header(WWW-Auth..... ??

[skottieb]

Hi,
Below is the following code with all the debugging code
still in there.
I enter what I KNOW is the right username/password, however
php dosent think so, The unam/pwd is stored in a plaing text
"auth.txt", with the "
username
newline
password
newline
newline

but php dose'nt seem to read them in properley, the method
im using has worked for POST VARS to scalar testing in another sript

here is the code:

<?php
header(&quot;

http://WWW-Authenticate:

Basic realm=\&quot;Lan/Game party Admin\&quot;&quot;
#header(&quot;HTTP/1.0 401 Unauthorized&quot;

$uname = $PHP_AUTH_USER;
$pword = $PHP_AUTH_PW;

if(($auth = file(&quot;auth.txt&quot) != NULL)
{
#trim(&quot;$auth&quot;, &quot;\n&quot;
$i = 0;
foreach($auth as $conf)
{
if($conf == &quot;\n&quot
{
continue;
}
#$pcnf = $auth[++$i];
print(&quot;$conf<br>&quot;
#($uconf, $pconf) = preg_split(/\n/, $conf[$i++]);

#trim(&quot;$conf&quot;, &quot;\n&quot;
#print(&quot;<br>$pcnf&quot;
if(&quot;$conf\n&quot; == $uname && &quot;$pcnf\n&quot; == $pword)
{
$confirmed=1;
?>

<b><i> IF SUCESS HTML OUTPUT HERE</i></b>

<?php
break;}}}
if($confirmed != 1)
{
?>


<b><i> UNSUCESSFUL OUTPUT HERE</i></b>

<?php
print(&quot;<br>$uname<br>$pword&quot;
$fp = fopen(&quot;auth.txt&quot;, &quot;a+&quot;
fputs($fp, &quot;$uname\n$pword\n\n&quot;

} ?>

skottieb

 

[DRJ478]

skottlieb,

I don't see you echoing the $PHP_AUTH_USER and password var. Do they contain what you expect?
It is probably safer to use them from the superglobal array as $_SERVER['PHP_AUTH_USER'] etc. in case register_globals is off.

Also, instead of trying to match the strings with attached newlines, get rid of them in all cases and compare the clean strings.

 

[skottieb]

If you look at he last bit of the snip you will see the

<b><i> UNSUCESSFUL OUTPUT HERE</i></b>

<?php
print(&quot;<br>$uname<br>$pword&quot;
$fp = fopen(&quot;auth.txt&quot;, &quot;a+&quot;
fputs($fp, &quot;$uname\n$pword\n\n&quot;

} ?>
this outpust the supplied username and passwrd to the
browser and a file..

The strange thing is auth.txt (or auth2.txt as it is now)
contains

newline
&quot;
&quot;
&quot;
uname
pword
newlineEOF
where do the 4 inital newlines come from??

skottieb

 

[DRJ478]

Ok.
Username and password are in the respective variables.
I think the trouble here has to do with what we don't see i.e. thje newlines. And it's not easy to inspect them, as the browser for example does not care if there are newlines, it just looks fine.

I'd recommend to read the entire file in a string and use a regular expression to extract username and password.

My theory about the four newlines is that you probably ran the script several times and the vars were not set and just the newlines were written. Since you specify a+ which adds to the existing file this seems to be the most probable explanation.

To check out any additional whitespace just echo out the strlen() of the vars retrieved from the file in compariosn to the $PHP_ vars.