Jump to content

Works in PHP4 but not PHPP5 - please help!


Conjurer

Recommended Posts

I am trying to work through Welling/Thomson book on PHP/MySQL Web Development and am having trouble with the user authentication example.

This listing works for me in PHP version 4, but not in version 5.  Check these two links out, they are the same identical code, only difference is the extension which directs it to which version of PHP to interpret it. The login information should be "user" and "pass" for the username and password, respectively.
[hr]
This one works fine in php 4: [URL=http://www.testing.lane-consulting.com/16/http.php]PHP4 Version[/URL]
But in version 5 [b]it won't accept the authentication![/b] See:  [URL=http://www.testing.lane-consulting.com/16/http.php5]PHP5 Version[/URL]
[hr]
Is there something that needs to be activated to get the password to work in version 5?
???
I am wondering if it is this explode thing that is screwing it up?  Any thoughts?
PHP Code:
[code]
{
  list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
    explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
}[/code]


The full page listing follows. Any idea where I am going wrong? Been struggling with this all morning.  :'(

PHP Code:
[code]<?php

// if we are using IIS, we need to set $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW']
if (substr($_SERVER['SERVER_SOFTWARE'], 0, 9) == 'Microsoft' &&
    !isset($_SERVER['PHP_AUTH_USER']) &&
    !isset($_SERVER['PHP_AUTH_PW']) &&
    substr($_SERVER['HTTP_AUTHORIZATION'], 0, 6) == 'Basic ' )

{
  list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
    explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
}

// Replace this if statement with a database query or similar
if ($_SERVER['PHP_AUTH_USER'] != 'user' || $_SERVER['PHP_AUTH_PW'] != 'pass')
{
  // visitor has not yet given details, or their
  // name and password combination are not correct

  header('WWW-Authenticate: Basic realm="Real World Server"');
  if (substr($_SERVER['SERVER_SOFTWARE'], 0, 9) == 'Microsoft')
    header('Status: 401 Unauthorized');
  else
    header('HTTP/1.0 401 Unauthorized');

  echo '<h1>Go Away!</h1>';
  echo '<p>You are not authorized to view this resource.</p>';
  phpinfo();
}
else
{
  // visitor has provided correct details
  echo '<h1>Here it is!</h1>';
  echo '<p>I bet you are glad you can see this secret page.</p>';
 
  phpinfo();
}
?>[/code]

[B]
Thanks for any help or ideas! :confused:[/B]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.