ID: 10079
Updated by: sniper
Reported By: [EMAIL PROTECTED]
Old-Status: Open
Status: Feedback
Bug Type: Scripting Engine problem
Assigned To:
Comments:
http://snaps.php.net/
Previous Comments:
---------------------------------------------------------------------------
[2001-03-30 15:21:34] [EMAIL PROTECTED]
Apache is running standalone as a daemon.
.....
No, I havn't tried 4.0.5. I'll give it try ... Just tell where to download it.
Dean
---------------------------------------------------------------------------
[2001-03-30 15:12:11] [EMAIL PROTECTED]
Open -> Feedback
That's rather annoying that the state is not saved, is anyone working on this? I know
there is a new system coming, but not for a while. Or where is it located in CVS and
I'll fix it.
-Chris
---------------------------------------------------------------------------
[2001-03-30 15:10:11] [EMAIL PROTECTED]
Use the web interface, do not reply to these emails.
I did not try it because i did not have the time. I just tried it and did not get
those same results.
After the first login it did create the file, I deleted, refreshed, no file...did what
it is supposed to.
I am however using a CVS version of 4.0.5, have you tried it with the CVS version?
-Chris
---------------------------------------------------------------------------
[2001-03-30 12:34:38] [EMAIL PROTECTED]
Are you running Apache as standalone or inetd?
If I remember right, PHP/Apache/inetd likes to lose env variables.
-Chris
---------------------------------------------------------------------------
[2001-03-30 11:38:36] [EMAIL PROTECTED]
<?php
// Header("WWW-Authenticate: Basic realm="Realm"");
if (!$PHP_AUTH_USER) {
exec(">xxxx");
Header("WWW-Authenticate: Basic realm="Realm"");
Header("HTTP/1.0 401 Unauthorized");
} else
echo "else";
?>
Compiler: gcc 2.95.2
Make: GNU 3.79
FSU Pthreads: 3.8
Apache: 1.3.19
MySQL: 3.23.36
PHP: 4.0.4pl1
Freetype: 2.0
LibPNG: 1.0.9
LibJPEG: 6b
Libgd: 1.8.4
PHP is compiled as an Apache module with the following options:
--with-mysql --with-apache --with-pdflib --with-gd --with-trans-sid
--enable-track-vars --enable-sysvsem --enable-sysvshm
Description of problem:
Both sides of the IF construct are being executed when testing the $PHP_AUTH_USER
variable AND issuing the header function. I posted this question in the general mail
list but have received any reponse from anyone....so....
Using the script list above, follow the steps shown below to produce this problem:
1. Close all instances of your browser (I am using IE-5.01 and I have not tried any
other browsers). However I don't believe it is a browser issue.
2. Run the script shown above.
3. Enter some user ID and password... Everything so far works fine.
4. Look in the directory where the script is stored. There should be a file called
xxxx. This indicates that $PHP_AUTH_USER was NOT set.
5. Remove the file xxxx.
6. Refresh the browser. Look for the file xxxx. Notice that xxxx is present; which
should only happen if $PHP_AUTH_USER is NOT set....YET "else" was printed on screen
which indicates that $PHP_AUTH_USER IS set.
7. Uncomment the commented "header" line and notice that a user ID and password prompt
is always issued in this case.
My questions are:
1. Why are both sides of the conditional "If (!isset($PHP_AUTH_USER))" being executed?
2. Why, when $PHP_AUTH_USER is not set, the 'exec(">xxxx")' runs on subsequent
refreshes, but no prompt for a new user ID and password is issued?
3. Why, if a authenticate header is sent before testing, a user ID and password prompt
is issued?
Thanks for taking a look at this.
Dean
---------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view the rest of the
comments, please view the bug report online.
ATTENTION! Do NOT reply to this email!
To reply, use the web interface found at http://bugs.php.net/?id=10079&edit=2
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
