summaryrefslogtreecommitdiffstats
path: root/lib/base.php
diff options
context:
space:
mode:
authorAndreas Fischer <bantu@owncloud.com>2014-07-19 02:16:28 +0200
committerAndreas Fischer <bantu@owncloud.com>2014-07-19 02:21:18 +0200
commitbfd59bddf416dd43a77c67202ae1d57ab5a95b4a (patch)
treeb0dce27c3f8e16ea1228fe8e337f2fe5429e7c0c /lib/base.php
parentfafed17c605e1c30850337ccc2f2c0e05ac65e75 (diff)
downloadnextcloud-server-bfd59bddf416dd43a77c67202ae1d57ab5a95b4a.tar.gz
nextcloud-server-bfd59bddf416dd43a77c67202ae1d57ab5a95b4a.zip
Extract Auth Header logic into new function handleAuthHeaders().
Diffstat (limited to 'lib/base.php')
-rw-r--r--lib/base.php42
1 files changed, 22 insertions, 20 deletions
diff --git a/lib/base.php b/lib/base.php
index 95e3a30cdee..24381611001 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -472,26 +472,7 @@ class OC {
@ini_set('post_max_size', '10G');
@ini_set('file_uploads', '50');
- //copy http auth headers for apache+php-fcgid work around
- if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
- $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
- }
-
- // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
- $httpAuthHeaderServerVars = array(
- 'HTTP_AUTHORIZATION', // apache+php-cgi work around
- 'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
- );
- foreach ($httpAuthHeaderServerVars as $httpAuthHeaderServerVar) {
- if (isset($_SERVER[$httpAuthHeaderServerVar])
- && preg_match('/Basic\s+(.*)$/i', $_SERVER[$httpAuthHeaderServerVar], $matches)
- ) {
- list($name, $password) = explode(':', base64_decode($matches[1]), 2);
- $_SERVER['PHP_AUTH_USER'] = strip_tags($name);
- $_SERVER['PHP_AUTH_PW'] = strip_tags($password);
- break;
- }
- }
+ self::handleAuthHeaders();
self::initPaths();
if (OC_Config::getValue('instanceid', false)) {
@@ -812,6 +793,27 @@ class OC {
return false;
}
+ protected static function handleAuthHeaders() {
+ //copy http auth headers for apache+php-fcgid work around
+ if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
+ $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
+ }
+
+ // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
+ $vars = array(
+ 'HTTP_AUTHORIZATION', // apache+php-cgi work around
+ 'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
+ );
+ foreach ($vars as $var) {
+ if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
+ list($name, $password) = explode(':', base64_decode($matches[1]), 2);
+ $_SERVER['PHP_AUTH_USER'] = strip_tags($name);
+ $_SERVER['PHP_AUTH_PW'] = strip_tags($password);
+ break;
+ }
+ }
+ }
+
protected static function handleLogin() {
OC_App::loadApps(array('prelogin'));
$error = array();