kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fixing HTTP AUTH (was in test, now in production)

This commit is contained in:
Benjamin Sonntag 2015-06-16 14:38:00 +02:00
parent df31733d28
commit 06f77b057f
1 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
bureau/class/config.php
View File

@ -59,18 +59,18 @@ if (ini_get("safe_mode")) {
// For people who want to authenticate with HTTP AUTH // For people who want to authenticate with HTTP AUTH
if (isset($_GET['http_auth'])) $http_auth=strval($_GET['http_auth']); if (isset($_GET['http_auth'])) $http_auth=strval($_GET['http_auth']);
if (isset($http_auth) && $http_auth) { if (isset($http_auth)) {
if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) { if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
header('WWW-Authenticate: Basic realm="Test Authentication System"'); header('WWW-Authenticate: Basic realm="AlternC Authentication"');
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
exit(); exit();
} }
} }
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) { if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
// Gruiiik // Gruiiik
$_REQUEST["username"]=$_SERVER['PHP_AUTH_USER']; $_REQUEST["username"]=$_SERVER['PHP_AUTH_USER'];
$_REQUEST["password"]=$_SERVER['PHP_AUTH_PW']; $_REQUEST["password"]=$_SERVER['PHP_AUTH_PW'];
} }
// proper srand (not using time(), which is what PHP does!) // proper srand (not using time(), which is what PHP does!)
list($usec, $sec) = explode(" ", microtime()); list($usec, $sec) = explode(" ", microtime());
@ -179,6 +179,11 @@ $hooks=new m_hooks();
/* Check the User identity (if required) */ /* Check the User identity (if required) */
if (!defined('NOCHECK')) { if (!defined('NOCHECK')) {
if (!$mem->checkid()) { if (!$mem->checkid()) {
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
header('WWW-Authenticate: Basic realm="AlternC Authentication"');
header('HTTP/1.0 401 Unauthorized');
exit();
}
$error=$err->errstr(); $error=$err->errstr();
include("$root/admin/index.php"); include("$root/admin/index.php");
exit(); exit();