[nycphp-talk] NEW PHundamentals Question - HTTP Authentication
Tim Gales
tgales at tgaconnect.com
Sun Oct 24 13:33:21 EDT 2004
csnyder writes:
> But I think this is a PHundamental because of PHP's built-in
> support for requesting a username and password via Basic
> Authentication. The idea is that you put:
>
> header( 'WWW-Authenticate: basic realm="Members Only" ' );
> header( 'HTTP/1.0 401 Unauthorized' );
Perhaps it could be mentioned that if you use prepends or includes,
it might be wise to put in a check to see if the headers have
already been sent. Otherwise with error notification turned down low,
you might miss the fact that the headers you are trying to send
are not going out. Something like:
if (headers_sent($filename, $linenum)) {
trigger_error( "Problem: Headers already sent in $filename on line
$linenum ");
exit;
}
header( 'whatever...
And further it could be pointed out that it is a
*bad* practice (worse than usual) to use PHP versions
before 4.3.4, if you plan to use headers_sent.
see:
http://bugs.php.net/bug.php?id=25701
(if you move up to PHP 5 and you could use headers_list
http://us2.php.net/headers_list to see what's going on --
or will go on -- with headers)
T. Gales & Associates
'Helping People Connect with Technology'
http://www.tgaconnect.com
---
Outgoing mail checked
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.778 / Virus Database: 525 - Release Date: 10/15/2004
More information about the talk
mailing list