Richard Lynch wrote:
I could be *WAY* wrong, but I thought nobody ever bothered with Digest
Auth because, e.
It's not better/safer than HTTP Auth?
"HTTP Basic Authorization" send login:password in clear text (only
base64 encoded) so it can be 'eavesdropped'
in
"HTTP Digest Authorization" p
On Fri, March 18, 2005 6:24 am, LacaK said:
> When I try to use "HTTP Digest Authorization" using code like :
>
> Header( "HTTP/1.0 401 Unauthorized");
> Header( "WWW-Authenticate: Digest realm=\"www.myrealm.com\",
> opaque=\"opaque\", nonce=\"nonce\", stale=\"false\", qop=\"auth\"");
>
> brows
Hello,
When I try to use "HTTP Digest Authorization" using code like :
Header( "HTTP/1.0 401 Unauthorized");
Header( "WWW-Authenticate: Digest realm=\"www.myrealm.com\",
opaque=\"opaque\", nonce=\"nonce\", stale=\"false\", qop=\"auth\"");
browser returns in HTTP request Authorization header
> I am making an authorizatoin script for the control panel of a loggin
> system I have been writing. Here is what I have right now:
Well, if you copied and paste'd this, then I'm surprised that you don't get
a syntax error
> if (!$authorized) {
> header('Cache-Control: no-store, no-cach
> The problem is that if a user clicks cancel the control panel loads
> instead of the program dying. Why and how do I stop it?
Please provide more info -- like what do you mean by "if the user clicks
cancel".
-Dan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http:
I am making an authorizatoin script for the control panel of a loggin
system I have been writing. Here is what I have right now:
The problem is that if a user clicks cancel the control panel loads
instead of the program dying. Why and how do I stop it?
Thank you,
--
Kyle
--
PHP General Mail
On Thu, 13 Mar 2003 01:41:46 -0500, [EMAIL PROTECTED] wrote about
"[PHP] authorization" what the universal translator turned into this:
>The site has a mailing list, guestbook, & videos -
>when the user goes to access the guestbook and videos, I want to be able to
>check
The problem here is that most people work and do not have the time to
"help" out.
The best thing would to contract this portion out to the lowest bid.
--
Ray
On Wed, 2003-03-12 at 23:41, [EMAIL PROTECTED] wrote:
> Hello,
>
> I'm wonding if someone can please assist me with the following addi
Hello,
I'm wonding if someone can please assist me with the following addition I
would like to make to a music artists site using PHP.
The site has a mailing list, guestbook, & videos -
when the user goes to access the guestbook and videos, I want to be able to
check if they're signed-up to the m
You need to tell us what version of PHP you're running in both
environments... this should have been your first step -- detrmining the
difference between the two set-ups, basically using php_info().
My guess is that you're running PHP > 4.2 on the local machine, which has a
default setting of reg
I am using the folowing script for authorization:
$username = "test";
$password = "123";
function authenticate() {
Header( "WWW-authenticate: basic realm=\"Protected\"");
Header( "HTTP/1.0 401 Unauthorized");
echo "Gebruikersnaam en/of wachtwoord is niet goed ingevuld!\n";
exit;
}
f
Couldn't you use something like this:
header("Location: http://user:[EMAIL PROTECTED]/path/to/file.php";);
---John Holmes...
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 25, 2002 11:11 AM
> To: [EMAIL
On Thu, 25 Apr 2002 [EMAIL PROTECTED] wrote:
> does anybody know how to pass the correct username and password as a
> header to a directory with an .htaccess file.
>
> i tried
>
> header("Authorization: Basic username:password");
>
> like that and also where the username:password was base 64 en
does anybody know how to pass the correct username and password as a
header
to a directory with an .htaccess file.
i tried
header("Authorization: Basic username:password");
like that and also where the username:password was base 64 encoded and
it
isn't working.
thanks.
--
PHP General Mailin
I just have just found this article, that describes this technique:
http://apachetoday.com/mailprint.php3?action=pv<sn=2000-06-14-002-01-PS#SetEnvIf
Thank you all for your help. :-))
S
>From: Maxwell Hung <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: [PHP] I
[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: [PHP] Insecurity with PHP authorization
>Date: Tue, 7 Aug 2001 11:22:33 +0100 (BST)
>
>Hi Stefan
>
>You can do this
>
>#Add this httpd.conf N.B apache > 1.3.12
>SetEnvIfNoCase Referer "^http://www.mysite/
> -Original Message-
> From: Stefen Lars [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 07, 2001 3:03 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Insecurity with PHP authorization
>
>
> I do realize that if I were to place a .htaccess file in the
> roo
en Lars
> Cc: [EMAIL PROTECTED]
> Subject: Re: [PHP] Insecurity with PHP authorization
>
>
> If you don't have a very high load, then you could move all not-php-files
> out of htdocs-root and use a pseudo-root directory
> htdocs/../rawfiles as root
> for redirect.php.
&g
If you don't have a very high load, then you could move all not-php-files
out of htdocs-root and use a pseudo-root directory htdocs/../rawfiles as root
for redirect.php.
For example image.jpg is placed in htdocs/../rawfiles/images then access it
with /redirect.php?/images/image.jpg !
redirect.php
Hello all
I have just implemented a mySQL authorization: each html and php page checks
to see whether a user is logged in by checking a cookie in the user browser.
The user can log out and edit her profile (including password). If a page is
called without the user being logged in, he is presen
> [snip]
> >There is an ISAPI module.
> [snip]
>
> yes, which is more than unstable as I found... Using a good
> machine (2xXeon
> 550, 512 MB, NT4/SP6a/IIS4) it constantly crashed being a filter, and
> crashed being
At 06:48 28.01.2001, Rasmus Lerdorf said:
[snip]
>There is an ISAPI module.
[snip]
yes, which is more than unstable as I found... Using a good machine (2xXeon
550, 512 MB, NT4/SP6a/IIS4) it constantly crashed being a
e McBride" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Saturday, January 27, 2001 9:44 PM
> Subject: Re: [PHP] IIS and PHP authorization
>
>
> > If you are using the CGI version of PHP then this won't work. You can't
> > do HTTP auth f
I thought PHP would only run as CGI on IIS? Right now I'm trying to config
Apache.
- Original Message -
From: "Rasmus Lerdorf" <[EMAIL PROTECTED]>
To: "Shane McBride" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Saturday, January 27,
If you are using the CGI version of PHP then this won't work. You can't
do HTTP auth from the CGI version.
-Rasmus
On Sun, 28 Jan 2001, Shane McBride wrote:
> I finally got PHP, MySQL and Win2k installed after a long hard battle with a Promise
>Ultra/66 controller card. Now, PHP seems to work
I finally got PHP, MySQL and Win2k installed after a long hard battle with a Promise
Ultra/66 controller card. Now, PHP seems to work fine exceot when I have a script that
requires authorization, I never get the popup box to input the login and password.
Here's the script:
Any ideas?
TIA- S
26 matches
Mail list logo
