(newbie)
I have taken some code directly out of a book:
<?php
// if we are using IIS, we need to set $PHP_AUTH_USER and $PHP_AUTH_PW
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft' &&
!isset($PHP_AUT H_USER) &&
!isset($PHP_AUT H_PW) &&
substr($HTTP_AU THORIZATION, 0, 6) == 'Basic '
)
{
list($PHP_AUTH_ USER, $PHP_AUTH_PW) =
explode(':', base64_decode(s ubstr($HTTP_AUT HORIZATION, 6)));
}
// Replace this if statement with a database query or similar
if ($PHP_AUTH_USER != 'user' || $PHP_AUTH_PW != 'pass')
{
// visitor has not yet given details, or their
// name and password combination are not correct
header('WWW-Authenticate: Basic realm="WhosOnCa m Moderators"');
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft')
header('Status: 401 Unauthorized');
else
header('HTTP/1.0 401 Unauthorized');
echo '<h1>Go Away!</h1>';
echo 'You are not authorized to view this resource.';
echo "User: $PHP_AUTH_USER Password: $PHP_AUTH_PW <BR />";
echo "Header: $HTTP_AUTHORIZA TION";
}
etc.
I am getting the login window, and am entering the user/pass combination.
The code is sending me to the '401' clause and telling me all three
variables are blank.
Any help appreciated.
BT3
5  10895 
BT3 wrote: I am getting the login window, and am entering the user/pass
combination. The code is sending me to the '401' clause and telling
me all three variables are blank.
Probably from an old book, try prepending the following code:
$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];
JW
hmmm, I tried to add it to the beginning, then tried to replace the 'list'
function with the code. Exactly same results. Book was released first in
Oct 2004, "PHP and MySQL Web Development". Here is the new code: (and
pre-thanks again)
<?php
// if we are using IIS, we need to set $PHP_AUTH_USER and $PHP_AUTH_PW
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft' &&
!isset($PHP_AUT H_USER) &&
!isset($PHP_AUT H_PW) &&
substr($HTTP_AU THORIZATION, 0, 6) == 'Basic '
)
{
$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];
// list($PHP_AUTH_ USER, $PHP_AUTH_PW) =
explode(':', base64_decode(s ubstr($HTTP_AUT HORIZATION, 6)));
}
// Replace this if statement with a database query or similar
if ($PHP_AUTH_USER != 'user' || $PHP_AUTH_PW != 'pass')
{
// visitor has not yet given details, or their
// name and password combination are not correct
header('WWW-Authenticate: Basic realm="WhosOnCa m Moderators"');
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft')
header('Status: 401 Unauthorized');
else
header('HTTP/1.0 401 Unauthorized');
echo '<h1>Go Away!</h1>';
echo 'You are not authorized to view this resource.';
echo "User: $PHP_AUTH_USER Password: $PHP_AUTH_PW <BR />";
echo "Header: $HTTP_AUTHORIZA TION";
}
else
{
"Janwillem Borleffs" <jw@jwscripts.c om> wrote in message
news:42******** *************** @news.euronet.n l... BT3 wrote: I am getting the login window, and am entering the user/pass
combination. The code is sending me to the '401' clause and telling
me all three variables are blank.
Probably from an old book, try prepending the following code:
$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];
JW
BT3 wrote: hmmm, I tried to add it to the beginning, then tried to replace the
'list' function with the code. Exactly same results. Book was
released first in Oct 2004, "PHP and MySQL Web Development". Here is
the new code: (and pre-thanks again)
Then we are dealing with a lazy author here ;-)
Try the following:
$SERVER_SOFTWAR E = $_SERVER['SERVER_SOFTWAR E'];
$HTTP_AUTHORIZA TION = $_SERVER['HTTP_AUTHORIZA TION'];
$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];
// if we are using IIS, we need to set $PHP_AUTH_USER and $PHP_AUTH_PW
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft' &&
!isset($PHP_AUT H_USER) &&
!isset($PHP_AUT H_PW) &&
substr($HTTP_AU THORIZATION, 0, 6) == 'Basic '
)
{
list($PHP_AUTH_ USER, $PHP_AUTH_PW) =
explode(':', base64_decode(s ubstr($HTTP_AUT HORIZATION, 6)));
}
The thing is, that the code relies on register_global s being enabled, while
they are disabled in PHP 4.3 by default.
JW
I should have caught that since I HAVE read the book, BUT alas it doesn;t
work
I echo'ed all the variables and discovered something:
-----
You are not authorized to view this resource.
User:
Password:
Header:
Software: Rapidsite/Apa/1.3.31 (Unix) FrontPage/5.0.2.2510 mod_ssl/2.8.17
OpenSSL/0.9.7c
-----
Due to the 'SERVER_SOFTWAR E', it doesn't look like HTTP_AUTHORIZAT ION will
return anything no matter what I do. Guess I'll just have to write actual
login pages. I code for almost everything under the sun and this initially
looked like a simple syntax or logic problem. However, I'm crunching on PHP
right now. If I'm correct about the environment (SERVER_SOFTWAR E), then I'm
sorry to have wasted your time and thanks so much for your help.
