From 089a0ae087bf70ac0c2582bb23211eca86da0d93 Mon Sep 17 00:00:00 2001
From: Nicola Beghin <nicolabeghin@gmail.com>
Date: Wed, 15 Mar 2017 15:06:39 +0100
Subject: [PATCH] using $request->header in place of
 $_SERVER['HTTP_AUTHORIZATION']

---
 lib/Cake/Controller/Component/Auth/BasicAuthenticate.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/Cake/Controller/Component/Auth/BasicAuthenticate.php b/lib/Cake/Controller/Component/Auth/BasicAuthenticate.php
index 563fa3071..9e6ce8a18 100644
--- a/lib/Cake/Controller/Component/Auth/BasicAuthenticate.php
+++ b/lib/Cake/Controller/Component/Auth/BasicAuthenticate.php
@@ -83,8 +83,8 @@ class BasicAuthenticate extends BaseAuthenticate {
  */
 	public function getUser(CakeRequest $request) {
 		if(!isset($_SERVER['PHP_AUTH_USER'])) {
-		    if (isset($_SERVER['HTTP_AUTHORIZATION']) && strlen($_SERVER['HTTP_AUTHORIZATION']) > 0 && strpos($_SERVER['HTTP_AUTHORIZATION'], 'basic') !== false) {
-		        list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
+			if ($request->header('Authorization') !== false && strlen($request->header('Authorization')) > 0 && strpos($request->header('Authorization'), 'basic') !== false) {
+		        list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($request->header('Authorization'), 6)));
 		        if(strlen($_SERVER['PHP_AUTH_USER']) === 0 || strlen($_SERVER['PHP_AUTH_PW']) === 0) {
 		            unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
 		        }