I'm having a problem when using 1&1 hosting, where I cannot get HTTP Authentication to work. The following is a simple bit of code from php.net that should echo the username and password you input. This works fine on my home dev server, but when I use it on 1&1 it just keeps the username/password dialog coming up over and over until you press cancel. PHP: if ($_SERVER['PHP_AUTH_USER'] == "") { header('WWW-Authenticate: Basic realm="My Realm"'); header('HTTP/1.0 401 Unauthorized'); echo 'Text to send if user hits Cancel button'; exit; } else { echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>"; echo "<p>You entered {$_SERVER['PHP_AUTH_PW']} as your password.</p>"; } I was wondering if anyone else had come across the same problem, and if so how did you get around it? Ta.
This means that 1&1 are running PHP in safe mode. I think you can use something like $_SERVER['REMOTE_USER'] instead but don't quote me on that
Finally got a reply from them and they said it's because they run PHP as a cgi instead of as an Apache module. Oh well...
normally when its as CGI istead of apache module, its slower, but run in unsafe mode? With my first PHP enabled ISP (Freedom2Surf) i had to use a CGI entry point to avoid safemode? Do you think thats what they ment. if its CGI mode at present you'll have to have like #!/bin/php or something at the top of each file.
hmm i think you could work around this, if you have a .htaccess you can make it parse that, but i can't remeber hwo you dupe it into parsing a PHP file. It can be done. Another way would be to force apache to always show the auth box, this can be done with a .htaccess again, that way, it will let them run the PHP script with whatever you type, but i think you can still get the variables. I think.
