PHP_AUTH_USER not set?

php http-authentication
Newbie_25 picture Newbie_25 · Sep 8, 2010 · Viewed 68.8k times · Source

For some reason, none of the code within

if (isset($_SERVER['PHP_AUTH_USER']) &&
    isset($_SERVER['PHP_AUTH_PW']))

{



// When the above is set, the code that is here will execute of course

}

is being executed for me. When I enter the correct username and password, the prompt box for the authorization again pops up. Wouldn't both fields be 'set' if they are correct and I press enter? But for some reason that is not the case. What can I be doing wrong? Thank you.

Answer

ChrisV picture ChrisV · Oct 17, 2011

There is a 'sensible way' to use HTTP Basic Auth in CGI-mode PHP: in the .htaccess use 

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

and in the PHP use

list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = 
  explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));

Related questions

How can I use Basic HTTP Authentication in PHP?

I'm trying to use Basic HTTP Authentication and followed the example on the PHP manual page. But it doesn't work for me. The variable $_SERVER['PHP_AUTH_USER'] doesn't seem to be set. When a user try to log in, …

Read More
PHP CURL returns nothing

function ParseUrl($URL) { $crl = curl_init(); curl_setopt ($crl, CURLOPT_URL, $URL); curl_setopt ($crl, CURLOPT_PORT, 8086); curl_setopt ($crl, CURLOPT_USERPWD, "admin:pass"); curl_setopt ($crl, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($crl, CURLOPT_CONNECTTIMEOUT, 5); $ret = curl_exec($crl); curl_close($…

Read More
How to show an image which is secured by http authentication

How can i show an image from a server with standard http protection without showing the authentication window? I now use standard html <img src="..."> but because the image is protected this asks for an authentication window. I …

Read More