ID: 22672
Updated by: [EMAIL PROTECTED]
Reported By: bugzilla at ab dot thatcow dot com
-Status: Open
+Status: Assigned
Bug Type: Apache2 related
Operating System: SunOS 5.9
PHP Version: 4.3.1
Assigned To: ianh
New Comment:
[To: Ian] Always set the status also to 'Assigned'
Previous Comments:
------------------------------------------------------------------------
[2003-03-13 23:18:37] [EMAIL PROTECTED]
Hi.
Can you mail me some php script which does user-authentication. so I
can test the patch.
I want to verify it works if a user does user-authentication via apache
before I commit it.
TIA
Ian
------------------------------------------------------------------------
[2003-03-13 03:11:31] bugzilla at ab dot thatcow dot com
I send headers through PHP to force authentication. Under apache1.3,
the username would show up properly under my combined logs - under
apache2.0.44, I always see "-". The folks over at Apache (see their bug
#8500) suggest PHP needs to be setting user in the request structure.
I've add one line in php_apache_request_ctor() in sapi_apache2.c to set
this. This hack is fairly ignorant of the internals of both php and
apache, but here it is anyway. Do with as you wish. Forgive the
formatting here if it doesn't come out right.
<pre>
if (!PG(safe_mode)) {
auth = apr_table_get(f->r->headers_in,
"Authorization");
php_handle_auth_data(auth TSRMLS_CC);
+ ctx->r->user =
apr_pstrdup(ctx->r->pool,SG(request_info).auth_user);
} else {
SG(request_info).auth_user = NULL;
SG(request_info).auth_password = NULL;
</pre>
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=22672&edit=1
