I'm hoping someome more knowledgeable than I can help me with a problem
I'm having. I have been writing a system using PHP and MySQL and had it
running for testing purposes on my own pc which is running Abyss web
server software.
Access to some of the website functionality is protected using the
following kind of call:
<?php
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header('WWW-Authenticate: Basic realm="Realm name"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
} else {
And on my own pc this works fine both for me locally and for people
connecting over the internet. Any attempt to view the protected page
produces a username and password login prompt.
When I transfer the code onto commercially available webspace though I
get a problem in that the username and password login prompt appears but
irrespective of what I enter it just keeps reappearing and this has
nothing to do with the actual code which does one of 3 things: if the
username and password are valid continues to execute the PHP script and
HTML, if the username is invalid a message is produced saying invalid
login and the third option is that the user actually cancels their
login.
So my question is what might be causing this problem and is there a way
round it? I've spoken with the webspace provider but they had no answer
either.
12  10755 
> I'm hoping someome more knowledgeable than I can help me with a problem I'm having. I have been writing a system using PHP and MySQL and had it
running for testing purposes on my own pc which is running Abyss web
server software.
[...snip...]
When I transfer the code onto commercially available webspace though I
get a problem in that the username and password login prompt appears but
irrespective of what I enter it just keeps reappearing and this has
nothing to do with the actual code which does one of 3 things: if the
username and password are valid continues to execute the PHP script and
HTML, if the username is invalid a message is produced saying invalid
login and the third option is that the user actually cancels their
login.
So my question is what might be causing this problem and is there a way
round it? I've spoken with the webspace provider but they had no answer
either.
What web server software is used for the webspace? It seems that if it is
IIS you have a few extra hoops to jump through to make things work (which
you can Google for).
G.
On Fri, 17 Dec 2004 00:52:51 -0000, "Graham J" <ob*****@despammed.com>
wrote: I'm hoping someome more knowledgeable than I can help me with a problem
I'm having. I have been writing a system using PHP and MySQL and had it
running for testing purposes on my own pc which is running Abyss web
server software.
[...snip...]
When I transfer the code onto commercially available webspace though I
get a problem in that the username and password login prompt appears but
irrespective of what I enter it just keeps reappearing and this has
nothing to do with the actual code which does one of 3 things: if the
username and password are valid continues to execute the PHP script and
HTML, if the username is invalid a message is produced saying invalid
login and the third option is that the user actually cancels their
login.
So my question is what might be causing this problem and is there a way
round it? I've spoken with the webspace provider but they had no answer
either.
What web server software is used for the webspace? It seems that if it is
IIS you have a few extra hoops to jump through to make things work (which
you can Google for).
G.
Seems to be Apache/1.3.33.
Ian.
On Fri, 17 Dec 2004 01:25:35 +0000, Ian wrote: On Fri, 17 Dec 2004 00:52:51 -0000, "Graham J" <ob*****@despammed.com>
wrote:
What web server software is used for the webspace? It seems that if it
is IIS you have a few extra hoops to jump through to make things work
(which you can Google for).
G.
Seems to be Apache/1.3.33.
Ian.
Which version of PHP are you running at home and which version is on the
server?
La'ie Techie
On Fri, 17 Dec 2004 00:32:35 -0700, L??ie Techie
<laie@win_remove_get_nospam_solutions.com> wrote: On Fri, 17 Dec 2004 01:25:35 +0000, Ian wrote:
On Fri, 17 Dec 2004 00:52:51 -0000, "Graham J" <ob*****@despammed.com>
wrote:
What web server software is used for the webspace? It seems that if it
is IIS you have a few extra hoops to jump through to make things work
(which you can Google for).
G.
Seems to be Apache/1.3.33.
Ian.
Which version of PHP are you running at home and which version is on the
server?
La'ie Techie
Version on the server is 4.3.9 and the version on my pc at home is
4.3.5.
Ian
> >> Seems to be Apache/1.3.33.
