Patch is necessary :-)))
Rui Hirokawa wrote:
I checked this problem again,
and I found getallheaders() can have "authorization" even if safe_mode
is "On".
So, $_SERVER['PHP_AUTH_DIGEST'] in my patch is not necessary to use
with PEAR::Auth_HTTP and Apache.
I am not sure it is useful or not with ano
Great !
So we can except, that this patch wil be included in main distribution
of PHP (as core component) ?
Rui Hirokawa wrote:
> HTTP Digest Authorization is supported by PEAR::Auth_HTTP.
> But, as you said, it cannot be used when safe_mode = On.
>
> To solve this problem
I checked this problem again,
and I found getallheaders() can have "authorization" even if safe_mode
is "On".
So, $_SERVER['PHP_AUTH_DIGEST'] in my patch is not necessary to use
with PEAR::Auth_HTTP and Apache.
I am not sure it is useful or not with another SAPI such as ISAPI.
Rui
>
> HTTP Dig
HTTP Digest Authorization is supported by PEAR::Auth_HTTP.
But, as you said, it cannot be used when safe_mode = On.
To solve this problem,
I made a simple patch based on your suggestion based on php5 CVS HEAD.
Applying this patch, we can access $_SERVER['PHP_AUTH_DIGEST'] ,
w
Hi everybody,
I am looking for somebody, who can implement HTTP Digest Authorization
in PHP.
A solution, that could be useful also for many PHP users. (is more
secure and so more usable than Basic authorization)
"HTTP Basic Authorization" sends password only base64 encoded, and may
be easily st