Gonna have to revisit the book, because I don't remember anything about the
equivalent of ASP 'Session' variables to pass "LoggedIn" information between
pages. IF you could steer me in the right direction, I'll be out of your
hair, at least for awhile. :)
Bt3of4
"Janwillem Borleffs" <jw@jwscripts.c om> wrote in message
news:42******** *************** @news.euronet.n l... BT3 wrote: hmmm, I tried to add it to the beginning, then tried to replace the
'list' function with the code. Exactly same results. Book was
released first in Oct 2004, "PHP and MySQL Web Development". Here is
the new code: (and pre-thanks again)
Then we are dealing with a lazy author here ;-)
Try the following:
$SERVER_SOFTWAR E = $_SERVER['SERVER_SOFTWAR E'];
$HTTP_AUTHORIZA TION = $_SERVER['HTTP_AUTHORIZA TION'];
$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];
// if we are using IIS, we need to set $PHP_AUTH_USER and $PHP_AUTH_PW
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft' &&
!isset($PHP_AUT H_USER) &&
!isset($PHP_AUT H_PW) &&
substr($HTTP_AU THORIZATION, 0, 6) == 'Basic '
)
{
list($PHP_AUTH_ USER, $PHP_AUTH_PW) =
explode(':', base64_decode(s ubstr($HTTP_AUT HORIZATION, 6)));
}
The thing is, that the code relies on register_global s being enabled,
while they are disabled in PHP 4.3 by default.
JW
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Acteon |
last post by:
Hello,
I've installed php4.3.2 on my Redhat 8.0 box along with Apache2.046.
I'm trying to teach myself some php using Larry Ullman's book "PHP for
the World Wide Web".
There's one example I typed just as it appears in the book but it
dosen't work. I was wondering if there was some setting that needs to
be set in the php config for it to work.
|
by: Andrew Brett |
last post by:
I'm trying to get PHP authentication (using the headers to request
authentication, and then checking $_SERVER and
$_SERVER) - however, no matter what I do, I can't seem to get
it to work. The login request box pops up fine, but when I enter the correct
details, it just pops back up again, and then again, before finally dumping
me at the authentication failed page. I've tried looking at phpinfo(), and
PHP_AUTH_USER and PHP_AUTH_PASSWD are...
|
by: Timo Steinbach |
last post by:
Hi,
I use basic authentication in Apache. I like to use the global variable
$_SERVER. Unfortunately this variable is empty/no
availabe. Same with PHP_AUTH_PW. AUTH_TYPE is working and states
"Basic". Can somebody help me with this?
Thanks
Timo
|
by: Muffinman |
last post by:
Hi,
I got a web site which kinda relies on the $_SERVER
var. Now I got a free account at Lycos and apparently they do not have
Apache or do not have it running as a module since this var is empty.
All I want is to be able to see which user has logged in through the
..htaccess dialog. Is there any other way to find this out, even on other
web servers?
Thanks in advance, Maarten
|
by: jerrygarciuh |
last post by:
Hello,
I am finding that on a new server where I am developing
$_SERVER and
$_SERVER
Do not show up in $_SERVER when I when they should be defined I test
using
print_r($_SERVER) or this
| | |
by: Bernard Higonnet |
last post by:
I'm running Apache/2.0.52 (Unix) mod_perl/1.99_16 Perl/v5.8.5 PHP/5.0.1
under FreeBSD 4.11-RELEASE #0.
I suddenly (sic) no longer have PHP_AUTH_USER, PHP_AUTH_PW, and AUTH_TYPE or
REMOTE_USER or any such variables. They do not show up in phpinfo() nor do
they work as expected programmatically.
I used to have them a few weeks ago.
I have not changed any of versionned packages shown above in months.
|
by: rbragg |
last post by:
In my db, I have the fields user and pass with one record.
With the following code, I get a continuous dialog box display. If I put in a bogus user/pass OR the correct user or pass, the dialog box pops up again.
<?php
//assume user is not authenticated
$auth = false;
$user = $_SERVER;
|
by: gsherp |
last post by:
How do I unset PHP_AUTH_USER and PHP_AUTH_PW?
I am trying to create a logout script and I am encountering a problem where when go to relogin, I am already logged in.
In my logout script, I started a session, unset(session), and then destroy_session(). But, everytime I go back to the login link, It does not give me the window popup for the login information.
Only when I close the brower and then try logging in does the popup window...
|
by: TisMe |
last post by:
Hi All,
I am trying to get the value of a specific node in an XML file. My
code is below, I have added comments pointing out where I believe the
problem to be, specifically on this line:
$coordinates = $xml->Response->Placemark->Point->coordinates;
Which, for some reason is empty. I am running PHP4, is this possible
in 4? You will notice I have replaced one of the lines which only
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
