PHP :: Bug #31370 :: HTTP Authentication is not working. The login box keeps popping.

Bug #31370	HTTP Authentication is not working. The login box keeps popping.
Submitted:	2005-01-01 01:13 UTC	Modified:	2005-01-01 19:08 UTC
From:	jaswinder_rana at hotmail dot com	Assigned:
Status:	Not a bug	Package:	*General Issues
PHP Version:	4.3.10	OS:	WinXP
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	jaswinder_rana at hotmail dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2005-01-01 01:13 UTC] jaswinder_rana at hotmail dot com

Description:
------------
HTTP Authentication is not working. The login box keeps on coming back and $_SESSION['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] are never intilized. i spent 2 hours on it till i see there were same HTTP Authentication issue with earlier PHP versions. I even upgraded to latest fixzes from snaps.php.net and it di't still solve it.
I am using Apache 2.0.44 just in case its server's issue.

There are already issues but i din't see any with PHP4.3.10(and now after updating from snaps.php.net PHP4.3.11)
so, i figured its good to mention so it can be fixed.

Reproduce code:
---------------
function error ($error_message)
{
	echo $error_message."<BR>";
	exit;
}

if ( (!isset($_SERVER['PHP_AUTH_USER'])) || $_SERVER['PHP_AUTH_USER'] !='user' || $_SERVER['PHP_AUTH_PW']!='pass')
{
	header("WWW-Authenticate: Basic entrer=\"Admin\"");
	header("HTTP/1.0 401 Unauthorized");
	error("Unauthorized access...");
}
else
{
	echo 'You are logged in..';
}

Expected result:
----------------
You are logged in..

Actual result:
--------------
Login box keeps on coming and it says $_SERVER['PHP_AUTH_PW'] undefined index

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-01-01 12:25 UTC] nlopess@php.net

Some questions:
 * Do you have safe mode on?
 * And are using apache 2 module, filter or CGI?

[2005-01-01 18:39 UTC] jaswinder_rana at hotmail dot com

1. safe mode is off
2. i am using apace 2 and i am using PHP as a cgi by adding following three lines in httpd.conf
 ScriptAlias /php/ "c:/PHP/"
 Action application/x-httpd-php "/php/php.exe"
 AddType application/x-httpd-php .php

Just to mention i am not the only one having this problem. Look at this link http://www.neowin.net/forum/index.php?showtopic=260290&pid=585143002&st=0

[2005-01-01 19:08 UTC] johannes@php.net

Qutoting first sentence from 
http://de2.php.net/manual/en/features.http-auth.php 
 
"The HTTP Authentication hooks in PHP are only available 
when it is running as an Apache module and is hence not 
available in the CGI version."

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat May 18 00:01:33 2024 UTC