Ian.
Which version of PHP are you running at home and which version is on the
server?
La'ie Techie
Version on the server is 4.3.9 and the version on my pc at home is
4.3.5.
I guess the next question is whether PHP is being run as CGI or as an Apache
module. The PHP manual suggests that HTTP Authentication doesn't work in
CGI mode though some users have reported that it does.
G.
On Fri, 17 Dec 2004 13:50:48 -0000, "Graham J" <ob*****@despammed.com>
wrote: >> Seems to be Apache/1.3.33.
>>
>> Ian.
>
>Which version of PHP are you running at home and which version is on the
>server?
>
>La'ie Techie
Version on the server is 4.3.9 and the version on my pc at home is
4.3.5.
I guess the next question is whether PHP is being run as CGI or as an Apache
module. The PHP manual suggests that HTTP Authentication doesn't work in
CGI mode though some users have reported that it does.
G.
I've sent an email to the server provider asking whether their PHP is
implemented as CGI or Apache but I bet it's CGI and that's what's
causing the problem, thanks for the suggestion. I don't suppose you
know of any way round it ?
> I've sent an email to the server provider asking whether their PHP is implemented as CGI or Apache but I bet it's CGI and that's what's
causing the problem, thanks for the suggestion. I don't suppose you
know of any way round it ?
No, but then I've just been at a loose end and Googling out of curiosity!
I guess a lot depends on what you are trying to achieve. If it is just
password protection your webhost might allow the basic .htaccess method. If
you want to use MySQL for username and password lookup your webhost might
have installed mod_auth_mysql (not sure how likely this is). If you want to
do it for yourself then you have the option of writing your own
authentication system using HTML forms etc (or borrowing one that is already
written). Remember that HTTP Authentication can't really be called secure
by any means, unless on SSL connection, though if you are really just after
personalisation without high security it does the job fine.
On Fri, 17 Dec 2004 15:35:23 -0000, "Graham J" <ob*****@despammed.com>
wrote: I've sent an email to the server provider asking whether their PHP is
implemented as CGI or Apache but I bet it's CGI and that's what's
causing the problem, thanks for the suggestion. I don't suppose you
know of any way round it ?
No, but then I've just been at a loose end and Googling out of curiosity!
I guess a lot depends on what you are trying to achieve. If it is just
password protection your webhost might allow the basic .htaccess method. If
you want to use MySQL for username and password lookup your webhost might
have installed mod_auth_mysql (not sure how likely this is). If you want to
do it for yourself then you have the option of writing your own
authentication system using HTML forms etc (or borrowing one that is already
written). Remember that HTTP Authentication can't really be called secure
by any means, unless on SSL connection, though if you are really just after
personalisation without high security it does the job fine.
Have just heard back from the server people who are telling me its
Apache and not CGI ?!?? But then they also mentioned that they are
running something called PHPsuexec which I will have to look into
further and I suppose could be the source of the problem.
Basically, I've already written all the PHP and HTML routines to read
from a MySQL user details file which based on their username and
password has lots of extra information in it that determines what they
can and can't do. I guess maybe the easiest thing to do is ignore the
HTTP-Authentication routine and replace it with an HTML form. Was just
that I'd never done this via a form before as the php header routine had
always worked previously. Thanks for your comments again.
In article <dt********************************@4ax.com>,
Ian <ia*@nospam.com> writes: Have just heard back from the server people who are telling me its
Apache and not CGI ?!?? But then they also mentioned that they are
running something called PHPsuexec which I will have to look into
further and I suppose could be the source of the problem.
You asked the wrong question. PHPsuexec is neither of the two
choices you offered them, but it's much closer to CGI. If you want
to do authentication, you'll have to treat it as CGI and use
CGI-based methods.
from a MySQL user details file which based on their username and
password has lots of extra information in it that determines what they
can and can't do.
Well that's trivial - all you need is the authenticated user name.
