diff options
| author | Andreas Fischer <bantu@owncloud.com> | 2014-07-19 02:16:28 +0200 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2014-07-22 15:39:33 +0200 |
| commit | 9be9e777c2775118f19699ea3282294525930468 (patch) | |
| tree | 8f8be539d0edbf9267dd65f10cf1ef3bf2cf0e16 /lib | |
| parent | 0e732982ae73ce37a824b10879ea9d2aae1dd73f (diff) | |
| download | nextcloud-server-9be9e777c2775118f19699ea3282294525930468.tar.gz nextcloud-server-9be9e777c2775118f19699ea3282294525930468.zip | |
Extract Auth Header logic into new function handleAuthHeaders().
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/lib/base.php b/lib/base.php index 95e3a30cdee..24381611001 100644 --- a/lib/base.php +++ b/lib/base.php @@ -472,26 +472,7 @@ class OC { @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); - //copy http auth headers for apache+php-fcgid work around - if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { - $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; - } - - // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary. - $httpAuthHeaderServerVars = array( - 'HTTP_AUTHORIZATION', // apache+php-cgi work around - 'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative - ); - foreach ($httpAuthHeaderServerVars as $httpAuthHeaderServerVar) { - if (isset($_SERVER[$httpAuthHeaderServerVar]) - && preg_match('/Basic\s+(.*)$/i', $_SERVER[$httpAuthHeaderServerVar], $matches) - ) { - list($name, $password) = explode(':', base64_decode($matches[1]), 2); - $_SERVER['PHP_AUTH_USER'] = strip_tags($name); - $_SERVER['PHP_AUTH_PW'] = strip_tags($password); - break; - } - } + self::handleAuthHeaders(); self::initPaths(); if (OC_Config::getValue('instanceid', false)) { @@ -812,6 +793,27 @@ class OC { return false; } + protected static function handleAuthHeaders() { + //copy http auth headers for apache+php-fcgid work around + if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; + } + + // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary. + $vars = array( + 'HTTP_AUTHORIZATION', // apache+php-cgi work around + 'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative + ); + foreach ($vars as $var) { + if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) { + list($name, $password) = explode(':', base64_decode($matches[1]), 2); + $_SERVER['PHP_AUTH_USER'] = strip_tags($name); + $_SERVER['PHP_AUTH_PW'] = strip_tags($password); + break; + } + } + } + protected static function handleLogin() { OC_App::loadApps(array('prelogin')); $error = array(); |