httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christophe JAILLET <christophe.jail...@wanadoo.fr>
Subject [users@httpd] Re: Empty username causes internal server error
Date Sun, 28 Sep 2014 07:14:53 GMT
Hi,

Could you try with ' around the %s?
     SELECT password FROM member WHERE CONVERT(VARCHAR(10), 
member_Index) = '%s'
This way, if the username is empty, the request will still be valid.

CJ

Le 27/09/2014 22:23, Radek Pospíšil a écrit :
> Hello,
>
> I am using user authentication with the following components:
>
> Apache/2.4.10 (Win32) + mod_auth_basic + mod_authn_dbd + mod_dbd + ODBC Driver + Microsoft
SQL Server 2008(SP3).
>
> It works fine except when I do not provide any username when browser asks for username
and password. In this case I receive the "Internal Server Error" as the response instead of
"Unauthorized" response.
>
> The most interesting part of the error.log is:
>
> [Sat Sep 27 21:23:17.639860 2014] [authn_dbd:error] [pid 1208:tid 1636] [client 127.0.0.1:1363]
AH01656: Query execution error looking up '' in database [[dbd_odbc] SQLBindParameter returned
SQL_ERROR (-1) at apr_dbd_odbc.c:604 [Microsoft][ODBC SQL Server Driver]Invalid precision
value HY104 ]
>
> The AuthDBDUserPWQuery directive in my httpd.conf is:
>
> AuthDBDUserPWQuery "SELECT password FROM member WHERE CONVERT(VARCHAR(10), member_Index)
= %s"
>
> And the member_Index column in the database is smallint.
>
> Is it a bug or am I missing something? Any ideas are welcome.
>
> Thanx,
>
> Radek
> 		 	   		


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message