ID: 27530 Updated by: [EMAIL PROTECTED] Reported By: arekm at pld-linux dot org -Status: Open +Status: Closed Bug Type: Output Control Operating System: Linux 2.4/2.6 + glibc 2.3.2 PHP Version: 4.3.4 New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2004-03-08 17:49:22] arekm at pld-linux dot org Description: ------------ The problem is that when safe_mode = On and we have simple script: <?php header('WWW-Authenticate: Basic realm=\"log in\"'); header('HTTP/1.0 401 Unauthorized'); exit; ?> and I get 3 Server: Apache/2.0.48 (Unix) mod_fastcgi/2.4.2 mod_ssl/2.0.48 OpenSSL/0.9.7c DAV/2 4 X-Powered-By: PHP/4.3.5RC2 5 WWW-Authenticate: 1000 which is unknown authentication method for any browser. According to documentation (http://pl2.php.net/manual/en/features.safe-mode.functions.php) UID should be appended to user specified string. Tested in on different setups like apache 1.3.29+php 4.3.3, php 4.3.4, apache 2.0.48+php 4.3.5RC2 in fastcgi mode, without fastcgi mode. Always reproducible. Turning safe_mode = Off fixes problem of course. Reproduce code: --------------- See description. Expected result: ---------------- 3 Server: Apache/2.0.48 (Unix) mod_fastcgi/2.4.2 mod_ssl/2.0.48 OpenSSL/0.9.7c DAV/2 4 X-Powered-By: PHP/4.3.5RC2 5 WWW-Authenticate: Basic realm=\"log in\" + somehwere UID since that's safe mode. Actual result: -------------- 3 Server: Apache/2.0.48 (Unix) mod_fastcgi/2.4.2 mod_ssl/2.0.48 OpenSSL/0.9.7c DAV/2 4 X-Powered-By: PHP/4.3.5RC2 5 WWW-Authenticate: 1000 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=27530&edit=1
