Basic Authentication Issue.

google-code-export / google-checkout-oscommerce

Automatically exported from code.google.com/p/google-checkout-oscommerce

1 stars 0 forks source link

Basic Authentication Issue. #25

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

This is more of a question then a problem. I have managed to get GC 
installed. I am seeing one error that I know that is a easy fix, but have 
been unable to find the answer. 

In the responcehandler.php under //Parse the HTTP header to verify the 
source. there are 2 values there HTTP_SERVER_VARS and HTTP_SERVER_VARS. 
These values are comming up blank. I know i am missing something, just 
have not been able to find it. reading some of the fourms, there are 
people suggesting to disable this section, I do not wish to do that.

I was wondering if you might know what I am missing. 

Thx.

if(isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) && isset($HTTP_SERVER_VARS
['PHP_AUTH_PW'])) {
  $compare_mer_id = $HTTP_SERVER_VARS['PHP_AUTH_USER']; 
  $compare_mer_key = $HTTP_SERVER_VARS['PHP_AUTH_PW'];
}
else {
  error_func("HTTP Basic Authentication failed.\n");
  exit(1);
}

Original issue reported on code.google.com by rex.new...@gmail.com on 16 Feb 2007 at 4:06

GoogleCodeExporter commented 9 years ago

Just a side note, f I change the code in the responcehandler to the following:

//Parse the HTTP header to verify the source.
  $compare_mer_id = xxxxxxxxxxxxxxxxxx;  <- My merchant ID
  $compare_mer_key = xxxxxxxxxxxxxxxxx;  <- My merchant key
  $googlepayment = new googlecheckout();
  $merchant_id =  $googlepayment->merchantid;
  $merchant_key = $googlepayment->merchantkey;

  if($compare_mer_id != $merchant_id || $compare_mer_key != $merchant_key) {
    error_func("HTTP Basic Authentication failed by comparison!!.\n 
merchant_id=$merchant_id\n compare_mer_id=$compare_mer_id\n 
merchant_key=$merchant_key\n compare_merchant_key=$compare_mer_key\n");
    exit(1);
  }

This gets passed the HTTP Basic Authentication failed. Not sure but I think 
this may 
be a security issue, this is why I have posted the question above.

Original comment by rex.new...@gmail.com on 16 Feb 2007 at 4:54

GoogleCodeExporter commented 9 years ago

rex.newton

Yes in fact that is a problem with PHP installations over CGI. Basic 
Authentication
is not supported.

For this im working on a .htaccess way of authenticate. 

Im going to publish the solution in the forum.

you can try with the file im attaching 

ropu

Original comment by rovagn...@gmail.com on 19 Feb 2007 at 5:43

Changed title: _Basic Authentication Issue. _
Changed state: Accepted
Added labels: Type-Other
Removed labels: Type-Defect

Attachments:

htaccess.php

GoogleCodeExporter commented 9 years ago

update to version v1.2rc2

this issue is solved

ropu

Original comment by rovagn...@gmail.com on 2 Mar 2007 at 1:37

Changed state: Verified