By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
431,650 Members | 753 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 431,650 IT Pros & Developers. It's quick & easy.

header()

P: n/a
hi,

why don't work this script?

<?php

if(!isset($PHP_AUTH_USER)) {
header ('WWW-authenticate: basic realm="Area Privata"');
header ("Status: 401 Unauthorized");
echo "Non sei autorizzato";
exit;
}
else {
echo "La Tua Password: ".$PHP_AUTH_PW."<br />";
echo "Il Tuo Username: ".$PHP_AUTH_USER."<br />";
}
?>

....if i put username and password the script
always open the authenticate window!

is the problem in my php.ini or/and htppd.conf ?

thank you,
Simone
Jul 17 '05 #1
Share this Question
Share on Google+
12 Replies


P: n/a
Simone wrote:
hi,

why don't work this script?

<?php
error_reporting(E_ALL);
if(!isset($PHP_AUTH_USER)) {

[...]

try that :)

then read about how PHP deals with variables from outside

http://www.php.net/manual/en/languag...s.external.php

paying particular attention to the "register_globals" references.
Happy Coding :-)

--
I have a spam filter working.
To mail me include "urkxvq" (with or without the quotes)
in the subject line, or your mail will be ruthlessly discarded.
Jul 17 '05 #2

P: n/a
> error_reporting(E_ALL);

in my php.inin this directive is just on E_ALL...
paying particular attention to the "register_globals" references.


and this is often sett on off...

infact in my script if(!isset($PHP_AUTH_USER)) is written
if(!isset($_REQUEST['PHP_AUTH_USER'])) {...

the problem is not here, because my script don't generate error!
Simone
Jul 17 '05 #3

P: n/a
Simone <si*****************@libero.it> wrote:
error_reporting(E_ALL);


in my php.inin this directive is just on E_ALL...
paying particular attention to the "register_globals" references.


and this is often sett on off...

infact in my script if(!isset($PHP_AUTH_USER)) is written
if(!isset($_REQUEST['PHP_AUTH_USER'])) {...

the problem is not here, because my script don't generate error!


Why didn't you post the correct code in the first place?
And the problem *is* in fact there - check the manual:

http://uk.php.net/manual/en/features.http-auth.php

Not all mistakes generate an error.

JOn
Jul 17 '05 #4

P: n/a
> hi,

why don't work this script?

is the problem in my php.ini or/and htppd.conf ?

If you have set in httpd.conf or .htaccess that the apache is supposed to
ask for passwrod for that directory, then $_SERVER['PHP_AUTH_USER'] will be
empty, but $_SERVER['REMOTE_USER'] will contain info you are looking for.

rush
--
http://www.templatetamer.com/

Jul 17 '05 #5

P: n/a
this is my code:

<?php

if (!isset($_SERVER['PHP_AUTH_USER'])) {
header ('WWW-authenticate: basic realm="Area Privata"');
header ("Status: 401 Unauthorized");
echo "Non sei autorizzato";
exit;
}
else {
echo "Your Password: ".$_SERVER['PHP_AUTH_USER'] ."<br />";
}
?>

why doesn't show "Your Password..."?
where's my programming error?
Simone
Jul 17 '05 #6

P: n/a
this is my code:

<?php

if (!isset($_SERVER['PHP_AUTH_USER'])) {
header ('WWW-authenticate: basic realm="Area Privata"');
header ("Status: 401 Unauthorized");
echo "Non sei autorizzato";
exit;
}
else {
echo "Your Password: ".$_SERVER['PHP_AUTH_USER'] ."<br />";
}
?>

why doesn't show me "Your Password..."?
where's my programming error?
also if i use $_SERVEF['REMOTE_USER'] it's the same!
Simone
Jul 17 '05 #7

P: n/a
Simone wrote:
this is my code: <snip contents="php code"/> why doesn't show me "Your Password..."?
where's my programming error?
also if i use $_SERVEF['REMOTE_USER'] it's the same!


I created an .htaccess file in a new directory
I created an .htpasswd file in that directory using htpasswd
I changed httpd.conf to include
AllowOverride AuthConfig
for this specific directory
I copied your code to a file here
tested it and it worked ok!

Probably this isn't a PHP issue ... I think it's a web server
configuration thing

PS: the .htaccess file I created

AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /var/www/normal/secure/.htpasswd
Require valid-user

--
I have a spam filter working.
To mail me include "urkxvq" (with or without the quotes)
in the subject line, or your mail will be ruthlessly discarded.
Jul 17 '05 #8

P: n/a
"Simone" <si*****************@libero.it> schrieb:
this is my code:

<?php

if (!isset($_SERVER['PHP_AUTH_USER'])) {
header ('WWW-authenticate: basic realm="Area Privata"');
header ("Status: 401 Unauthorized");
echo "Non sei autorizzato";
exit;
}
else {
echo "Your Password: ".$_SERVER['PHP_AUTH_USER'] ."<br />";
}
?>

why doesn't show "Your Password..."?
where's my programming error?


Maybe nowhere. Is PHP running as a module or as a CGI program?

Regards,
Matthias
Jul 17 '05 #9

P: n/a
CGI program,
(but don't work on IIS 5 too!)

why?

(i'm beginnig ti study Professional Apache 2.0 - Peter Wainwright - Wrox,
is it good?)

Simone

Jul 17 '05 #10

P: n/a
[Quoting added]

"Simone" <si*****************@libero.it> wrote:
Is PHP running as a module or as a CGI program?


CGI program,
(but don't work on IIS 5 too!)

why?


Have a look at the first sentence in the PHP documentation at
http://www.php.net/features.http-auth:

| "The HTTP Authentication hooks in PHP are only available when it is
| running as an Apache module and is hence not available in the CGI
| version."

I think you'll have to use an other kind of authentication.

Regards,
Matthias
Jul 17 '05 #11

P: n/a
Simone <si*****************@libero.it> wrote:
CGI program,
(but don't work on IIS 5 too!)


From the manual:

<quote>
Also note that until PHP 4.3.3, HTTP Authentication did not work using
Microsoft's IIS server with the CGI version of PHP due to a limitation of
IIS. In order to get it to work in PHP 4.3.3+, you must edit your IIS
configuration "Directory Security". Click on "Edit" and only check
"Anonymous Access", all other fields should be left unchecked.

Another limitation is if you're using the IIS module (ISAPI), you may not
use the PHP_AUTH_* variables but instead, the variable HTTP_AUTHORIZATION
is available. For example, consider the following code: list($user, $pw) =
explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

IIS Note:: For HTTP Authentication to work with IIS, the PHP directive
cgi.rfc2616_headers must be set to 0 (the default value).
</quote>

JOn
Jul 17 '05 #12

P: n/a
thank you
Jul 17 '05 #13

This discussion thread is closed

Replies have been disabled for this discussion.