| nlopess@php.net 2006-10-16, 6:57 pm |
| ID: 39154
Updated by: nlopess@php.net
Reported By: thetrivialstuff at hotmail dot com
-Status: Open
+Status: Assigned
Bug Type: Documentation problem
Operating System: Irrelevant
PHP Version: Irrelevant
-Assigned To:
+Assigned To: nlopess
New Comment:
my example, I'll take a look.
Previous Comments:
------------------------------------------------------------------------
[2006-10-13 22:43:28] thetrivialstuff at hotmail dot com
Description:
------------
In the Digest Authentication example on this page:
<http://ca3.php.net/manual/en/features.http-auth.php>
The regular expression used for splitting the auth header is missing at
least one character. The script will fail if a url contains a question
mark '?'. A fix is to change the preg_match_all line to be:
preg_match_all('@(\w+)=(['"]?)([a-zA-Z0-9?=./\_-]+)\2@', $txt,
$matches, PREG_SET_ORDER);
Reproduce code:
---------------
see <http://ca3.php.net/manual/en/features.http-auth.php>, digest auth
example. copy & paste that code into a new file, then try to reach it
with something like (example URL):
http://<your web server>/<file>.php?some=parameter
Expected result:
----------------
I expect the example URL above to authenticate as usual.
Actual result:
--------------
It will never authenticate, because the http_digest_parse() function
returns false after failing to catch the "uri" parameter from the
browser response.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=39154&edit=1
|