mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2024-11-15 03:18:26 +00:00
refactoring to avoid tampering with $_SERVER
This commit is contained in:
parent
ff210b04d7
commit
ca6ca9376e
1 changed files with 6 additions and 6 deletions
|
@ -82,17 +82,17 @@ class BasicAuthenticate extends BaseAuthenticate {
|
|||
* @return mixed Either false or an array of user information
|
||||
*/
|
||||
public function getUser(CakeRequest $request) {
|
||||
$username = '';
|
||||
$pass = '';
|
||||
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
$httpAuthorization = $request->header('Authorization');
|
||||
if ($httpAuthorization !== false && strlen($httpAuthorization) > 0 && strpos($httpAuthorization, 'basic') !== false) {
|
||||
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($httpAuthorization, 6)));
|
||||
if (strlen($_SERVER['PHP_AUTH_USER']) === 0 || strlen($_SERVER['PHP_AUTH_PW']) === 0) {
|
||||
unset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
|
||||
}
|
||||
}
|
||||
}
|
||||
$username = env('PHP_AUTH_USER');
|
||||
$pass = env('PHP_AUTH_PW');
|
||||
} else {
|
||||
$httpAuthorization = $request->header('Authorization');
|
||||
if ($httpAuthorization !== false && strlen($httpAuthorization) > 0 && strpos($httpAuthorization, 'basic') !== false) {
|
||||
list($username, $pass) = explode(':', base64_decode(substr($httpAuthorization, 6)));
|
||||
}
|
||||
}
|
||||
|
||||
if (!is_string($username) || $username === '' || !is_string($pass) || $pass === '') {
|
||||
return false;
|
||||
|
|
Loading…
Reference in a new issue