Guys,
I have to access a WS that uses HTTP auth directly with PHP.
I've tried using the usual http://user:[EMAIL PROTECTED]/ but I couldn't get it
working. I believe it has something to do with the password containing a #
(can't change it) and the browser thinks it's an achor or something.
All
Thiago H. Pojda wrote:
Guys,
I have to access a WS that uses HTTP auth directly with PHP.
I've tried using the usual http://user:[EMAIL PROTECTED]/ but I couldn't get it
working. I believe it has something to do with the password containing a #
(can't change it) and the browser thinks it's an
On Wed, Nov 19, 2008 at 11:34 AM, Craige Leeder [EMAIL PROTECTED] wrote:
Thiago H. Pojda wrote:
Guys,
I have to access a WS that uses HTTP auth directly with PHP.
I've tried using the usual http://user:[EMAIL PROTECTED]/ but I couldn't get
it
working. I believe it has something to do
-Original Message-
From: Craige Leeder [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 19, 2008 8:35 AM
To: Thiago H. Pojda
Cc: PHP-General List
Subject: Re: [PHP] HTTP Authentication
Thiago H. Pojda wrote:
Guys,
I have to access a WS that uses HTTP auth directly
On Wed, Nov 19, 2008 at 9:26 AM, Thiago H. Pojda [EMAIL PROTECTED] wrote:
Guys,
I have to access a WS that uses HTTP auth directly with PHP.
I've tried using the usual http://user:[EMAIL PROTECTED]/ but I couldn't get
it
working. I believe it has something to do with the password
On Wed, Nov 19, 2008 at 12:15 PM, Andrew Ballard [EMAIL PROTECTED] wrote:
On Wed, Nov 19, 2008 at 9:26 AM, Thiago H. Pojda [EMAIL PROTECTED]
wrote:
Guys,
I have to access a WS that uses HTTP auth directly with PHP.
I've tried using the usual http://user:[EMAIL PROTECTED]/ but I
-Original Message-
From: Thiago H. Pojda [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 19, 2008 11:47 AM
To: Andrew Ballard
Cc: PHP-General List
Subject: Re: [PHP] HTTP Authentication [ SOLVED ]
On Wed, Nov 19, 2008 at 12:15 PM, Andrew Ballard [EMAIL PROTECTED]
wrote
On Wed, Nov 19, 2008 at 2:49 PM, Boyd, Todd M. [EMAIL PROTECTED] wrote:
-Original Message-
From: Thiago H. Pojda [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 19, 2008 11:47 AM
To: Andrew Ballard
Cc: PHP-General List
Subject: Re: [PHP] HTTP Authentication [ SOLVED
On Wed, Nov 19, 2008 at 12:47 PM, Thiago H. Pojda
[EMAIL PROTECTED] wrote:
On Wed, Nov 19, 2008 at 12:15 PM, Andrew Ballard [EMAIL PROTECTED] wrote:
On Wed, Nov 19, 2008 at 9:26 AM, Thiago H. Pojda [EMAIL PROTECTED]
wrote:
Guys,
I have to access a WS that uses HTTP auth directly with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi to you all.
I've been pulling my hair out over this issue and I really hope YOU can
help me. A part of the website that I'm having the problems with should
be password protected (nothing much, just to have a slight notion of it
not being publicly
--- Matt Wondra [EMAIL PROTECTED] wrote:
I'm trying to include a file from an HTTP Authenticated server
in PHP. I have a valid username and password. Is there any way
to remotely login and include the file?
Ex:
include(https://www.url.com/incl1.php;);
When allow_url_fopen is enabled, you
Howdy.
I'm trying to include a file from an HTTP Authenticated server in PHP. I
have a valid username and password. Is there any way to remotely login and
include the file?
Ex:
include(https://www.url.com/incl1.php;); // Trying to include from
password-protected site
How do I get past the
On Friday 03 September 2004 05:27, Matt Wondra wrote:
I'm trying to include a file from an HTTP Authenticated server in PHP. I
have a valid username and password. Is there any way to remotely login and
include the file?
Ex:
include(https://www.url.com/incl1.php;); // Trying to include
Hi!
