Gene Steinberg
Well-known member
We are using PHP-FPM over Apache on all our domains on a Plesk 12.5 dedicated server,
All but two are using PHP 7.0.1 from the Pesk distribution without any problems.
Two, however, with XenForo forums, use a customized PHP script to access a private upgraded member area that is powered by Resource Manager. It connects to an RSS feed so members are alerted as to new posts (radio shows).
It works fine with PHP 5.6.16. But not with PHP 7.0.1. I cannot find anything anywhere that would guide me to figuring out what’s going on.
Are you able to at least point me in the right direction. I tried a Plesk tech I know and he couldn’t figure it out.
An HTTP directive is used as follows:
SetEnvIfNoCase Authorization "Basic ([a-z0-9=]+)" HTTP_AUTHORIZATION=$1
Here’s the PHP script (there are two versions, with different domains):
<?php
//this script will authenticate the user with XenAPI and show the RSS feed when logged in.
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode($_SERVER['HTTP_AUTHORIZATION']));
function curlit($url) {
$cURL = curl_init();
curl_setopt($cURL, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($cURL, CURLOPT_URL, $url);
curl_setopt($cURL, CURLOPT_HTTPGET, true);
curl_setopt($cURL, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Accept: application/json'
));
$result = curl_exec($cURL);
curl_close($cURL);
$json = json_decode($result, true);
return $json;
}
if (!isset($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_USER'])) {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print 'Not authorized';
exit;
} else {
$username = urlencode($_SERVER['PHP_AUTH_USER']);
$password = $_SERVER['PHP_AUTH_PW'];
// print 'Authorized';
$url = 'http://www.technightowl.com/forum/a...&username='.$username.'&password='.$password;
$curlResults = curlit($url);
if (isset($curlResults['hash'])) {
//see if this user belongs to the tech night owl plus group
$url = 'http://www.technightowl.com/forum/api.php?action=getUser&hash='.$username.':'.$curlResults['hash'];
$curlResults = curlit($url);
$primaryGroupID = $curlResults['user_group_id'];
$groupID = $curlResults['secondary_group_ids'];
$allowed = false;
$exploded = explode(',',$groupID);
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
$exploded = explode(',',$primaryGroupID);
if (!$allowed) {
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
}
if ($allowed) {
//user has logged in and is allowed access to the content
//display feed
header('Content-Type: application/xml; charset=utf-8');
$doc = new DOMDocument();
$doc->load('288h7su1ksh9.xml');
echo $doc->saveXML();
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "You must be a member of The Paracast+ to access this feed.\n";
exit;
}
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "Username or password is incorrect.\n";
exit;
}
}
?>
All but two are using PHP 7.0.1 from the Pesk distribution without any problems.
Two, however, with XenForo forums, use a customized PHP script to access a private upgraded member area that is powered by Resource Manager. It connects to an RSS feed so members are alerted as to new posts (radio shows).
It works fine with PHP 5.6.16. But not with PHP 7.0.1. I cannot find anything anywhere that would guide me to figuring out what’s going on.
Are you able to at least point me in the right direction. I tried a Plesk tech I know and he couldn’t figure it out.
An HTTP directive is used as follows:
SetEnvIfNoCase Authorization "Basic ([a-z0-9=]+)" HTTP_AUTHORIZATION=$1
Here’s the PHP script (there are two versions, with different domains):
<?php
//this script will authenticate the user with XenAPI and show the RSS feed when logged in.
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode($_SERVER['HTTP_AUTHORIZATION']));
function curlit($url) {
$cURL = curl_init();
curl_setopt($cURL, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($cURL, CURLOPT_URL, $url);
curl_setopt($cURL, CURLOPT_HTTPGET, true);
curl_setopt($cURL, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Accept: application/json'
));
$result = curl_exec($cURL);
curl_close($cURL);
$json = json_decode($result, true);
return $json;
}
if (!isset($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_USER'])) {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print 'Not authorized';
exit;
} else {
$username = urlencode($_SERVER['PHP_AUTH_USER']);
$password = $_SERVER['PHP_AUTH_PW'];
// print 'Authorized';
$url = 'http://www.technightowl.com/forum/a...&username='.$username.'&password='.$password;
$curlResults = curlit($url);
if (isset($curlResults['hash'])) {
//see if this user belongs to the tech night owl plus group
$url = 'http://www.technightowl.com/forum/api.php?action=getUser&hash='.$username.':'.$curlResults['hash'];
$curlResults = curlit($url);
$primaryGroupID = $curlResults['user_group_id'];
$groupID = $curlResults['secondary_group_ids'];
$allowed = false;
$exploded = explode(',',$groupID);
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
$exploded = explode(',',$primaryGroupID);
if (!$allowed) {
foreach ($exploded as $group) {
if (($group == '3') || ($group == '4') || ($group == '5') || ($group == '8') || ($group == '9') || ($group == '10')) {
$allowed = true;
}
}
}
if ($allowed) {
//user has logged in and is allowed access to the content
//display feed
header('Content-Type: application/xml; charset=utf-8');
$doc = new DOMDocument();
$doc->load('288h7su1ksh9.xml');
echo $doc->saveXML();
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "You must be a member of The Paracast+ to access this feed.\n";
exit;
}
} else {
header("WWW-Authenticate: Basic realm=\"Private Area\"");
header("HTTP/1.0 401 Unauthorized");
print "Username or password is incorrect.\n";
exit;
}
}
?>