After users login using basic authentication the username would be echo'ed but PHP variables $PHP_AUTH_USER and $PHP_AUTH_PW
stopped working.
I also tried $_SERVER['PHP_AUTH_USER'] as used in the PHP online documentation but it didn't work.
code:
<?
echo $PHP_AUTH_USER ." and ". $PHP_AUTH_PW
?>
returns:
and Please advise.
Thanks,
Alex
got the same pb...
auth_user doesn't exist anymore with php 4.2 4.3..I'm alos fucked to get the user loggued in a member area...if somebody go the solution...
PHP_AUTH_USER still exists.
Access using $_SERVER['PHP_AUTH_USER']
Originally posted by laserlight
PHP_AUTH_USER still exists.
Access using $_SERVER['PHP_AUTH_USER']
nope man..in php 4.2.X dont remember whic X exactly, in cgi mode auth_user even with $_server has been removed...tested on unix and windows;..If you still got it on php 4.3.3 tell me how you have done !!
ah yes, in cgi mode.
but there was no mention of cgi anywhere, so I presumed that you were running PHP the usual way.
cgi mode on unix is the only secure way to run php ( 95% pro hosters config)....whatever on windows with the default config of php 4.2.x and above...there is no more auth_user..it is also writen in the docs.
which php version do your run ?
hmm... I've only installed PHP once in my life, and that's on win98.
Had the impression that the cgi way was the sub-optimal way of doing it, though.
Originally posted by laserlight
hmm... I've only installed PHP once in my life, and that's on win98.
Had the impression that the cgi way was the sub-optimal way of doing it, though.
what is exaclty our config on with aut_user works ?
I'm not using my local PHP install, but a webhost's install.
On PHP 4.2.2 running as an apache module PHP_AUTH_USER works.
Originally posted by laserlight
I'm not using my local PHP install, but a webhost's install.
On PHP 4.2.2 running as an apache module PHP_AUTH_USER works.
whar is a webhosts install ? I think aut_user has been removed on 4.3.0 version..
I think it's not that PHP_AUTH_USER has been removed in PHP4.3.x, it's that you are not running PHP as an apache module.
My webhost's install meaning the version of PHP that my webhost has, not the one on my local comp.
http://ro.php.net/manual/en/reserved.variables.php
you are right..it still exists when php runs as a module..but in cgi mode...it's fucked...as most of hosters uses cgi mode...don't know how to deal with that pb
I very much doubt that "most hosters" use PHP in CGI mode. Maybe if they are hosting on Windows servers. I've had 4 different hosts in the last year, including some of the biggest names like NTT Verio and OLM.net, and they all run PHP in apache module mode.
Originally posted by Chimera
I very much doubt that "most hosters" use PHP in CGI mode. Maybe if they are hosting on Windows servers. I've had 4 different hosts in the last year, including some of the biggest names like NTT Verio and OLM.net, and they all run PHP in apache module mode.
don't doubt..high security hosting was my job for a couple of year in one of the bigguest french hoster...high security in php is provided by the cgi mode...don't know well US hosters like verio and olm, just know that they are big but it doens't mean that they provide high security hosting (for billing, ecommerce...)..
bye. Statisticly I see more php running in cgi mode than in apache module
ps: it doesn't solve this question...
The answer: you can't do it the way you're running PHP. i thought that would have been aparent by now. If you really want user authentacation, write it in PHP. The CGI does support sessions, right?
the problem was that my hosting company (domainsvision.com) turned on safe mode without letting me know so my scripts stopped functioning properly until i asked them to move my site to a server without safe mode
it's cool now
safe mode doesn't interect with auth_user var...
