header()

**Pedro** · Jul 17 '05, 12:40 AM

Re: header()

Simone wrote:[color=blue]
> hi,
>
> why don't work this script?
>
><?php[/color]

error_reporting (E_ALL);
[color=blue]
> if(!isset($PHP_ AUTH_USER)) {[/color]
[...]

try that :)

then read about how PHP deals with variables from outside

PHP: Variables From External Sources - Manual

http://www.php.net/manual/en/language.variables.external.php

Variables From External Sources

paying particular attention to the "register_globa ls" references.

Happy Coding :-)

--
I have a spam filter working.
To mail me include "urkxvq" (with or without the quotes)
in the subject line, or your mail will be ruthlessly discarded.

**Simone** · Jul 17 '05, 12:40 AM

Re: header()

> error_reporting (E_ALL);

in my php.inin this directive is just on E_ALL...
[color=blue]
> paying particular attention to the "register_globa ls" references.[/color]

and this is often sett on off...

infact in my script if(!isset($PHP_ AUTH_USER)) is written
if(!isset($_REQ UEST['PHP_AUTH_USER'])) {...

the problem is not here, because my script don't generate error!

Simone

**Jon Kraft** · Jul 17 '05, 12:40 AM

Re: header()

Simone <simoneNOSPAMva lenti@libero.it > wrote:
[color=blue][color=green]
>> error_reporting (E_ALL);[/color]
>
> in my php.inin this directive is just on E_ALL...
>[color=green]
>> paying particular attention to the "register_globa ls" references.[/color]
>
> and this is often sett on off...
>
> infact in my script if(!isset($PHP_ AUTH_USER)) is written
> if(!isset($_REQ UEST['PHP_AUTH_USER'])) {...
>
> the problem is not here, because my script don't generate error![/color]

Why didn't you post the correct code in the first place?
And the problem *is* in fact there - check the manual:

PHP: HTTP authentication with PHP - Manual

http://uk.php.net/manual/en/features.http-auth.php

HTTP authentication with PHP

Not all mistakes generate an error.

JOn

**rush** · Jul 17 '05, 12:40 AM

Re: header()

> hi,[color=blue]
>
> why don't work this script?
>
> is the problem in my php.ini or/and htppd.conf ?[/color]

If you have set in httpd.conf or .htaccess that the apache is supposed to
ask for passwrod for that directory, then $_SERVER['PHP_AUTH_USER'] will be
empty, but $_SERVER['REMOTE_USER'] will contain info you are looking for.

rush
--

HugeDomains.com

http://www.templatetamer.com/

**Simone** · Jul 17 '05, 12:40 AM

Re: header()

this is my code:

<?php

if (!isset($_SERVE R['PHP_AUTH_USER'])) {
header ('WWW-authenticate: basic realm="Area Privata"');
header ("Status: 401 Unauthorized");
echo "Non sei autorizzato";
exit;
}
else {
echo "Your Password: ".$_SERVER['PHP_AUTH_USER'] ."<br />";
}
?>

why doesn't show "Your Password..."?
where's my programming error?

Simone

**Simone** · Jul 17 '05, 12:40 AM

Re: header()

this is my code:

<?php

if (!isset($_SERVE R['PHP_AUTH_USER'])) {
header ('WWW-authenticate: basic realm="Area Privata"');
header ("Status: 401 Unauthorized");
echo "Non sei autorizzato";
exit;
}
else {
echo "Your Password: ".$_SERVER['PHP_AUTH_USER'] ."<br />";
}
?>

why doesn't show me "Your Password..."?
where's my programming error?
also if i use $_SERVEF['REMOTE_USER'] it's the same!

Simone

**Pedro** · Jul 17 '05, 12:41 AM

Re: header()

Simone wrote:[color=blue]
> this is my code:[/color]
<snip contents="php code"/>[color=blue]
> why doesn't show me "Your Password..."?
> where's my programming error?
> also if i use $_SERVEF['REMOTE_USER'] it's the same![/color]

I created an .htaccess file in a new directory
I created an .htpasswd file in that directory using htpasswd
I changed httpd.conf to include
AllowOverride AuthConfig
for this specific directory
I copied your code to a file here
tested it and it worked ok!

Probably this isn't a PHP issue ... I think it's a web server
configuration thing

PS: the .htaccess file I created

AuthType Basic
AuthName "By Invitation Only"
AuthUserFile /var/www/normal/secure/.htpasswd
Require valid-user

--
I have a spam filter working.
To mail me include "urkxvq" (with or without the quotes)
in the subject line, or your mail will be ruthlessly discarded.

**Matthias Esken** · Jul 17 '05, 12:41 AM

Re: header()

"Simone" <simoneNOSPAMva lenti@libero.it > schrieb:
[color=blue]
> this is my code:
>
> <?php
>
> if (!isset($_SERVE R['PHP_AUTH_USER'])) {
> header ('WWW-authenticate: basic realm="Area Privata"');
> header ("Status: 401 Unauthorized");
> echo "Non sei autorizzato";
> exit;
> }
> else {
> echo "Your Password: ".$_SERVER['PHP_AUTH_USER'] ."<br />";
> }
> ?>
>
> why doesn't show "Your Password..."?
> where's my programming error?[/color]

Maybe nowhere. Is PHP running as a module or as a CGI program?

Regards,
Matthias

**Simone** · Jul 17 '05, 12:41 AM

Re: header()

CGI program,
(but don't work on IIS 5 too!)

why?

(i'm beginnig ti study Professional Apache 2.0 - Peter Wainwright - Wrox,
is it good?)

Simone

**Matthias Esken** · Jul 17 '05, 12:41 AM

Re: header()

[Quoting added]

"Simone" <simoneNOSPAMva lenti@libero.it > wrote:
[color=blue][color=green]
>> Is PHP running as a module or as a CGI program?[/color]
>
> CGI program,
> (but don't work on IIS 5 too!)
>
> why?[/color]

Have a look at the first sentence in the PHP documentation at

PHP: Manual Quick Reference

http://www.php.net/features.http-auth:

PHP is a popular general-purpose scripting language that powers everything from your blog to the most popular websites in the world.

| "The HTTP Authentication hooks in PHP are only available when it is
| running as an Apache module and is hence not available in the CGI
| version."

I think you'll have to use an other kind of authentication.

Regards,
Matthias

**Jon Kraft** · Jul 17 '05, 12:41 AM

Re: header()

Simone <simoneNOSPAMva lenti@libero.it > wrote:
[color=blue]
> CGI program,
> (but don't work on IIS 5 too!)[/color]

From the manual:

<quote>
Also note that until PHP 4.3.3, HTTP Authentication did not work using
Microsoft's IIS server with the CGI version of PHP due to a limitation of
IIS. In order to get it to work in PHP 4.3.3+, you must edit your IIS
configuration "Directory Security". Click on "Edit" and only check
"Anonymous Access", all other fields should be left unchecked.

Another limitation is if you're using the IIS module (ISAPI), you may not
use the PHP_AUTH_* variables but instead, the variable HTTP_AUTHORIZAT ION
is available. For example, consider the following code: list($user, $pw) =
explode(':', base64_decode(s ubstr($_SERVER['HTTP_AUTHORIZA TION'], 6)));

IIS Note:: For HTTP Authentication to work with IIS, the PHP directive
cgi.rfc2616_hea ders must be set to 0 (the default value).
</quote>

JOn

**Simone** · Jul 17 '05, 12:41 AM

Re: header()

thank you

header()

header()

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment