HTTP Authentication problem!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

HTTP Authentication problem!

Post by Nik »

Hello, do u see something wrong with this one?

<?php
ob_start(); error_reporting(E_ALL); $xronos=date("l dS of F h:i:s A"); $host=gethostbyaddr($_SERVER['REMOTE_ADDR']); $i=0;
echo "<body background=pics/anemos.jpg>";
echo "<font size=5 color=Pink>";

$tainia = $_POST['tainia'];
$cd = $_POST['cd'];
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];


if (@mysql_connect('localhost', 'nik', 'macgyver'));
else @mysql_connect('localhost', 'root');
mysql_select_db('db_nik');


$sql=mysql_query("SELECT * FROM member WHERE user='$user' AND pass='$pass'");
if (mysql_num_rows($sql)!=0)
$i=1;
else
$i=0;


if ($i==0)
{
header('WWW-Authenticate: Basic realm="Πές μου το Username σου για να καταλάβω ποιος είσαι =>"');
die ("Δεν σε έχω καταχωρημένο στην Ατζέντα μου .... πρέπει πρώτα να γραφτείς και μετά να ξανάρθεις :)");
}
else
{
if (isset($_POST['prosthiki'])) include 'prosthiki.php';
if (isset($_POST['emfanisi'])) include 'emfanisi.php';
if (isset($_POST['metavoli'])) include 'metavoli.php';
if (isset($_POST['diagrafi'])) include 'diagrafi.php';
}
?>

When this script tries to execute i get this error:

Notice: Undefined index: PHP_AUTH_USER in D:\web\check.php on line 8

Notice: Undefined index: PHP_AUTH_PW in D:\web\check.php on line 9

why???
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

if the browser does not send the auth-fields then there is no $_SERVER['PHP_AUTH_USER'] or $_SERVER['PHP_AUTH_PW']. That's what php is complaining about
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

Post by Nik »

i see, so whats my next step?
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

avoid using those elements if they are not set ;)
perform the query only if $_SERVER['PHP_AUTH_USER'] and/or $_SERVER['PHP_AUTH_PW'] are set. Otherwise or if the query fails send the authentication header.
Also read: http://www.php.net/manual/en/function.m ... string.php
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

Post by Nik »

thanks for your willing to help but i didnt quite understand

i have already sent the header at this point

if ($i==0)
{
header('WWW-Authenticate: Basic realm="&#


why the http authentication window didint pop up?
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

you did not send the actual reason to authenticate ;)
try

Code: Select all

header('WWW-Authenticate: Basic realm="this realm"');
header("HTTP/1.0 401 Unauthorized");
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

Post by Nik »

No i did send it and in the server where i have uploaded my page it works ok! Teh problem is that in my localhost its not working and i dont know why! when i uses easyphp used to work great! Bu when i installed indigoperl with Apache php and perl everything works ok as usual except this authentication part!! :(

I beleive the code is ok. but indigoperl for some reason does inteprete it well !!
do you know why?
User avatar
m3mn0n
PHP Evangelist
Posts: 3548
Joined: Tue Aug 13, 2002 3:35 pm
Location: Calgary, Canada

Post by m3mn0n »

It's probubly the settings. Different preinstalled php's have different php.ini setups. Check to see if what you want is enabled or not. :)
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

Post by Nik »

so php.ini is the troublemaker file hey??

cool!

thanks a lot man! ;)
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

Post by Nik »

Unfortunately i dont find out some entry in php.ini about http auhtentication! can anyone help me out?
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

hm, what happens if you send the 401-header unconditionally? The simple script

Code: Select all

<?php
header('WWW-Authenticate: Basic realm="this realm"');
header("HTTP/1.0 401 Unauthorized");
?>text you should see only if you aborted the auth
will do.
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

Post by Nik »

i tied your script and see the following

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, nik@mycosmos.gr and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


--------------------------------------------------------------------------------

Apache/2.0.44 (Win32) mod_perl/1.99_08 Perl/v5.8.0 Server at p4 Port 80

now what?
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

ah, php is installed as cgi?
maybe header("Status: 401 Unauthorized") works, but I remember there was something about php/cgi and 401/PHP_AUTH_USER but I can't find it right now.
Nik
Forum Contributor
Posts: 138
Joined: Wed Jan 29, 2003 6:02 pm
Location: Thessaloniki, Greece

Post by Nik »

Someone pls kiss this guy!!!

Allow me to say that you are <span style='color:blue' title='I&#39;m naughty, are you naughty?'>smurf</span> good!

Thsi was a problem

<?php
header('WWW-Authenticate: Basic realm="this realm"');
header("HTTP/1.0 401 Unauthorized");
?>text you should see only if you aborted the auth

ans as u said this was the solution

<?php
header('WWW-Authenticate: Basic realm="this realm"');
header("Status: 401 Unauthorized");
?>text you should see only if you aborted the auth

Allow me to kiss you man!

Mats Mouts!!! :)
Post Reply