diff options
author | Claude <longneck-accounts@scratchbook.ch> | 2018-09-29 17:14:20 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-09-29 17:14:20 +0200 |
commit | 5e433758d56f603ce6fc0e490d59994ae1257076 (patch) | |
tree | 7af1cf234fa3626f255cc0e7b0d9bbbf9b9c926a | |
parent | 63bf35a69113c11ab2d5bfb05eb0c860784fcfc2 (diff) | |
parent | a94f015136131af432090ab85e6a6fb2728fedc7 (diff) | |
download | stikked-fit-5e433758d56f603ce6fc0e490d59994ae1257076.tar.gz stikked-fit-5e433758d56f603ce6fc0e490d59994ae1257076.tar.bz2 stikked-fit-5e433758d56f603ce6fc0e490d59994ae1257076.zip |
Merge pull request #484 from xrobau/bugfix/spamadmin-undefined
Fix spamadmin undefined value
-rw-r--r-- | htdocs/application/controllers/Spamadmin.php | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/htdocs/application/controllers/Spamadmin.php b/htdocs/application/controllers/Spamadmin.php index 6fb8ee1..8bd9682 100644 --- a/htdocs/application/controllers/Spamadmin.php +++ b/htdocs/application/controllers/Spamadmin.php @@ -22,10 +22,25 @@ class Spamadmin extends CI_Controller $user = $this->config->item('spamadmin_user'); $pass = $this->config->item('spamadmin_pass'); - // basic auth for fastcgi - list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); + // FastCGI doesn't provide PHP_AUTH_USER and PHP_AUTH_PW, apparently? + if (empty($_SERVER['PHP_AUTH_USER']) && empty($_SERVER['PHP_AUTH_PW'])) { + if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { + list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); + } + } + + // If they're not set, set them to blank. The null coalesce operator would be handy here, but + // that's PHP 7.0 and higher... + if (empty($_SERVER['PHP_AUTH_USER'])) + { + $_SERVER['PHP_AUTH_USER'] = ""; + } + if (empty($_SERVER['PHP_AUTH_PW'])) + { + $_SERVER['PHP_AUTH_PW'] = ""; + } - if ($user == '' || $pass == '' || !isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] != $user || $_SERVER['PHP_AUTH_PW'] != $pass) + if ($user === '' || $pass === '' || $_SERVER['PHP_AUTH_USER'] !== $user || $_SERVER['PHP_AUTH_PW'] !== $pass) { header('WWW-Authenticate: Basic realm="Spamadmin"'); header('HTTP/1.0 401 Unauthorized'); |