Check that username and password are present.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>

diff --git a/lib/base.php b/lib/base.php
index b0991307dda9bfbaa1999feb690e33d04e798462..1d9446856542e9e0779b2265bba16a04eea607ed 100644 (file)
--- a/lib/base.php
+++ b/lib/base.php
@@ -1077,10 +1077,12 @@ class OC {
                );
                foreach ($vars as $var) {
                        if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
-                               list($name, $password) = explode(':', base64_decode($matches[1]), 2);
-                               $_SERVER['PHP_AUTH_USER'] = $name;
-                               $_SERVER['PHP_AUTH_PW'] = $password;
-                               break;
+                               $credentials = explode(':', base64_decode($matches[1]), 2);
+                               if (count($credentials) === 2) {
+                                       $_SERVER['PHP_AUTH_USER'] = $credentials[0];
+                                       $_SERVER['PHP_AUTH_PW'] = $credentials[1];
+                                       break;
+                               }
                        }
                }
        }