Facebook
Twitter
Gene Steinberg
Regular Pleskian
I have installed PHP 7.0.1, with the latest Plesk 12.5.x update. Most of my domains work well. I had to update a couple of WordPress plugins, a trivial matter.
Performance is noticeably better.
But I also have two domains with forums that have private/upgraded areas where we distributed some of our radio shows. We use an authenticated RSS feed (requires member name and password) based on a PHP script. With some help from the forums, we got it to work with PHP 5.6.16 and PHP-FPM over Apache.
When I switch to PHP 7.0.1, however, same setting otherwise, authentication fails. Anyone knowledgeable in PHP 7 differences who might look over our script and explain what needs to be changed? (We're back to PHP 5.6.16 until this is sorted out.)
An HTTP directive is used as follows:
SetEnvIfNoCase Authorization "Basic ([a-z0-9=]+)" HTTP_AUTHORIZATION=$1
Here’s the PHP script (there are two versions, with different domains):
<?php
//this script will authenticate the user with XenAPI and show the RSS feed when logged in.
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode($_SERVER['HTTP_AUTHORIZATION']));
function curlit($url) {
$cURL = curl_init();
curl_setopt($cURL, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($cURL, CURLOPT_URL, $url);
curl_setopt($cURL, CURLOPT_HTTPGET, true);
curl_setopt($cURL, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Accept: application/json'
));
$result = curl_exec($cURL);
curl_close($cURL);
$json = json_decode($result, true);
return $json;
}
if (!isset($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_USER'])) {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print 'Not authorized';
exit;
} else {
$username = urlencode($_SERVER['PHP_AUTH_USER']);
$password = $_SERVER['PHP_AUTH_PW'];
// print 'Authorized';
$url = 'http://www.technightowl.com/forum/a...&username='.$username.'&password='.$password;
$curlResults = curlit($url);
if (isset($curlResults['hash'])) {
//see if this user belongs to the tech night owl plus group
$url = 'http://www.technightowl.com/forum/api.php?action=getUser&hash='.$username.':'.$curlResults['hash'];
$curlResults = curlit($url);
$primaryGroupID = $curlResults['user_group_id'];
$groupID = $curlResults['secondary_group_ids'];
$allowed = false;
$exploded = explode(',',$groupID);
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
$exploded = explode(',',$primaryGroupID);
if (!$allowed) {
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
}
if ($allowed) {
//user has logged in and is allowed access to the content
//display feed
header('Content-Type: application/xml; charset=utf-8');
$doc = new DOMDocument();
$doc->load('288h7su1ksh9.xml');
echo $doc->saveXML();
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "You must be a member of The Paracast+ to access this feed.\n";
exit;
}
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "Username or password is incorrect.\n";
exit;
}
}
?>
Peace,
Gene
Performance is noticeably better.
But I also have two domains with forums that have private/upgraded areas where we distributed some of our radio shows. We use an authenticated RSS feed (requires member name and password) based on a PHP script. With some help from the forums, we got it to work with PHP 5.6.16 and PHP-FPM over Apache.
When I switch to PHP 7.0.1, however, same setting otherwise, authentication fails. Anyone knowledgeable in PHP 7 differences who might look over our script and explain what needs to be changed? (We're back to PHP 5.6.16 until this is sorted out.)
An HTTP directive is used as follows:
SetEnvIfNoCase Authorization "Basic ([a-z0-9=]+)" HTTP_AUTHORIZATION=$1
Here’s the PHP script (there are two versions, with different domains):
<?php
//this script will authenticate the user with XenAPI and show the RSS feed when logged in.
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode($_SERVER['HTTP_AUTHORIZATION']));
function curlit($url) {
$cURL = curl_init();
curl_setopt($cURL, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($cURL, CURLOPT_URL, $url);
curl_setopt($cURL, CURLOPT_HTTPGET, true);
curl_setopt($cURL, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Accept: application/json'
));
$result = curl_exec($cURL);
curl_close($cURL);
$json = json_decode($result, true);
return $json;
}
if (!isset($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_USER'])) {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print 'Not authorized';
exit;
} else {
$username = urlencode($_SERVER['PHP_AUTH_USER']);
$password = $_SERVER['PHP_AUTH_PW'];
// print 'Authorized';
$url = 'http://www.technightowl.com/forum/a...&username='.$username.'&password='.$password;
$curlResults = curlit($url);
if (isset($curlResults['hash'])) {
//see if this user belongs to the tech night owl plus group
$url = 'http://www.technightowl.com/forum/api.php?action=getUser&hash='.$username.':'.$curlResults['hash'];
$curlResults = curlit($url);
$primaryGroupID = $curlResults['user_group_id'];
$groupID = $curlResults['secondary_group_ids'];
$allowed = false;
$exploded = explode(',',$groupID);
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
$exploded = explode(',',$primaryGroupID);
if (!$allowed) {
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
}
if ($allowed) {
//user has logged in and is allowed access to the content
//display feed
header('Content-Type: application/xml; charset=utf-8');
$doc = new DOMDocument();
$doc->load('288h7su1ksh9.xml');
echo $doc->saveXML();
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "You must be a member of The Paracast+ to access this feed.\n";
exit;
}
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "Username or password is incorrect.\n";
exit;
}
}
?>
Peace,
Gene