I am wondering why is the HTTP Authentication is taking so long to
pop-up once the link/button is clicked. Like 2 minutes I'm using
Apache and there is no PHP being used for HTTP Authentication stuffs as I
thought it did. I thought one of you might know of this because of previous
[snip]
I am wondering why is the HTTP Authentication is taking so long to
pop-up once the link/button is clicked. Like 2 minutes I'm using
Apache and there is no PHP being used for HTTP Authentication stuffs as
I
thought it did. I thought one of you might know of this because of
Scott Taylor wrote:
What is the easiest way to access a page that is protected by HTTP basic
authentication through PHP? In other words, I have a PHP page that will
get the username and password off a database and will then login
through HTTP authentication to access a second page (say an
What is the easiest way to access a page that is protected by HTTP basic
authentication through PHP? In other words, I have a PHP page that will
get the username and password off a database and will then login
through HTTP authentication to access a second page (say an HTML page).
Best
--- Scott Taylor [EMAIL PROTECTED] wrote:
What is the easiest way to access a page that is protected by HTTP
basic authentication through PHP?
You should be able to indicate the username and password in the URL:
http://username:[EMAIL PROTECTED]/path/to/script.php
Hope that helps.
Chris
hello all ,
I'm able to get successfully http authenticated from my php scripts
Ex :
$header = POST /myscript.php HTTP/1.0\r\nAuthorization: Basic ;
$header .= base64_encode($username:$password).\r\n;
$header .= Content-type: application/x-www-form-urlencoded\r\n;
Hi,
But the above is not working when the $username contains a trailing
semicolon
or when the $password is starting with a semicolon,
Ex: what if the $username =chandu:
Is there any solution for this ?
You could use str_replace to strip those before they get used.
-Dan Joseph
--
I think I can remember semi-colon is not allowed in apache logins or
passwords...
Chandu Nannapaneni wrote:
hello all ,
I'm able to get successfully http authenticated from my php scripts
Ex :
$header = POST /myscript.php HTTP/1.0\r\nAuthorization: Basic ;
$header .=
[snip]
I think I can remember semi-colon is not allowed in apache logins or
passwords...
But the above is not working when the $username contains a trailing
semicolon
or when the $password is starting with a semicolon,
Ex: what if the $username =chandu:
[/snip]
Or colons. It is a Bad
Jay Blanchard wrote:
Or colons. It is a Bad Practice[tm] to use any special characters in
user names and/or passwords. It is not universally allowed from OS to OS
I disagree with this : special characters are useful to have better
passwords (more difficult to crack), but as apache stores the
I have tried using HTTP Authentication as described in the documentation.
But it does not matter how many times i type in login/password, the popup
keeps coming back.
The server, mandrake 9.1, uses safe mode, so PHP_AUTH_USER and PHP_AUTH_PW
does not work. $_SERVER['REMOTE_USER'] does not work
Hiya people,
I am building a admin page for a guestbook and i want more people to be
able to log in. I have made a table in the database called
user(gebruikers) wich keeps both a loginname(loginnaam) and password. I
have 2 users in this table right now. Now i ve a problem.. I can login
with the
How does one logout from such an authentication? I know that through a
HTTP status code, but how exactly? Everything I tried allows the browser
to view the page info after logout if the user hits the back button.
The only way I found it works if the user closes the browser window, but
I can't
From: vic [EMAIL PROTECTED]
Sent: Saturday, August 10, 2002 11:24 AM
Subject: [PHP] HTTP authentication - de authentication
How does one logout from such an authentication?
There's no way to logout. Use a session based authentication.
--
PHP General Mailing List (http://www.php.net
Hi,
I am reading HTTP authentication in php manual. It
does not explain it from the basics of it. Can anyone
tell me what exactly will the output of the following
code? I thought it will ask some user name and
password thing but it just displays me the string
text to send if user hits cancel.
From: Varsha Agarwal [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 10, 2002 4:30 PM
I thought it will ask some user name and
password thing but it just displays me the string
text to send if user hits cancel.