--
Nick Kew
On Fri, 17 Dec 2004 17:46:53 +0000, ni**@hugin.webthing.com (Nick Kew)
wrote: In article <dt********************************@4ax.com>,
Ian <ia*@nospam.com> writes:
Have just heard back from the server people who are telling me its
Apache and not CGI ?!?? But then they also mentioned that they are
running something called PHPsuexec which I will have to look into
further and I suppose could be the source of the problem.
You asked the wrong question. PHPsuexec is neither of the two
choices you offered them, but it's much closer to CGI. If you want
to do authentication, you'll have to treat it as CGI and use
CGI-based methods.
Such as ?
On Fri, 17 Dec 2004 17:46:53 +0000, ni**@hugin.webthing.com (Nick Kew)
wrote: In article <dt********************************@4ax.com>,
Ian <ia*@nospam.com> writes:
Have just heard back from the server people who are telling me its
Apache and not CGI ?!?? But then they also mentioned that they are
running something called PHPsuexec which I will have to look into
further and I suppose could be the source of the problem.
You asked the wrong question. PHPsuexec is neither of the two
choices you offered them, but it's much closer to CGI. If you want
to do authentication, you'll have to treat it as CGI and use
CGI-based methods.
No, I asked the right question which was can you tell me any reason why
HTTP-Authentication is not working on your server when I call it using
the following PHP script ....... THEN I asked them if they were using
PHP as cgi as I'd heard that can cause a problem. After telling me they
know very little about PHP I was subsequently asked if it might have
something to do with them using PHPsuexec.
Ian wrote: I have been writing a system using PHP and MySQL and had it running
for testing purposes on my own pc which is running Abyss web server
software.
This is off-topic for an html www authoring group; you'll likely get a
more useful discussion in a better-suited group.
Access to some of the website functionality is protected using the
following kind of call:
<?php if (!isset($_SERVER['PHP_AUTH_USER'])) {
Why are you using PHP to handle auth when auth stuff is built into Apache?
--
Brian (remove "invalid" to email me) This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Raphael Gluck |
last post by:
Hi Everyone
I am having some problems with a master detail page i have set up to
catalogue brochures from my site.
On my master page www.tripakltd.com/brochures.asp users are invited to
select...
|
by: Lauren Quantrell |
last post by:
I have a stored procedure using Convert where the exact same Convert
string works in the SELECT portion of the procedure but fails in the
WHERE portion.
The entire SP is listed below....
|
by: cody |
last post by:
I have to write an algorithm with must ensure that objects are put in
buckets (which are always 4 in size).
The objects have two properties: A and B. It is not allowed that in a bucket
are objects...
|
by: Paul |
last post by:
Hi all, at present I I've built a website which can be updated by admin and
users.
My problem, I've combined "log in" and "access levels" to restrict access to
certain pages, using the built...
|
by: Ted |
last post by:
Hello all,
Please could somebody with a little time on their
hands help me with my net sockets program?
The aim is to send multiple transactions via C#
network stream and read them back. The...
|
by: Don Munroe |
last post by:
This one has me stumped. I have three web applications running on two
different servers. The first that works fine is hosted by a .Net hosting
company. Everyone that uses it has no problems...
|
by: Charl |
last post by:
Hello,
I’ve got a very strange but big deployment problem.
I’ve written an asp.net application with an usercontrol on a webform. The
usercontrol reads all picture names out of a mssql...
|
by: manas312 |
last post by:
Hey guys....
I'm facing an interesting problem ....and need some solution.....
The problem goes like this.
You r having one site like www.abc.com (for example). The website contains only...
|
by: manas312 |
last post by:
Hey guys....
I'm facing an interesting problem ....and need some solution.....
The problem goes like this.
You r having one site like www.abc.com (for example). The website contains only...
|
by: webandwe |
last post by:
Hi, I got form that let you state a folder name, on sumbit thw script creates the folder with the name you stated, the problem is I want it to upload the php file "view.php" when the folder is...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |
