3

EDIT: Problem isn't with PHP, I was using cURL wrong. Updated question to show problem I'm having with XHR.

Summary: Can't get username to PHP using XHR:

var xhr = Ti.Network.createHTTPClient();
xhr.timeout = 1000000;
xhr.open("GET","http://myapi.com/test", false, 'user', 'pass');
xhr.send();

And in my PHP script, I'm trying to access the username with this:

<?php print $_SERVER['PHP_AUTH_USER']; ?>

No matter what I try it's always empty.

Is there some PHP setting that I need to configure?

More info: PHP Version 5.2.13, Apache, MAMP

Improve this question
4
  • Did you try sending the WWW-Authenticate header? See the example at php.net/manual/en/features.http-auth.php Commented Feb 18, 2011 at 2:27
  • Have you checked to see if $_SERVER['HTTP_AUTHORIZATION'] is being set? Commented Feb 18, 2011 at 2:34
  • You also have tried a normal request, to verify that your XHR is working at all, right? I don't see you calling xhr.send() Commented Feb 18, 2011 at 2:49
  • Closing out this question for a better version here: stackoverflow.com/questions/5037405/… Commented Feb 18, 2011 at 3:50

1 Answer 1

Reset to default
2 
<script src="http://www.webtoolkit.info/djs/webtoolkit.base64.js"></script>
<script>
var xhr = Ti.Network.createHTTPClient();
xhr.timeout = 1000000;
xhr.onreadystatechange = function() {
    if (xhr.readyState != 4) return;
    alert('Server said: '+xhr.responseText);
};
xhr.open('GET', 'http://myapi.com/test', false);
xhr.setRequestHeader('Authorization', 'Basic ' + Base64.encode('user:pass') );
xhr.send('');
</script>

(For the sake of courtesy, you should download webtoolkit.base64.js and serve it from your own server.)

Keep in mind that you can't do cross-domain requests with XHR; your JavaScript and PHP have to be served from the same domain.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

$_SERVER['PHP_AUTH_USER'] can be empty if you are running php as CGI. Refer besthostratings.com/articles/http-auth-php-cgi.html
@dskanth: Yeah, I also saw that in the comments in the PHP docs. But apparently that wasn't the problem in this case. Personally, I think using Basic Auth is usually a poor strategy - a security risk, and generally causes extra headaches here and there.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.