php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #51011 [ZH] The Content and the sample were mixed
Submitted: 2010-02-11 09:18 UTC Modified: 2010-10-23 14:33 UTC
From: lne1030 at gmail dot com Assigned: kalle (profile)
Status: Closed Package: Translation problem
PHP Version: 5.2.12 OS: Windows XP
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
24 - 3 = ?
Subscribe to this entry?

 
 [2010-02-11 09:18 UTC] lne1030 at gmail dot com
Description:
------------
http://docs.php.net/manual/zh/features.http-auth.php

This page have the error!
"Example #7 Digest HTTP" 

Reproduce code:
---------------
<?php
$realm = 'Restricted area';

//user => password
$users = array('admin' => 'mypass', 'guest' => 'guest');


if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
    header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: Digest realm="'.$realm.
           '" qop="auth" nonce="'.uniqid().'" opaque="'.md5($realm).'"');

    die('Text to send if user hits Cancel button');
}


// analyze the PHP_AUTH_DIGEST variable
if (!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) ||
    !isset($users[$data['username']]))
    die('Wrong Credentials!');


// generate the valid response
$A1 = md5($data['username'] . ':' . $realm . ':' . $users[$data['username']]);
$A2 = md5($_SERVER['REQUEST_METHOD'].':'.$data['uri']);
$valid_response = md5($A1.':'.$data['nonce'].':'.$data['nc'].':'.$data['cnonce'].':'.$data['qop'].':'.$A2);

if ($data['response'] != $valid_response)
    die('Wrong Credentials!');

// ok, valid username & password
echo 'Your are logged in as: ' . $data['username'];


// function to parse the http auth header
function http_digest_parse($txt)
{
    // protect against missing data
    $needed_parts = array('nonce'=>1, 'nc'=>1, 'cnonce'=>1, 'qop'=>1, 'username'=>1, 'uri'=>1, 'response'=>1);
    $data = array();

    preg_match_all('@(\w+)=([\'"]?)([a-zA-Z0-9=./\_-]+)\2@', $txt, $matches, PREG_SET_ORDER);

    foreach ($matches as $m) {
        $data[$m[1]] = $m[3];
        unset($needed_parts[$m[1]]);
    }

    return $needed_parts ? false : $data;
}
?>
   </programlisting>
  </example>
 </para>

 <note>
  <title>??????????</title>
  <para>
   ?ڱ?д HTTP
   ??ͷ????ʱ??????С?ġ?Ϊ?˶????еĿͻ??˱?֤?????ԣ??ؼ??֡?Basic???ĵ?һ????ĸ??????дΪ??B?????ֽ??ַ?????????˫???ţ????ǵ????ţ????ã??????ڱ?ͷ??
   <emphasis>HTTP/1.0 401</emphasis> ?У??? <emphasis>401</emphasis> ǰ???????ҽ???һ???ո???
  </para>
 </note>

 <para>
  ???????????У?????ֻ??ӡ???? <varname>PHP_AUTH_USER</varname> ??
  <varname>PHP_AUTH_PW</varname>
  ??ֵ??????ʵ???????У???????Ҫ???û??????????ĺϷ??Խ??м??顣???????????ݿ??IJ?ѯ???????? dbm ?ļ??м?????
 </para>

 <para>
  ע????Щ Internet Explorer
  ???????????????⡣???Ա?ͷ??˳???Ե??ƺ??е㴵ë???á?Ŀǰ?????ڷ???
  <literal>HTTP/1.0 401</literal> ֮ǰ?ȷ???
  <emphasis>WWW-Authenticate</emphasis> ??ͷ?ƺ????Խ????????⡣
 </para>

 <simpara>
  ?? PHP 4.3.0
  ????Ϊ?˷?ֹ????ͨ????д?ű??????ô?ͳ?ⲿ??????֤??ҳ???ϻ?ȡ???룬???ⲿ??֤???ض?ҳ????Ч??????&safemode;??????ʱ??PHP_AUTH
  ?????????ᱻ???á??????????Σ?<varname>REMOTE_USER</varname>
  ???Ա??????????ⲿ??֤???û??????˿?????
  <varname>$_SERVER['REMOTE_USER']</varname> ??????
 </simpara>

 <note>
  <title>????˵??</title>
  <para>
   PHP ???Ƿ??? <literal>AuthType</literal> ָ?????ж??ⲿ??֤?????Ƿ???Ч??
  </para>
 </note>

 <simpara>
  ע?⣬????Ȼ???ܷ?ֹ????ͨ??δ??֤?? URL ????ͬһ??????????֤?? URL ??͵ȡ???롣
 </simpara>
 <simpara>
  Netscape Navigator ?? Internet Explorer ?????????????յ? 401
  ?ķ????˷?????Ϣʱ???????еı????????????????? Windows
  ??֤???档???ܹ???Ч??ע??һ???û???????ʹ???????????????ǵ??û????????롣??Щ???????ַ?????ʹ??¼״̬?????ڡ?????????Ϊ??ע??????ť????Ӧ??Ϊ??
 </simpara>
 <para>
  <example>
    <title>ǿ???????????û??????????? HTTP ??֤?ķ???</title>
    <programlisting role="php">
<![CDATA[
<?php
  function authenticate() {
    header('WWW-Authenticate: Basic realm="Test Authentication System"');
    header('HTTP/1.0 401 Unauthorized');
    echo "You must enter a valid login ID and password to access this resource\n";
    exit;
  }

  if (!isset($_SERVER['PHP_AUTH_USER']) ||
      ($_POST['SeenBefore'] == 1 && $_POST['OldAuth'] == $_SERVER['PHP_AUTH_USER'])) {
   authenticate();
  }
  else {
   echo "<p>Welcome: {$_SERVER['PHP_AUTH_USER']}<br />";
   echo "Old: {$_REQUEST['OldAuth']}";
   echo "<form action='{$_SERVER['PHP_SELF']}' METHOD='post'>\n";
   echo "<input type='hidden' name='SeenBefore' value='1' />\n";
   echo "<input type='hidden' name='OldAuth' value='{$_SERVER['PHP_AUTH_USER']}' />\n";
   echo "<input type='submit' value='Re Authenticate' />\n";
   echo "</form></p>\n";
  }



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-02-19 14:08 UTC] yannick@php.net
-Summary: The Content and the sample were mixed
+Summary: [ZH] The Content and the sample were mixed
 [2010-10-23 12:58 UTC] kalle@php.net
-Type: Bug +Type: Documentation Problem
 [2010-10-23 14:33 UTC] kalle@php.net
Automatic comment from SVN on behalf of kalle
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=304656
Log: Fixed bug #51011 ([ZH] The Content and the sample were mixed)
 [2010-10-23 14:33 UTC] kalle@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: kalle
 [2010-10-23 14:33 UTC] kalle@php.net
This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.


 [2020-12-30 10:47 UTC] nikic@php.net
Automatic comment on behalf of kalle
Revision: http://git.php.net/?p=doc/zh.git;a=commit;h=cb3cf5399633d2cb9d0532482fe2d3dba225a3d8
Log: Fixed bug #51011 ([ZH] The Content and the sample were mixed)
 
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Fri Feb 03 17:03:37 2023 UTC