-07-15 18:27 UTC] daviidu at everydns dot net 
This bug is quite serious actually and I would expect a lot of semi-clued people to not recognize it as a PHP bug or maybe only after wasting a lot of time.

I would suggest a 5.0.1 release out the door ASAP.

-davidu
 [2004-07-21 17:00 UTC] tmeader at pobox dot com 
I've come across two other admins thus far who have been having this problem, and had no idea that it was PHP related. They spent at least 6 hours trying to debug their script before giving up for the day. This is a MAJOR bug, since it basically breaks ALL PHP scripts that use HTTP Auth. Can we PLEASE have a fast interim 5.0.1 to fix this?
 [2004-07-23 03:38 UTC] neilcurry1 at hotmail dot com 
I just spend 2 days trying to sort this problem out, 
seeking help from http://phpmac.com/ also.

I have downloaded the latest snapshot and build and 
installed.

Everything OK now :)

I think a new release to php 5 is needed to stop others 
pulling their hair out over this one.

Neil
 [2004-07-26 03:47 UTC] arthur at petraclc dot com 
Jul 25, 2004.

Downloaded the latest snapshot of PHP5.0.0 after experiencing the authication failure issue - while using HTTP authentication method in phpMyAdmin-2.5.7-pl1

With this current CVS release, I am unable to login into MySQL at all!  

Trying an older version of the CVS....Your fizes are much appreciated!
 [2004-08-10 01:33 UTC] herps at raqtweak dot com 
Wow guys... How can this happen!!!

When do you plan on releasing PHP 5.0.1?
I think this is something EVERYONE wants to know...

Thanks from all of us...
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Oct 25 02:00:01 2025 UTC