php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #29132 $_SERVER["PHP_AUTH_USER"] is not in headers anymore?
Submitted: 2004-07-14 06:40 UTC Modified: 2004-07-14 13:08 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:2 of 2 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: endrju at itrisinajumi dot lv Assigned:
Status: Closed Package: *General Issues
PHP Version: 5.0.0 OS: FreeBSD 5.2.1
Private report: No CVE-ID:
 [2004-07-14 06:40 UTC] endrju at itrisinajumi dot lv
Description:
------------
When making HTTP authentication there is no $_SERVER["PHP_AUTH_USER"] in headers (but there is $_SERVER["PHP_AUTH_PW"]).

I noticed this when i upgraded to PHP 5.0.0 and checked phpMyAdmin - it hanged. After some investigation I found that there's no $_SERVER["PHP_AUTH_USER"] in headers.

'./configure' '--with-apxs=/usr/local/apache/bin/apxs' '--with-openssl' '--with-imap=../imap-2004/' '--with-mysql=/usr/local/mysql' '--with-mssql' '--with-pgsql' '--with-gd' '--with-png' '--with-zlib' '--with-jpeg' '--with-iconv' '--with-gettext' '--with-xml' '--with-mcrypt' '--enable-mbstring' '--enable-sockets' '--with-bz2' '--enable-calendar' '--enable-bcmath'

Reproduce code:
---------------
<?php
  if (!isset($_SERVER['PHP_AUTH_USER'])) {
   header('WWW-Authenticate: Basic realm="My Realm"');
   header('HTTP/1.0 401 Unauthorized');
   echo 'Text to send if user hits Cancel button';
   exit;
  } else {
   echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
   echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
  }
?> 

Expected result:
----------------
(This is from http://lv.php.net/manual/en/features.http-auth.php).
I Expected that when i enter username, password and press OK, the code will output my entered username and password.

Actual result:
--------------
Script keeps asking the username and password indefinitely;

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-07-14 06:49 UTC] endrju at itrisinajumi dot lv
Changed category - General Issues;
 [2004-07-14 11:58 UTC] sesser@php.net
Please try using this CVS snapshot:

  http://snaps.php.net/php5-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5-win32-latest.zip

This Bug should be fixed in CVS now...

Please test next snapshot.


 [2004-07-14 13:05 UTC] alex dot pagnoni at solarix dot it
Stefan, I can confirm you that $_SERVER['PHP_AUTH_USER']  
now works fine again with the latest php5 snapshot  
(php5-200407141030).
 [2004-07-14 13:08 UTC] derick@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 [2004-07-15 18:27 UTC] daviidu at everydns dot net
This bug is quite serious actually and I would expect a lot of semi-clued people to not recognize it as a PHP bug or maybe only after wasting a lot of time.

I would suggest a 5.0.1 release out the door ASAP.

-davidu
 [2004-07-21 17:00 UTC] tmeader at pobox dot com
I've come across two other admins thus far who have been having this problem, and had no idea that it was PHP related. They spent at least 6 hours trying to debug their script before giving up for the day. This is a MAJOR bug, since it basically breaks ALL PHP scripts that use HTTP Auth. Can we PLEASE have a fast interim 5.0.1 to fix this?
 [2004-07-23 03:38 UTC] neilcurry1 at hotmail dot com
I just spend 2 days trying to sort this problem out, 
seeking help from http://phpmac.com/ also.

I have downloaded the latest snapshot and build and 
installed.

Everything OK now :)

I think a new release to php 5 is needed to stop others 
pulling their hair out over this one.

Neil
 [2004-07-26 03:47 UTC] arthur at petraclc dot com
Jul 25, 2004.

Downloaded the latest snapshot of PHP5.0.0 after experiencing the authication failure issue - while using HTTP authentication method in phpMyAdmin-2.5.7-pl1

With this current CVS release, I am unable to login into MySQL at all!  

Trying an older version of the CVS....Your fizes are much appreciated!
 [2004-08-10 01:33 UTC] herps at raqtweak dot com
Wow guys... How can this happen!!!

When do you plan on releasing PHP 5.0.1?
I think this is something EVERYONE wants to know...

Thanks from all of us...
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 24 02:02:10 2014 UTC