fgetcsv() not respecting $enclosure

StackOverflow https://stackoverflow.com/questions/14530989

  •  05-03-2022
  •  | 
  •  

Question

I'm working on a script talking to an SMTP server via Sockets, and I'm trying to implement DIGEST-MD5 authentication, but I'm having trouble parsing the string that gets sent back after the AUTH command.

After a base64_decode() it looks like:

realm="smtp.domain.net",nonce="AJRUc5Jx0UQbv5SJ9FoyUnaZpqZIHDhLTU+Awn/K0Uw=",qop="auth,auth-int",charset=utf-8,algorithm=md5-sess

I wanted to use str_getcsv(), but the server is still on PHP 5.2, so I got the following code from the comments on PHP.net, and it looks just fine:

<?php
if (!function_exists('str_getcsv')) {
        function str_getcsv($input, $delimiter=',', $enclosure='"', $escape=null, $eol=null) {
                $temp=fopen("php://memory", "rw");
                fwrite($temp, $input);
                fseek($temp, 0);
                $r = array();
                while (($data = fgetcsv($temp, 4096, $delimiter, $enclosure)) !== false) {
                        $r[] = $data;
                }
                fclose($temp);
                return $r;
        }
}

But it returns the following:

array (
  0 =>
  array (
    0 => 'realm="smtp.domain.net"',
    1 => 'nonce="2PuESkmrNzGu/5b8N6eIYQoW7mSlScnYAB/PSYebkYo="',
    2 => 'qop="auth',
    3 => 'auth-int"',
    4 => 'charset=utf-8',
    5 => 'algorithm=md5-sess',
  ),
)

Note that indexes 2 and 3 should be a single qop="auth,auth-int".

On writing this I realized that maybe fgetcsv() expects that the $enclosure character contain the entire field and not just part of it, but in that case I have to idea how to properly parse this string.

Was it helpful?

Solution

In my googlings for 'PHP DIGEST-MD5' I've come across a patch for another project that deals with the same format string with the folowing line:

preg_match_all('/(\w+)=(?:"([^"]*)|([^,]*))/', $challenge, $matches);

Which gives me:

array (
  0 =>
  array (
    0 => 'realm="smtp.domain.net',
    1 => 'nonce="AJRUc5Jx0UQbv5SJ9FoyUnaZpqZIHDhLTU+Awn/K0Uw=',
    2 => 'qop="auth,auth-int',
    3 => 'charset=utf-8',
    4 => 'algorithm=md5-sess',
  ),
  1 =>
  array (
    0 => 'realm',
    1 => 'nonce',
    2 => 'qop',
    3 => 'charset',
    4 => 'algorithm',
  ),
  2 =>
  array (
    0 => 'smtp.domain.net',
    1 => 'AJRUc5Jx0UQbv5SJ9FoyUnaZpqZIHDhLTU+Awn/K0Uw=',
    2 => 'auth,auth-int',
    3 => '',
    4 => '',
  ),
  3 =>
  array (
    0 => '',
    1 => '',
    2 => '',
    3 => 'utf-8',
    4 => 'md5-sess',
  ),
)

Then I can fill out a useful array with this loop:

$authvars = array();
foreach( $auth_matches[1] as $key => $val ) {
    if( !empty($auth_matches[2][$key]) ) {
        $authvars[$val] = $auth_matches[2][$key];
    } else {
        $authvars[$val] = $auth_matches[3][$key];
    }
}

Which gives me:

array (
  'realm' => 'ns103.zabco.net',
  'nonce' => 'xITX1qgqlCDmYX6IrctN0WZRx7+Q4W7jjaXCCeUZnU8=',
  'qop' => 'auth,auth-int',
  'charset' => 'utf-8',
  'algorithm' => 'md5-sess',
)

It's not exactly pretty, but it gets the job done.

OTHER TIPS

$decodedString = 'realm="smtp.domain.net",nonce="AJRUc5Jx0UQbv5SJ9FoyUnaZpqZIHDhLTU+Awn/K0Uw=",qop="auth,auth-int",charset=utf-8,algorithm=md5-sess';

parse_str(preg_replace('/(?:(")(.*?)("))?,(?:(")(.*?)("))?/','$1$2$3&$4$5$6',$decodedString), $values);
var_dump($values);

If you want to get rid of the quotes around the resultant array values as well, use

$values = array_map(
    function ($value) {
        return trim($value,'"');
    },
    $values
);
var_dump($values);
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top