ID: 39324 Updated by: [EMAIL PROTECTED] Reported By: omikorn at yahoo dot com -Status: Open +Status: Feedback Bug Type: HTTP related Operating System: all PHP Version: 4.4.4 New Comment:
Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows: http://snaps.php.net/win32/php5.2-win32-latest.zip Previous Comments: ------------------------------------------------------------------------ [2006-10-31 17:16:01] omikorn at yahoo dot com URGENT, Please make this private or edit post and obfuscate the encoded credentials in my capture. ------------------------------------------------------------------------ [2006-10-31 17:06:19] omikorn at yahoo dot com Description: ------------ Ok there is a problem with URL wrappers when the remote server requires authentification. Reproduce code: --------------- Take file_get_contents for example: //example code $user="user"; $pass="somepassword"; $url = "www.whatever.com/members/messages.xml" $content = file_get_contents("http://$user:[EMAIL PROTECTED]"); $echo "Your new message is\n"; On the packet capture the things show like this: T 65.111.170.157:33470 -> 196.34.149.111:80 [AP] GET /members/messages.xml HTTP/1.0\r\n HTTP/1.0\r\n ## T 65.111.170.157:33470 -> 196.34.149.111:80 [AP] Authorization: Basic bWI1MTptYXJpbHluMw==\r\nHost: www.property24online.co.za\r\n\r\n Of course this failes. Wouldn't it be correct to pass the auth credentials _before_ the HTTP method is specified and more assign a temporary cookie? e.g: GET /members/messages.xml HTTP/1.0\r\n Authorization: Basic bWI1MTptYXJpbHluMw==\r\nHost: www.property24online.co.za\r\n HTTP/1.0\r\n\r\n ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=39324&edit=1
