Check that username and password are present.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
author: Daniel Kesselberg <mail@danielkesselberg.de> 2020-02-23 18:53:17 +0100
committer: Daniel Kesselberg <mail@danielkesselberg.de> 2020-02-23 18:53:17 +0100
commit: 56efd687abf4551d782114175e0ff2567e16aad2 (patch)
tree: 8fb67b202320ed06a7fb2514df950a05664d9568 /lib/base.php
parent: baf386b5d8c8f96993b5c61457281f1921c11ac0 (diff)
download: nextcloud-server-56efd687abf4551d782114175e0ff2567e16aad2.tar.gz
nextcloud-server-56efd687abf4551d782114175e0ff2567e16aad2.zip
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/base.php b/lib/base.php
index b0991307dda..1d944685654 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -1077,10 +1077,12 @@ class OC {
 		);
 		foreach ($vars as $var) {
 			if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
-				list($name, $password) = explode(':', base64_decode($matches[1]), 2);
-				$_SERVER['PHP_AUTH_USER'] = $name;
-				$_SERVER['PHP_AUTH_PW'] = $password;
-				break;
+				$credentials = explode(':', base64_decode($matches[1]), 2);
+				if (count($credentials) === 2) {
+					$_SERVER['PHP_AUTH_USER'] = $credentials[0];
+					$_SERVER['PHP_AUTH_PW'] = $credentials[1];
+					break;
+				}
 			}
 		}
 	}
author	Daniel Kesselberg <mail@danielkesselberg.de>	2020-02-23 18:53:17 +0100
committer	Daniel Kesselberg <mail@danielkesselberg.de>	2020-02-23 18:53:17 +0100
commit	56efd687abf4551d782114175e0ff2567e16aad2 (patch)
tree	8fb67b202320ed06a7fb2514df950a05664d9568 /lib/base.php
parent	baf386b5d8c8f96993b5c61457281f1921c11ac0 (diff)
download	nextcloud-server-56efd687abf4551d782114175e0ff2567e16aad2.tar.gz nextcloud-server-56efd687abf4551d782114175e0ff2567e16aad2.zip