Apache Friends Support Forum

I've installed the last version of xampp for windows (XP) on C: directory (C:\xampp) without installer. I've executed setup-xampp.bat and then the xampp_start.exe. All works fine (db, php pages, etc) but I can't use any protected page with authentication.

My authentication page is like this:

<?php

if(!isset($PHP_AUTH_USER) || $PHP_AUTH_USER=="" || $PHP_AUTH_PW=="") {
pone();
} else {
$pasado=false;
if ($PHP_AUTH_USER=='user01' && $PHP_AUTH_PW =='passw$01'|| $PHP_AUTH_USER=='admin' && $PHP_AUTH_PW =='superadmin?01' ){
session_start();
$_SESSION['tipo']=99;
header ('location:menu.php');
exit;
}


if ($pasado==false){
//session_destroy();
unset($PHP_AUTH_USER);
unset($PHP_AUTH_USER);

pone();


}
exit;

}

function pone(){
Header("WWW-Authenticate: Basic realm=\"Inscripcions al Congrés\"");
Header("HTTP/1.0 401 Unauthorized");
echo "No ha entrado un nombre de usuario o contraseña correcta";
echo "<p>";
echo "<a href=localhost/congres/manteniment'>Volver a intentar</a>";
exit;
}

?>

This page is named "index.php" in "manteniment" directory. Well, when I go here (localhost/congres/manteniment/index.php) comes the window for username and password. I write 'user01' and 'passw$01' but the system doesn't accept it.

This script works fine with an other computer (xp too) and an older version of xampp (I think it's a 1.4.x version)

Why this script doesn't work now?
Thanks.

Use a higher level for error_reporting and you can see, that you are using a lot undefined variables.

BTW:
You can consult the PHP-manual: "Chapter 34. HTTP authentication with PHP"

I'm sorry, but I don't know very much about php or system variables.
How can I use a higher level for error_reporting? I've consulted the PHP-Manual, chapter 34, but I can't see anything which is wrong on this script. And I don't understand why it works perfectly on xampp 1.4.x version and doesn't work on this one (1.5.2) -I haven't changed anything-.
What undefined variables are using? How can I define them?
I've tried with some other authentication scripts found on "hotscripts.com", but they don't work either. When I write the username and the password, always come back and ask it again (the same that my http authentication script). I'm very confused and I don't know what to do to work locally on my site again.
Can it be the OS configuration? What?

Thanks.

How can I use a higher level for error_reporting?

Change this setting in "php.ini". Or put this line as 1st line in your script:

Code: Select all

error_reporting(E_ALL);

BTW:
You can find this in the PHP manual if you use the manual search function with the word "error_reporting". (You have really read the manual?)

I've consulted the PHP-Manual, chapter 34, but I can't see anything which is wrong on this script.

Then you must read more carefully...

One example:
There is no variable "$PHP_AUTH_USER". But "$_SERVER['PHP_AUTH_USER']" exists.

There is no variable "$PHP_AUTH_USER". But "$_SERVER['PHP_AUTH_USER']" exists.

I've used it in my script, but it doesn't work either.

Finally I've found what it happened. I've compared the settings in phpinfo() between xampp 1.4.x version and the 1.5.2 version. There is a core variable (register_globals) which is On in 1.4.x version, but Off in 1.5.2 version. I've changed the value of register_globals to On in php.ini (in apache\bin folder), and now it works perfectly (after restart Apache). Now this variables ($php_auth_user, etc) are well defined.

Thank you very much for your help.

I've used it in my script, but it doesn't work either.

Sure, you must change all wrong variables. Not only this one.

I've changed the value of register_globals to On in php.ini

And with the next PHP major release your script stop works forever...

Why want you use an old syntax and not the correct one?
--> With the correct syntax your script is independend from the server settings!

I don't want to use the old syntax; it 's the one that I know. I ask because I don't know it. I'll study the correct one to make it better.
Thanks.