Page 1 of 1

header validate

Posted: Sat Apr 22, 2006 5:36 pm
by shiznatix
Ok so I am doing some testing and I am using the header to force authentication. Here is the code stolen from the zend website

Code: Select all

<?php

if ((!isset( $PHP_AUTH_USER )) || (!isset($PHP_AUTH_PW))) {

    header( 'WWW-Authenticate: Basic realm="Private"' );
    header( 'HTTP/1.0 401 Unauthorized' );
    echo 'Authorization Required.';
    exit;

} else {

    echo "You entered $PHP_AUTH_USER for a username.<BR>";
    echo "You entered $PHP_AUTH_PW for a password.<BR>";

} 
 
?>
now if i hit cancel it says 'Authorization Required' but if I hit 'OK' then it just asks for my username and password again even though i entered stuff in the fields! why? how? who? help?

Posted: Sat Apr 22, 2006 6:31 pm
by feyd
Do you have register_globals on? The code you have was written for them to be on.

Posted: Sat Apr 22, 2006 6:51 pm
by shiznatix
and there it is laying in the $_SERVER superglobal. *sigh* ill get it someday