This is the code:
?php
header(WWW-Authenticate: Basic realm=\My
Hi,
Thanks for the explaination. But that code does not
pop up any login window. Do I need to do any settings
for that??
--- Matt Schroebel [EMAIL PROTECTED] wrote:
From: Varsha Agarwal
[mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 10, 2002 4:30 PM
I thought it will ask some user
Here is a solution I developed for the HTTP AUTHENTICATION on that buggy
Internet Explorer.
I want some feedbacks, improvements, Comments...
Bharath
(B. h. Loh.)
bharath_b_lohray (at) yahoo.com
Please correspond via email for my convinience and
also on the News Group for the benifit of the
Hello,
I'm working on a website for what will eventually be free
PHP/MySQL/Apache/DNS/etc hosting (see: http://hosting.venura.net , no
requests for accounts will be entertained right now), and am having problems
trying to get HTTP Authentication working. I had it working a month or so
ago, but
the HTTP authentication of using a form uses Sessions!
Check out the following URL:
http://www.devshed.com/Server_Side/PHP/Commerce2/
I followed the above URL to create a user authentication page using
Sessions.
Peter
On Mon, 22 Oct 2001, [ISO-8859-1] Stig-Ørjan Smelror wrote:
Wilbert
Wilbert Enserink wrote:
Hi all,
is it possible to do a HTTP Authentication with my own loginform instead of
using the ugly pop up window?
regards,
Wilbert
With a lot of thought, yes.
You need to consider a few factors before you start.
Security: Checking the IP address of the
how secure is either method? the form method would be more secure if it
was done over https correct?
tonyz
Martín marqués wrote:
On Lun 01 Oct 2001 19:36, you wrote:
I used a pretty basic system to check HTTP authentication values against
database values, but I can't seem to find a way
I used a pretty basic system to check HTTP authentication values against
database values, but I can't seem to find a way to allow the user to log
out. I tried:
unset($PHP_AUTH_USER)
but Internet Explorer hangs on to that value until all browser windows are
closed. Is there any way around
$PHP_AUTH_USER is filled in based on the value coming from the browser.
unsetting it in PHP makes no sense as the browser is simply going to set
it again on the next request. There is no way to clear this from the
client-side short of changing the realm or denying the authentication with
a 403.
if you just want to output the file to the user,
readfile(http://server.com/greendocks/locked/useradd.htm?user=blahpass=blah;);
should work. If you want to play with the file first, file() will put it in
an array, fopen() will create a file pointer to it, you could create your
very own HTTP
Well the actual problem is that this file is behind a http authenticated
directory. I actually don't want the users to know the login and password
for it since it is the login for my control panel for my website. However, I
do want to be able to execute a url, this is to allow users to create
On 23-Sep-2001 Jeff Bristow wrote:
I am trying to write a php script that will work around a http
authentication that I do have access to. I am trying to do this so that a
form process in my control panel can automatically have information sent to
it from a form that a user will fill out.
I am trying to write a php script that will work around a http authentication that I
do have access to. I am trying to do this so that a form process in my control panel
can automatically have information sent to it from a form that a user will fill out.
However, my problem is in trying to get
Is there a way to force re-authentication without closing and re-opening the
browser.
Thanks
Boris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL
]
Subject: [PHP] HTTP authentication
Is there a way to force re-authentication without closing and re-opening the
browser.
Thanks
Boris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list
Hi,
I am using PHP to send a header to the browser requestiing authentication.
On a successful login i am tracking inactivity by the client and want to
expire the login once a timeout period is reached. Problem is if the session
expires and the user just refreshes then the orignal login details
Hi all,
I've been playing around with PHP authentication via HTTP.
I'm using apache, and when i use the header('WWW_Auth...)
headers i get a username/password dialog pop up (as i wanted).
How do i get those values unset in the browser, so that i can get a user
to re authenticate ?
I need to
Hei!
I have a script, where people can log-in to administrate a site,
but once they are logged in, what do i have to do to log them out again?
I thought to write a logout-script which deletes the $HTTP_AUTH_USER
variable, but it doesn't work.
It seems that the user-data remains in memory until
I am using HTTP authentication to restrict access to certain pages and I want to add a
logout option so that users must reauthenticate before being able to veiw the pages
again.
