0

Dear folks, There seems to be a problem with password protection for accessing a particular php page:
@ When I embed this test code, I am presented nicely with a popup authentification dialog.
@ If I fill in the fields and press enter, it does not show the password/login on the page!
@ It just presents me again the auth dialog with emptied fields... again and again @ After 3 tries orso it sais unauthorised to access...

What could be going on? Thanks very much for your suggestions!

if (!isset($_SERVER['PHP_AUTH_USER'])) {
     header('WWW-Authenticate: Basic realm="My Realm"');
     header('HTTP/1.0 401 Unauthorized');
     echo 'Text to send if user hits Cancel button';
     exit;
} else {
     echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
     echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>";
}

Ive Apache 2.0x Fedora with PHP 5.2.3 and nowhere else is password set in apache htacces or anything

Improve this question

1 Answer 1

Reset to default
3

PHP_AUTH_USER is available for mod_php setups at best. For CGI or FastCGI setups you will have to manually unmarshall the HTTP_AUTHORIZATION header. To make matters worse, it is often not present for security reasons. ( Basic Authentication with PHP gives an endless loop )

You will have to check with phpinfo() which variant you can use. Then apply one of the more complex examples from the comments in http://www.php.net/manual/en/features.http-auth.php#94349

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.