From: [EMAIL PROTECTED] Operating system: Any PHP version: 4.1.1 PHP Bug Type: Documentation problem Bug description: PHP_AUTH_* - what is it?
Please see: http://www.php.net/manual/en/language.variables.predefined.php as opposed to: http://www.php.net/manual/en/features.http-auth.php PHP_AUTH vars, are not listed in the Apache list, while the features page, qualifies them as such. Under ISAPI however, these vars are available as: AUTH_PASSWORD and AUTH_USER, so people looking for a reason why their script won't work, either bum out, when viewing the second page, or look at phpinfo and see nothing, because you need to be logged in first, to see them (yes, there are ways less obvious). So, either they should be listed as Apache variables in the first page, or they should not be called Apache variables in the second page. In any case, I think mentioning, they are called differently in ISAPI on the second page, is not a luxury. Also - I think example 17-1 should be changed to: <?php if (!isset($_SERVER['REMOTE_USER'])) { header("WWW-Authenticate: Basic realm=\"My Realm\""); header("HTTP/1.0 401 Unauthorized"); echo "Text to send if user hits Cancel button\n"; exit; } else { // The variables below could be called differently. // If so, change the code below to phpinfo() and look // them up echo "<p>Hello $PHP_AUTH_USER.</p>"; echo "<p>You entered $PHP_AUTH_PW as your password.</p>"; } ?> which should work on any platform, that supports the feature, independant of register_globals settings. -- Edit bug report at: http://bugs.php.net/?id=14804&edit=1