From: lacak at users dot sourceforge dot net
Operating system: Windows
PHP version: 5.1.0RC4
PHP Bug Type: *General Issues
Bug description: PHP_AUTH_DIGEST differs under Apache 1.x and 2.x
Description:
------------
PHP_AUTH_DIGEST differs under Apache 1.x and 2.x
Apache 1.x:
_SERVER["PHP_AUTH_DIGEST"]='username="user1", realm="www.realm.sk-0",
qop="auth", algorithm="MD5", uri="/devel/php_auth.php", nonce="nonce",
nc=00000001, cnonce="11a85ba98273fe0f5578597b1dbf3082", opaque="opaque",
response="088685b1533e542920e1c47b59696b9c"';
Apache 2.x:
_SERVER["PHP_AUTH_DIGEST"]='Digest username="cd", realm="www.realm.sk",
nonce="nonce", uri="/~cb/php_auth.php",
response="bedf1a35418a3712adc0aea22e94d9f2", opaque="opaque", qop=auth,
nc=00000001, cnonce="082c875dcb2ca740"';
Under Apache 2.x the word "Digest " is at the begining. Under Apache 1.x
is not.
Resolution:
1. strip out leading "Digest " from PHP_AUTH_DIGEST in Apache 2.x
2. or add "Digest " at the begining PHP_AUTH_DIGEST in Apache 1.x (but is
redundant)
3. or the best solution is change PHP_AUTH_DIGEST to associative array
(parse string and build array elements from it; similar way how cookies
are parsed) :
(Otherwise this step must be always done in php script)
PHP_AUTH_DIGEST["username"]="user1";
PHP_AUTH_DIGEST["realm"]="www.realm.sk-0";
...
This is example in PHP how to convert PHP_AUTH_DIGEST string to array :
foreach(explode(", ", $_SERVER["PHP_AUTH_DIGEST"] as $auth1) {
list($authkey,$authvalue)=explode("=",$auth1,2);
if (substr($authvalue,0,1)=='"' && substr($authvalue,-1,1)=='"')
$authvalue=substr($authvalue,1,-1); /*strip out double quotes*/
$auth[$authkey]=$authvalue;
}
/* at this point $auth array contains what we need */
Please incorporate this feature to php source code.
Thank you very much for your time and effort.
Laco.
--
Edit bug report at http://bugs.php.net/?id=35170&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=35170&r=trysnapshot4
Try a CVS snapshot (php5.0):
http://bugs.php.net/fix.php?id=35170&r=trysnapshot50
Try a CVS snapshot (php5.1):
http://bugs.php.net/fix.php?id=35170&r=trysnapshot51
Fixed in CVS: http://bugs.php.net/fix.php?id=35170&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=35170&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=35170&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=35170&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=35170&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=35170&r=support
Expected behavior: http://bugs.php.net/fix.php?id=35170&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=35170&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=35170&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=35170&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=35170&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=35170&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=35170&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=35170&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=35170&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=35170&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=35170&r=mysqlcfg
