From bfd59bddf416dd43a77c67202ae1d57ab5a95b4a Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sat, 19 Jul 2014 02:16:28 +0200 Subject: Extract Auth Header logic into new function handleAuthHeaders(). --- lib/base.php | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) (limited to 'lib/base.php') diff --git a/lib/base.php b/lib/base.php index 95e3a30cdee..24381611001 100644 --- a/lib/base.php +++ b/lib/base.php @@ -472,26 +472,7 @@ class OC { @ini_set('post_max_size', '10G'); @ini_set('file_uploads', '50'); - //copy http auth headers for apache+php-fcgid work around - if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { - $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; - } - - // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary. - $httpAuthHeaderServerVars = array( - 'HTTP_AUTHORIZATION', // apache+php-cgi work around - 'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative - ); - foreach ($httpAuthHeaderServerVars as $httpAuthHeaderServerVar) { - if (isset($_SERVER[$httpAuthHeaderServerVar]) - && preg_match('/Basic\s+(.*)$/i', $_SERVER[$httpAuthHeaderServerVar], $matches) - ) { - list($name, $password) = explode(':', base64_decode($matches[1]), 2); - $_SERVER['PHP_AUTH_USER'] = strip_tags($name); - $_SERVER['PHP_AUTH_PW'] = strip_tags($password); - break; - } - } + self::handleAuthHeaders(); self::initPaths(); if (OC_Config::getValue('instanceid', false)) { @@ -812,6 +793,27 @@ class OC { return false; } + protected static function handleAuthHeaders() { + //copy http auth headers for apache+php-fcgid work around + if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) { + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION']; + } + + // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary. + $vars = array( + 'HTTP_AUTHORIZATION', // apache+php-cgi work around + 'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative + ); + foreach ($vars as $var) { + if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) { + list($name, $password) = explode(':', base64_decode($matches[1]), 2); + $_SERVER['PHP_AUTH_USER'] = strip_tags($name); + $_SERVER['PHP_AUTH_PW'] = strip_tags($password); + break; + } + } + } + protected static function handleLogin() { OC_App::loadApps(array('prelogin')); $error = array(); -- cgit v1.2.3