Preserved Topic: evil authorization

ok, so I'm trying to set up an administration page on my site with php, but it's being evil.
so here's the code:

<?
if(!isset($PHP_AUTH_USER)){
header("WWW-Authenticate: Basic realm=\"Administration\"");
header("HTTP/1.0 401 Unauthorized");
echo "Authorization Required.";
exit;
}
and then there's an else statement below that. I figured out that it messes up when it sends the 401 header, and I don't what to do, cause I'm doing exactly what I've seen in several places including php.net. Any help would be appreciated, and I need help soon, so please hurry.

http://www.kewlster.com

What happens?
and what server type?



.:[ The Tao of Steve ]:.
Be Desireless
Be Excellent
Be Gone
...................................

apache server,
it comes up with a 500 server error.
When I comment out the line talked about above, the error goes away, but of course the authorization box thing doesn't come up, cause the header isn't sent.

and this is what the error log has to say:
[Fri Mar 29 19:03:09 2002] [error] [client 207.202.205.244] malformed header from script. Bad header=HTTP/1.0 401 Unauthorized: c:/php/php.exe

OK I figured out the problem after looking some more at php.net. They really should make it clearer. But I ended up replacing that line with:
header("Status: 401 Unauthorized");
and it worked. Hurray.


http://www.kewlster.com

[This message has been edited by maninacan (edited 03-30-2002).]

[This message has been edited by maninacan (edited 03-30-2002).]

ok authorization sucks. I got it to pop up the box thing now, but it's not putting the entered username or password into the variables it's supposed to according to php.net. I saw that on the discussion about it on php.net many people where having problems, and they offered many solutions, none of which worked for me, any ideas????????????????????????????

http://www.kewlster.com

The first sentence in the PHP manual about HTTP authentication says:

--- start copy/paste ---
The HTTP Authentication hooks in PHP are only available when it is running as an Apache module and is hence not available in the CGI version.
--- end copy/paste ---

And you're running CGI version (php.exe). If you want to make it work you'll have to install PHP as Apache module...

how would I do that?

http://www.kewlster.com

Read PHP installation manual...

ok

http://www.kewlster.com

Just out of curiosity, I was attempting to search the PHP site for more info on this, but wasn't able to find anything. Anyone got some links on using this?

Nevermind - I found this: http://hotwired.lycos.com/webmonkey/00/05/index2a_page2.html?tw=programming

I don't know how you didn't find this...

http://www.php.net/manual/en/features.http-auth.php

Oh man....I need a vacation.

I tried searching for $PHP_AUTH_USER and WWW-Authenticate and came up empty.

Thanks!