[SOLVED] HTTP authentication fails after version upgrade

[routinet]

Upgraded from PHP~4.3 to PHP5.2, and my app broke because $_SERVER['PHP_AUTH_USER'] is not being populated.  The 'PHP_AUTH_PW' index is blank also.  I've read that the population of these two particular keys is dependent on the server, but the server type/version did not change (Apache 2.0.52).

 

How can I get these back?  Or where I can find replacements?  I'm open to using MySQL for the job (that's where the .htaccess list comes from anyways...), but I could not get the MySQL auth method to work before...I'll need hand-holding.

[per1os]

It is probably in the php.ini configuration or it was depreciated in php.

 

Search the php.net website for the PHP_AUTH_USER, I bet someone already answered this question there.

 

--FrosT

[routinet]

Been there, done that:  http://bugs.php.net/bug.php?id=29132

 

But that applies to 5.0.0, and I found no other similar reports.  I'm using 5.2, safe_mode is off, the auth type is Basic, the SSL username/password is being accepted, but still no PHP_AUTH_USER or PHP_AUTH_PW.  I do have AUTH_TYPE and REMOTE_USER populated, but I need the password...

[routinet]

It's safe mode.

 

I only checked php.ini previously.  Both the current and the backup show safe_mode=off.  I was examining phpinfo() for some other clues when I noticed my local safe_mode was 'on', even though the master was 'off'.  `grep -r 'safe_mode' /*` returned only one listing for safe_mode=on, and that was in Plesk.  The MySQL upgrade required I upgrade Plesk also, 7.5.4 to 8.1.  The new version includes a per-domain setting to enable PHP's safe mode.  The default is 'on', and it overrides the system php.ini.

 

Problem solved.    Thanks for the input, though.