为什么$ _ SERVER [" PHP_AUTH_USER"]和$ _ SERVER [" PHP_AUTH_PW"]没有设置? [英] Why are $_SERVER["PHP_AUTH_USER"] and $_SERVER["PHP_AUTH_PW"] not set?
问题描述
在我开始之前,我想指出的是,我已经浏览堆栈溢出,发现其他类似的问题 - 的 PHP_AUTH_USER没有设置?和 HTTP认证通过PHP - PHP_AUTH_USER没有设置 - 这些人也指出,如果'服务器API'设置为''CGI / FCGI''认证$ _ SERVER变量将不会被设置,但我检查了我的''的phpinfo()''输出和我的'服务器API'设置为''Apache 2.0的处理程序''。
Before I begin, I'd like to point out that I've browsed Stack Overflow and found other similar questions - PHP_AUTH_USER not set? and HTTP Auth via PHP - PHP_AUTH_USER not set? - and these have pointed out that the authentication $_SERVER variables won't be set if ''Server API'' is set to ''CGI/FCGI'', but I checked my ''phpinfo()'' output and my ''Server API'' is set to ''Apache 2.0 Handler''.
好了,所以我有一个简单的脚本如下:
Ok so I have a simple script as follows:
<?php
echo "Username: " . $_SERVER["PHP_AUTH_USER"] . ", Password: " . $_SERVER["PHP_AUTH_PW"];
?>
... ...这我通过以下远程调用:
... which I am calling remotely via the following:
wget -v --http-user=johnsmith --http-password=mypassword http://www.example.com/myscript.php
...但只能输出:
... but which only outputs:
Username: , Password:
我也打过电话使用PHP卷曲的脚本,并相应地设置认证参数如下:
I have also tried calling the script using PHP cURL and setting the authentication parameters appropriately as follows:
curl_setopt($ch, CURLOPT_USERPWD, "johnsmith:mypassword");
...但我得到了相同的输出之上。
... but I get the same output as above.
任何想法,我做错了什么?也许还有别的东西我需要启用/配置?
Any idea what I'm doing wrong? Perhaps there is something else I need to enable / configure?
推荐答案
我终于发现了答案感谢的Naktibalda的帮助,irc.freenode.net上## PHP
I've finally discovered the answer thanks to the of help of Naktibalda in ##php on irc.freenode.net
下面的页面汇总问题: http://php.net/manual /en/features.http-auth.php
The following page summarises the issue: http://php.net/manual/en/features.http-auth.php
要引用的相关位:
对于PHP 4.3.0,以prevent有人编写脚本来揭示这是通过传统的外部机制认证的页面上获取密码,PHP_AUTH变量不会如果启用外部身份验证设置对特定页面和安全模式被启用。但无论如何,REMOTE_USER可用于识别外部认证的用户。所以,你可以使用$ _ SERVER ['REMOTE_USER']
As of PHP 4.3.0, in order to prevent someone from writing a script which reveals the password for a page that was authenticated through a traditional external mechanism, the PHP_AUTH variables will not be set if external authentication is enabled for that particular page and safe mode is enabled. Regardless, REMOTE_USER can be used to identify the externally-authenticated user. So, you can use $_SERVER['REMOTE_USER'].
...
PHP用AuthType的presence来判断外部认证机制是否有效。
PHP uses the presence of an AuthType directive to determine whether external authentication is in effect.
这篇关于为什么$ _ SERVER [&QUOT; PHP_AUTH_USER&QUOT;]和$ _ SERVER [&QUOT; PHP_AUTH_PW&QUOT;]没有设置?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