Here is the code I'm using to authenticate:
?
/* Test for username/password */
if(($PHP_AUTH_USER == $username)
I have configured mod_auth_pam for Apache and secured a directory with an
.htaccess file:
AuthType Basic
AuthName Secure Area
require group staff
require user chris
Now, I would like to control the local browser window's authentication cache
via PHP. For example, how do I clear the
this seems to make my browsers not cache.
header(Expires: Mon, 26 Jul 1997 05:00:00 GMT);
header(Last-Modified: . gmdate(D, d M Y H:i:s) . GMT);
header(Cache-Control: no-cache, must-revalidate);
header(Pragma: no-cache);
then add
header(WWW-Authenticate: Basic realm='$SERVER_NAME'
On 07-May-01 Mauricio Souza Lima wrote:
snip
And you have to inform the user to clean the password field, click ok,
then the pop-up will open again, then user click in cancel.
I just know that way to do. If anyone know another way, Postit!
create a tmp directory
logoff.php3:
Cool, you have found another way!
So the realm make diference? A user loged in a realm isn't the same in
other realm? Very cool...
Explain better your solution to us.
Regards,
Don Read wrote:
On 07-May-01 Mauricio Souza Lima wrote:
snip
And you have to inform the user to clean the
On 08-May-01 Mauricio Souza Lima wrote:
Cool, you have found another way!
So the realm make diference? A user loged in a realm isn't the same in
other realm? Very cool...
Not quite, the realm is a string to present to the login dialog box
it has no effect on the credentials in this
On Mar 08 May 2001 02:07, you wrote:
Never tried it though...but can you try to empty or unset the
$PHP_AUTH_USER/PWD ?
This doesn't work, thats why I use a login html page and sessions. :-)
Saludos... :-)
--
El mejor sistema operativo es aquel que te da de comer.
Cuida tu dieta.
Services, LLC
Web: www.rolet.com
Email: [EMAIL PROTECTED]
Phone: 816.210.7145
Fax: 816.753.1952
-Original Message-
From: Martín Marqués [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 07, 2001 2:13 AM
To: elias
Cc: [EMAIL PROTECTED]
Subject: Re: [PHP] HTTP authentication : logout!!!
On Mar 08 May
i'm using http authentication for my php pages
(members area). Once you login correctly, than you can
access anypage as the authentication box doesn't
pop-up.
Now i woul like to create a logout link after clicking
on which, whenever you click on a page using auth, the
auth box should pop-up
Never tried it though...but can you try to empty or unset the
$PHP_AUTH_USER/PWD ?
-elias
http://www.eassoft.cjb.net
Thomas Edison Jr. [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
i'm using http authentication for my php pages
(members area). Once you login
It dont work, what you have to do is that:
In the logout.php:
--
?
header( 'WWW-Authenticate: Basic realm=Private');
header( 'HTTP/1.0 401 Unauthorized' );
?
htmlbody
Logout Sucessful
/body/html
--
And you have to inform the user to clean the password field, click ok,
$PHP_AUTH_USER = ;
$PHP_AUTH_PW = ;
Ought to do it.
From: Thomas Edison Jr. [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 07, 2001 8:39 AM
To: [EMAIL PROTECTED]
Subject: [PHP] HTTP authentication : logout!!!
Now i woul like to create a logout link after clicking
on which, whenever you
/)
- GameDesign, the industry source for game design and development issues
-Original Message-
From: Robert Covell [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 07, 2001 9:14 AM
To: Martín Marqués; elias
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] HTTP authentication : logout!!!
I must
How can I use the HTTP authentication which pops up
that little box in the screen asking for username
password for giving access to a page in PHP?
regards,
T.Edison jr.
=
Rahul S. Johari (Director)
**
Abraxas Technologies Inc.
