$_SERVER['PHP_AUTH_USER'] is empty

Question

I tried to update the php version of my VPS but it didn't work and my provider didn't help me well, so i downgrade it to the previous version.

I am now working with PHP 5.2.17 (cli). Everything was working properly in this version.

Since this upgrade and downgrade, the variable $_SERVER['PHP_AUTH_USER'] is empty. (In the php.ini, register_globals is 'on' and $_SERVER['PHP_SELF'] is properly working).

It ask me properly my username and password and i success to connect but i need to use $_SERVER['PHP_AUTH_USER'].

I tried $_SERVER['PHP_AUTH_USER'], $_SERVER['AUTH_USER'], $_SERVER['REMOTE_USER'] nut none is working. (but im never getting any error, just a blank value...)

Answer 1

I finally found the answer thanks to 'mbinette'.

In my PHP configuration, the handler of PHP 5 was CGI, and this type of authentication doesn't work with PHP CGI. So i changed it to suPHP (which is supposed to be the default one on APACHE).

Find here a post explaining a way to use CGI and PHP_AUTH, but i tried and it wasn't working.

Find here some explanations about php handlers

Answer 2

Is safe mode activated? That might be your problem...

As of PHP 4.3.0, in order to prevent someone from writing a script which reveals the password for a page that was authenticated through a traditional external mechanism, the PHP_AUTH variables will not be set if external authentication is enabled for that particular page and safe mode is enabled. Regardless, REMOTE_USER can be used to identify the externally-authenticated user. So, you can use $_SERVER['REMOTE_USER'].

Source: http://php.net/manual/en/features.http-auth.php