umlaut doesn't work with HTTP-authetication

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Sternchen-Barbara
Forum Newbie
Posts: 5
Joined: Mon May 08, 2006 4:33 am

umlaut doesn't work with HTTP-authetication

Post by Sternchen-Barbara »

Hello,

since I've changed my login-system into one with HTTP-authentication I can't user usernames or passwords with an umlaut although I've UTF-8 encoding on the website and I'm sending header('Content-Type: text/html; charset=utf-8');

Is there a solution or will I have to forbid using an umlaut?

Thanks!
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

The problem is likely with the database, not with php or the form submission. Test the variables immediately before they hit the db and immediately after pulling from it. If it shows the umlaut before, but not after, you know its an issue in the db.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Can you describe what happens when you do use umlauts? Is your database also encoded for utf-8? Are you performing any PHP string operations on usernames and passwords?
Sternchen-Barbara
Forum Newbie
Posts: 5
Joined: Mon May 08, 2006 4:33 am

Post by Sternchen-Barbara »

I'm pretty sure that there is no problem with the database because it works with Opera, but not with other browsers :(

And yes, the database is also encoded with UTF-8... that's why you can change the password or name but afterwords login isn't possible anymore (except with Opera), it's like typing in the wrong data.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Is data being encoded somewhere along the line - perhaps the umlaut is being url encoded or similar and its not being translated back for a valid comparison? Echo the value being used in DB queries to see what it actually is (see the HTML source since the browser view won't show entities literally - if any exist). See Roja's suggestion on checking variables as they move between browser->PHP->DB and back...
Sternchen-Barbara
Forum Newbie
Posts: 5
Joined: Mon May 08, 2006 4:33 am

Post by Sternchen-Barbara »

Already after sending the data there is just a questionmark instead of an umlaut when I echo the value.
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

Sternchen-Barbara wrote:Already after sending the data there is just a questionmark instead of an umlaut when I echo the value.
Can you share the link to the page this is occurring on? I suspect its a header issue, not a code issue, and its hard to verify without the link.
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Question marks typically mean something along the line did not understand the umlaut character and replaced it as a result - common issue with UTF-8 characters being treated as ASCII... Something along the line is passing the umlaut off as ASCII or iso-8859-1 and it's being wrongly interpreted. Assuming the output is unchanged (no PHP string manipulation) then that leaves the browser, and your webserver. What's Apache serving in its header's?
Sternchen-Barbara
Forum Newbie
Posts: 5
Joined: Mon May 08, 2006 4:33 am

Post by Sternchen-Barbara »

Not the server is the problem because in this case it wouldn't work with Opera but it does.

Link for trying:

http://lamp2.fh-stpoelten.ac.at/~tm021032/umlaut.php

username: ö
password what ever you want
User avatar
Maugrim_The_Reaper
DevNet Master
Posts: 2704
Joined: Tue Nov 02, 2004 5:43 am
Location: Ireland

Post by Maugrim_The_Reaper »

Authorization: Basic 9jptYXVncmlt
I'm not too familiar with headers - but the basic auth scheme works from my end (Firefox - using LiveHTTPHeaders extension). The umlaut character and a password are being correctly concatenated and encoded via base64 by the browser. The correct base64 value is passed to your server - from there... Whatever your server does.

I just keep getting the unauthorised reponse...
HTTP/1.x 401 Unauthorized
Any chance you can post code which could be tested?
Sternchen-Barbara
Forum Newbie
Posts: 5
Joined: Mon May 08, 2006 4:33 am

Post by Sternchen-Barbara »

Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

Umm, from the page posted:

Code: Select all

if ($_SERVER['PHP_AUTH_USER']!='ö') {
Notice that the username is NOT the single character string you posted here on the forums. When using the two characters above, it worked fine.

Oddly, when accessing it after authentication, it does show the username as the single character with umlaut.

Very bizarre behavior. Really not sure of the cause. Its not the header issue I originally suspected either. (In some cases, apache sends a encoding type, and when it conflicts with the header encoding type, odd things happen. But thats not happening here).
Post Reply