ID: 21326 Updated by: [EMAIL PROTECTED] -Summary: AUTH Info behaviour Reported By: [EMAIL PROTECTED] Status: Open Bug Type: Feature/Change Request Operating System: RHL7.3 PHP Version: 4.3.0 New Comment:
This was discussed quite a bit and that change was decided upon. In the future there may be a directive to turn this on or off despite safe_mode. So, I'm marking this as a feature request for that and changing the title to reflect it. And for the record, the docs had forever noted that mixing the two should never work despite the safe_mode setting. Regardless, you can always use REMOTE_USER to get the username so it sounds like that's what you want to do. It is available regardless of safe_mode setting. Previous Comments: ------------------------------------------------------------------------ [2003-01-01 22:34:51] [EMAIL PROTECTED] Quoting 4.3.0 changelog: > Make PHP_AUTH_* variables not available in safe mode under Apache when an external basic auth mechanism is used. (Philip) You cannot just change this behaviour. I don't think anyone asked for this either. While the reasoning for this change seems to be that you can't mix 2 authentication modes, you may still wish to authenticate using basic external auth, and then get the AUTH_USER name passed to PHP for further processing/dynamic content generation. Please restore old behaviour. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=21326&edit=1
