hi,
I am concerned about the following statement in php doc on
----- sschippp -----
As of PHP 4.3.0, in order to prevent someone from writing a script
which reveals the password for a page that was authenticated through a
traditional external mechanism, the PHP_AUTH variables will not be set
if external authentication is enabled for that particular page and safe
mode is enabled. Regardless, REMOTE_USER can be used to identify the
externally-authenticated user. So, you can use $_SERVER['REMOTE_USER'].
Configuration Note: PHP uses the presence of an AuthType directive
to determine whether external authentication is in effect.
----- sschnapp ------
I have to use safemode on, and I want to secure a set of pages (i.e.
single files, not a whole dir) with simple "basic" authentication
through a webbrowser.
Questions:
1.So what is in detail an "external authentication" - is it a
authentication through my browser or something else?!
2. If I understood it correct, above php 4.3 and safemode on
PHP_AUTH_USER and PHP_AUTH_PW will not be available - so how to check
for the right password within my script?! I am still using 4.3.1, so far
my script works, but under 4.3?!
thanks cal
I am concerned about the following statement in php doc on
----- sschippp -----
As of PHP 4.3.0, in order to prevent someone from writing a script
which reveals the password for a page that was authenticated through a
traditional external mechanism, the PHP_AUTH variables will not be set
if external authentication is enabled for that particular page and safe
mode is enabled. Regardless, REMOTE_USER can be used to identify the
externally-authenticated user. So, you can use $_SERVER['REMOTE_USER'].
Configuration Note: PHP uses the presence of an AuthType directive
to determine whether external authentication is in effect.
----- sschnapp ------
I have to use safemode on, and I want to secure a set of pages (i.e.
single files, not a whole dir) with simple "basic" authentication
through a webbrowser.
Questions:
1.So what is in detail an "external authentication" - is it a
authentication through my browser or something else?!
2. If I understood it correct, above php 4.3 and safemode on
PHP_AUTH_USER and PHP_AUTH_PW will not be available - so how to check
for the right password within my script?! I am still using 4.3.1, so far
my script works, but under 4.3?!
thanks cal