Thanks you, There is no ['PHP_AUTH_USER'] nor ['PHP_AUTH_PW'] in var_dum()
I've asked the server administrator, He said he has installed a php security patch two days ago.
Could anyone tell me how to config the php server so that ['PHP_AUTH_USER'] and ['PHP_AUTH_PW'] can be access or avaliable to me and the web browser ????
By default the php.ini settings should enable all PHP scripts to use $_SERVER variables (i.e. values that are provided by Apache / IIS / whatever). AFAIK you can limit this by changing the php.ini's variables_order so that it doesn't include 'E'; or you can use some combination of safe_mode, safe_mode_allowed_vars and / or safe_mode_protected_vars to accomplish this as well. The manual says that all of these except for variables_order are PHP_INI_SYSTEM, so the only one of these settings that you can possibly change at runtime would be:
Within PHP it is sometimes possible to use getenv() to get the value of an environment variable. I don't have the time to test this but you might be able to try:
<?php
ini_set('variables_order', 'EGPCS');$user = getenv('PHP_AUTH_USER');
$pw = getenv('PHP_AUTH_PW');/** search this output for PHP_AUTH_USER or PHP_AUTH_PW */ var_dump($GLOBALS);
?>
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