Homepage :
Superb tutorial on Zend:
http://www.zend.com/zend/tut/authentication.php
HTH
Jon
-Original Message-
From: Thomas Edison Jr. [mailto:[EMAIL PROTECTED]]
Sent: 26 April 2001 13:03
To: [EMAIL PROTECTED]
Subject: [PHP] HTTP authentication for username password
How can I use the HTTP
On Wed, Feb 14, 2001 at 11:07:46PM -0800, Thomas Edison Jr. wrote:
The code I'm entering is:
?php
if(!isset($PHP_AUTH_USER)) {
Header("WWW-Authenticate: Basic realm=\"My Realm\"");
Header("HTTP/1.0 401 Unauthorized");
echo "Text to send if user hits Cancel button\n";
exit;
} else {
on the
server, but that is beyond me.
- John Vanderbeck
- Admin, GameDesign
- Original Message -
From: "Thomas Edison Jr." [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, February 15, 2001 2:07 AM
Subject: [PHP] HTTP authentication
I was browsing thru the http authenticat
Hey all,
New problem. I really hope there's something simple to do to fix it. Check out this
scenario and tell me if there's a step that I'm missing.
Inside my common footer on my site the very first call is to an include called
UserAuth.inc.php.
UserAuth.inc.php checks $REQUEST_URI to see
Sorry, I meant common header, not footer.
Inside my common "header" on my site ..
(which also includes the same "header") ...
- Original Message -
From: "Toby Miller" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, February 14, 200
[EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, February 14, 2001 10:37 AM
Subject: [PHP] HTTP Authentication not getting unset
Hey all,
New problem. I really hope there's something simple to do to fix it. Check
out this scenario and tell me if there's a step that I'm missing
cached pages from logged
in sessions, but I guess you can't have everything. :-)
Thanks,
Toby
- Original Message -
From: "Chris Lee" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, February 14, 2001 11:44 AM
Subject: Re: [PHP] HTTP Authentication not getting unset
El Mi 14 Feb 2001 12:37, Toby Miller escribi:
Hey all,
Hi,
This is far to long, so I'll strip a part of it.
Now if I try to read the $PHP_AUTH_USER or $PHP_AUTH_PW variables anyplace
on the site they don't exist, until I go back to one of the protected
pages. Then they miraculously
El Mi 14 Feb 2001 13:44, Chris Lee escribi:
Ive found the same thing and currently do not have a workaround, it seems
that browsers cache this. one method Ive thought of and never tested is to
set a session variable, cross reference that SessionID, PHP_AUTH_PW,
PHP_AUTH_USER are all valid, if
El Mi 14 Feb 2001 13:04, Toby Miller escribi:
Sorry, I meant common header, not footer.
Inside my common "header" on my site ..
(which also includes the same "header") ...
Don't worry, I understood it. ;-)
--
System Administration: It's a dirty job,
but someone told I had to do
OK, I loaded PHP with the ISAPI filter, but still no luck with
authentication..
Did you reboot? It is Windows...
I think ?php phpinfo();? will tell you if you are actually using ISAPI or
CGI or not... Maybe.
--
Visit the Zend Store at http://www.zend.com/store/
Wanna help me out? Like
Hi, all.
HTTP Authentication in PHP 4 - Apache don't work!!!
Help me.
Best.
__
?php
if(!isset($PHP_AUTH_USER)) {
Header("WWW-Authenticate: Basic realm=\"My Realm\"");
Header("HTTP/1.0 401 Unauthorized");
echo "Text to send if user hits
// Start echo statement
echo "hello";
}
}
?
- Original Message -
From: "Nick Kostirya" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, February 07, 2001 10:27 AM
Subject: [PHP] HTTP Authentication
Hi, all.
HTTP Au
les/php/php.exe".
Do you know what is the matter?
Thanks in advance.
Nick.
- Original Message -
From: Shane McBride [EMAIL PROTECTED]
To: Nick Kostirya [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Wednesday, February 07, 2001 7:06 PM
Subject: Re: [PHP] HTTP Authentication
Nick,
I
OK, I loaded PHP with the ISAPI filter, but still no luck with authentication..
Here's the basic script that works on Apache/Linux:
?
// File name: admin_menu.php
// Check to see if $PHP_AUTH_USER already contains info
if (!isset($PHP_AUTH_USER)) {
// If empty, send header causing dialog box
75 matches
Mail list logo