ID: 19207 Updated by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] -Status: Verified +Status: Critical Bug Type: IIS related Operating System: Windows 2000/.Net Server RC1 PHP Version: 4CVS-2002-08-30 New Comment:
Marking this critical (fix before 4.3.0 final). See the related discussion http://www.phpbuilder.com/mail/php-developer-list/2002092/0238.php Previous Comments: ------------------------------------------------------------------------ [2002-09-24 13:03:38] [EMAIL PROTECTED] I'm currently using IIS 6.0 in Windows.Net Server RC1 (build 3663). Again, CGI PHP 4.2.2/4.2.3 works fine just not CGI PHP 4.3.0. ------------------------------------------------------------------------ [2002-09-24 11:48:11] [EMAIL PROTECTED] what version of IIS are you using.. this works fine on Win XP Pro (No service pack) so IIS 5.0. - James -- James Moore [EMAIL PROTECTED] ------------------------------------------------------------------------ [2002-09-05 11:22:02] [EMAIL PROTECTED] Just tried the latest snapshot php4-win32-200209051400.zip and the issue still exists. php-cgi.exe returns the following headers: Status: 401 Content-type: text/html WWW-authenticate: basic realm=Logon The correct headers for php-cgi.exe to work in IIS should be: HTTP/1.1 401 Unauthorized Content-type: text/html WWW-authenticate: basic realm=Logon ------------------------------------------------------------------------ [2002-09-04 21:30:20] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-latest.zip I believe there was just a patch submitted that fixes this. I could be wrong though too, please test and update if still valid. :\ ------------------------------------------------------------------------ [2002-08-30 20:09:13] [EMAIL PROTECTED] The following code fragment works great with PHP 4.2.2 on IIS: Header("WWW-authenticate: basic realm=Logon"); Header("HTTP/1.1 401 Unauthorized"); echo "<HTML>\n"; echo " <HEAD>\n"; echo " <TITLE>Authorization Required</TITLE>\n"; echo " </HEAD>\n"; echo " <BODY BGCOLOR=#FFFFFF TEXT=#000000>\n"; echo " Invalid username and password with which to access this webpage.<P><br><br>\n"; echo " </BODY>\n"; echo "</HTML>\n"; exit; This code works correctly in 4.2.2. It sets the status of the page to 401 and makes the browser prompt for the password. However using php-cgi.exe in the latest 4.3.0 development builds in IIS the code does not work. The browser receive a "HTTP/1.1 200 OK" instead of "HTTP/1.1 401 Unauthorized". If I simply run the CGI script from the command prompt using php-cgi.exe in 4.3.0 I get the following: Status: 401 Content-type: text/html WWW-authenticate: basic realm=Logon <HTML> <HEAD> <TITLE>Authorization Required</TITLE> </HEAD> <BODY BGCOLOR=#FFFFFF TEXT=#000000> Invalid username and password with which to access this webpage.<P><br><br> </BODY> </HTML> Running php.exe 4.2.2 from the console I get the following: HTTP/1.1 401 Unauthorized Content-type: text/html WWW-authenticate: basic realm=Logon <HTML> <HEAD> <TITLE>Authorization Required</TITLE> </HEAD> <BODY BGCOLOR=#FFFFFF TEXT=#000000> Invalid username and password with which to access this webpage.<P><br><br> </BODY> </HTML> Noticed that php 4.2.2 correctly returns the HTTP page status as "HTTP/1.1 401 Unauthorized" and php 4.3.0 only returns the tag "Status: 401". The new tag "Status: 401" does not work in IIS, it needs to be the full "HTTP/1.1 401 Unauthorized". ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=19207&edit=1
