diff options
| author | Michael Hamann <michael@content-space.de> | 2010-12-27 22:53:18 +0100 |
|---|---|---|
| committer | Michael Hamann <michael@content-space.de> | 2011-01-15 12:29:02 +0100 |
| commit | b2665af72cdba76ca409b7e00e150746f2f83ced (patch) | |
| tree | 80ca5835bc7051695869369626ae25ef1db42766 /inc/auth.php | |
| parent | 0c94c420c9dc14fc16700de5cca04959ca38e2c1 (diff) | |
| download | rpg-b2665af72cdba76ca409b7e00e150746f2f83ced.tar.gz rpg-b2665af72cdba76ca409b7e00e150746f2f83ced.tar.bz2 | |
Handle renamed authorization variables
Sometimes (when using rewriting with the workaround for CGI mode
described at
http://www.besthostratings.com/articles/http-auth-php-cgi.html) the
HTTP_AUTHORIZATION variable is renamed, this change detects this
renaming and uses the renamed variable.
Diffstat (limited to 'inc/auth.php')
| -rw-r--r-- | inc/auth.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/inc/auth.php b/inc/auth.php index 5cdcec830..38d1c925d 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -70,6 +70,12 @@ function auth_setup(){ $_REQUEST['http_credentials'] = false; if (!$conf['rememberme']) $_REQUEST['r'] = false; + // handle renamed HTTP_AUTHORIZATION variable (can happen when a fix like + // the one presented at + // http://www.besthostratings.com/articles/http-auth-php-cgi.html is used + // for enabling HTTP authentication with CGI/SuExec) + if(isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['REDIRECT_HTTP_AUTHORIZATION']; // streamline HTTP auth credentials (IIS/rewrite -> mod_php) if(isset($_SERVER['HTTP_AUTHORIZATION'])){ list($_SERVER['PHP_AUTH_USER'],$_SERVER['PHP_AUTH_PW']) = |