PHP4.3 - PHP_AUTH_USER and PHP_AUTH_PW are empty

Re: PHP4.3 - PHP_AUTH_USER and PHP_AUTH_PW are empty

BT3 wrote:[color=blue]
> I am getting the login window, and am entering the user/pass
> combination. The code is sending me to the '401' clause and telling
> me all three variables are blank.
>[/color]

Probably from an old book, try prepending the following code:

$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];


JW

Re: PHP4.3 - PHP_AUTH_USER and PHP_AUTH_PW are empty

hmmm, I tried to add it to the beginning, then tried to replace the 'list'
function with the code. Exactly same results. Book was released first in
Oct 2004, "PHP and MySQL Web Development". Here is the new code: (and
pre-thanks again)

<?php

// if we are using IIS, we need to set $PHP_AUTH_USER and $PHP_AUTH_PW
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft' &&
!isset($PHP_AUT H_USER) &&
!isset($PHP_AUT H_PW) &&
substr($HTTP_AU THORIZATION, 0, 6) == 'Basic '
)
{
$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];

// list($PHP_AUTH_ USER, $PHP_AUTH_PW) =
explode(':', base64_decode(s ubstr($HTTP_AUT HORIZATION, 6)));

}

// Replace this if statement with a database query or similar
if ($PHP_AUTH_USER != 'user' || $PHP_AUTH_PW != 'pass')
{
// visitor has not yet given details, or their
// name and password combination are not correct

header('WWW-Authenticate: Basic realm="WhosOnCa m Moderators"');
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft')
header('Status: 401 Unauthorized');
else
header('HTTP/1.0 401 Unauthorized');

echo '<h1>Go Away!</h1>';
echo 'You are not authorized to view this resource.';
echo "User: $PHP_AUTH_USER Password: $PHP_AUTH_PW <BR />";
echo "Header: $HTTP_AUTHORIZA TION";
}
else
{
"Janwillem Borleffs" <jw@jwscripts.c om> wrote in message
news:427cdffb$0 $17971$dbd41001 @news.euronet.n l...[color=blue]
> BT3 wrote:[color=green]
> > I am getting the login window, and am entering the user/pass
> > combination. The code is sending me to the '401' clause and telling
> > me all three variables are blank.
> >[/color]
>
> Probably from an old book, try prepending the following code:
>
> $PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
> $PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];
>
>
> JW
>
>
>[/color]

Re: PHP4.3 - PHP_AUTH_USER and PHP_AUTH_PW are empty

BT3 wrote:[color=blue]
> hmmm, I tried to add it to the beginning, then tried to replace the
> 'list' function with the code. Exactly same results. Book was
> released first in Oct 2004, "PHP and MySQL Web Development". Here is
> the new code: (and pre-thanks again)
>[/color]

Then we are dealing with a lazy author here ;-)

Try the following:

$SERVER_SOFTWAR E = $_SERVER['SERVER_SOFTWAR E'];
$HTTP_AUTHORIZA TION = $_SERVER['HTTP_AUTHORIZA TION'];
$PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
$PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];

// if we are using IIS, we need to set $PHP_AUTH_USER and $PHP_AUTH_PW
if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft' &&
!isset($PHP_AUT H_USER) &&
!isset($PHP_AUT H_PW) &&
substr($HTTP_AU THORIZATION, 0, 6) == 'Basic '
)
{
list($PHP_AUTH_ USER, $PHP_AUTH_PW) =
explode(':', base64_decode(s ubstr($HTTP_AUT HORIZATION, 6)));

}

The thing is, that the code relies on register_global s being enabled, while
they are disabled in PHP 4.3 by default.


JW

Re: PHP4.3 - PHP_AUTH_USER and PHP_AUTH_PW are empty

I should have caught that since I HAVE read the book, BUT alas it doesn;t
work
I echo'ed all the variables and discovered something:
-----
You are not authorized to view this resource.
User:
Password:
Header:
Software: Rapidsite/Apa/1.3.31 (Unix) FrontPage/5.0.2.2510 mod_ssl/2.8.17
OpenSSL/0.9.7c
-----
Due to the 'SERVER_SOFTWAR E', it doesn't look like HTTP_AUTHORIZAT ION will
return anything no matter what I do. Guess I'll just have to write actual
login pages. I code for almost everything under the sun and this initially
looked like a simple syntax or logic problem. However, I'm crunching on PHP
right now. If I'm correct about the environment (SERVER_SOFTWAR E), then I'm
sorry to have wasted your time and thanks so much for your help.

Gonna have to revisit the book, because I don't remember anything about the
equivalent of ASP 'Session' variables to pass "LoggedIn" information between
pages. IF you could steer me in the right direction, I'll be out of your
hair, at least for awhile. :)

Bt3of4

"Janwillem Borleffs" <jw@jwscripts.c om> wrote in message
news:427ce4e3$0 $84740$dbd49001 @news.euronet.n l...[color=blue]
> BT3 wrote:[color=green]
> > hmmm, I tried to add it to the beginning, then tried to replace the
> > 'list' function with the code. Exactly same results. Book was
> > released first in Oct 2004, "PHP and MySQL Web Development". Here is
> > the new code: (and pre-thanks again)
> >[/color]
>
> Then we are dealing with a lazy author here ;-)
>
> Try the following:
>
> $SERVER_SOFTWAR E = $_SERVER['SERVER_SOFTWAR E'];
> $HTTP_AUTHORIZA TION = $_SERVER['HTTP_AUTHORIZA TION'];
> $PHP_AUTH_USER = @$_SERVER['PHP_AUTH_USER'];
> $PHP_AUTH_PW = @$_SERVER['PHP_AUTH_PW'];
>
> // if we are using IIS, we need to set $PHP_AUTH_USER and $PHP_AUTH_PW
> if (substr($SERVER _SOFTWARE, 0, 9) == 'Microsoft' &&
> !isset($PHP_AUT H_USER) &&
> !isset($PHP_AUT H_PW) &&
> substr($HTTP_AU THORIZATION, 0, 6) == 'Basic '
> )
> {
> list($PHP_AUTH_ USER, $PHP_AUTH_PW) =
> explode(':', base64_decode(s ubstr($HTTP_AUT HORIZATION, 6)));
>
> }
>
> The thing is, that the code relies on register_global s being enabled,[/color]
while[color=blue]
> they are disabled in PHP 4.3 by default.
>
>
> JW
>
>
>[/color]

Re: PHP4.3 - PHP_AUTH_USER and PHP_AUTH_PW are empty

BT3 wrote:[color=blue]
> Gonna have to revisit the book, because I don't remember anything
> about the equivalent of ASP 'Session' variables to pass "LoggedIn"
> information between pages. IF you could steer me in the right
> direction, I'll be out of your hair, at least for awhile. :)
>[/color]




JW