2007-12-12 17:29:16 +01:00
|
|
|
<?php
|
2010-09-29 00:09:58 +02:00
|
|
|
/**
|
|
|
|
* Checks if the user is logged on and sends a HTTP basic auth
|
|
|
|
* request to the browser if not. In that case the script ends.
|
|
|
|
* If username and password are available, the user service's
|
|
|
|
* login method is used to log the user in.
|
|
|
|
*
|
|
|
|
* SemanticScuttle - your social bookmark manager.
|
|
|
|
*
|
|
|
|
* PHP version 5.
|
|
|
|
*
|
|
|
|
* @category Bookmarking
|
|
|
|
* @package SemanticScuttle
|
|
|
|
* @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
|
|
|
|
* @author Christian Weiske <cweiske@cweiske.de>
|
|
|
|
* @author Eric Dane <ericdane@users.sourceforge.net>
|
|
|
|
* @license GPL http://www.gnu.org/licenses/gpl.html
|
|
|
|
* @link http://sourceforge.net/projects/semanticscuttle
|
|
|
|
*/
|
2010-02-08 08:32:34 +01:00
|
|
|
require_once '../www-header.php';
|
2008-04-03 15:28:48 +02:00
|
|
|
|
2010-09-29 00:09:58 +02:00
|
|
|
/**
|
|
|
|
* Sends HTTP auth headers to the browser
|
|
|
|
*/
|
|
|
|
function authenticate()
|
|
|
|
{
|
2008-12-05 08:25:04 +01:00
|
|
|
header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
|
|
|
|
header('HTTP/1.0 401 Unauthorized');
|
|
|
|
|
|
|
|
die(T_("Use of the API calls requires authentication."));
|
2008-04-03 08:57:38 +02:00
|
|
|
}
|
|
|
|
|
2010-01-16 09:14:39 +01:00
|
|
|
if (!$userservice->isLoggedOn()) {
|
2008-12-05 08:25:04 +01:00
|
|
|
/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
|
|
|
|
( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
|
2010-01-16 09:14:39 +01:00
|
|
|
if ((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
|
|
|
|
&& isset($_SERVER['REMOTE_USER'])
|
|
|
|
&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)
|
|
|
|
) {
|
|
|
|
list($name, $password) = explode(':', base64_decode($matches[1]));
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
|
|
|
|
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
|
2008-12-05 08:25:04 +01:00
|
|
|
}
|
2007-12-12 17:29:16 +01:00
|
|
|
|
2010-01-16 09:14:39 +01:00
|
|
|
if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
|
|
|
authenticate();
|
|
|
|
} else {
|
2010-09-29 00:09:58 +02:00
|
|
|
$login = $userservice->login(
|
|
|
|
$_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
|
|
|
|
);
|
2010-01-16 09:16:10 +01:00
|
|
|
if ($login) {
|
|
|
|
$currentUser = $userservice->getCurrentObjectUser();
|
|
|
|
} else {
|
2010-01-16 09:14:39 +01:00
|
|
|
authenticate();
|
|
|
|
}
|
|
|
|
}
|
2007-12-12 17:29:16 +01:00
|
|
|
}
|
2008-04-02 16:57:28 +02:00
|
|
|
?>
|