aboutsummaryrefslogtreecommitdiff
path: root/api/httpauth.inc.php
diff options
context:
space:
mode:
authormensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-04-03 13:28:48 +0000
committermensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-04-03 13:28:48 +0000
commit0564d64de2ea6838e7a874da5e99fa5358a0f75f (patch)
treeae678c3e6bda751168d5c896b5f472f5db983bc6 /api/httpauth.inc.php
parent96728fd633b0462b9a7605aae33eba2d1ad827b6 (diff)
downloadsemanticscuttle-0564d64de2ea6838e7a874da5e99fa5358a0f75f.tar.gz
semanticscuttle-0564d64de2ea6838e7a874da5e99fa5358a0f75f.tar.bz2
Interface design: add export option through API into the profile page
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@94 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'api/httpauth.inc.php')
-rw-r--r--api/httpauth.inc.php41
1 files changed, 22 insertions, 19 deletions
diff --git a/api/httpauth.inc.php b/api/httpauth.inc.php
index 3e5d464..f693d35 100644
--- a/api/httpauth.inc.php
+++ b/api/httpauth.inc.php
@@ -1,4 +1,7 @@
<?php
+require_once('../header.inc.php');
+$userservice =& ServiceFactory::getServiceInstance('UserService');
+
// Provides HTTP Basic authentication of a user, and sets two variables, sId and username,
// with the user's info.
@@ -6,30 +9,30 @@ function authenticate() {
header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
header('HTTP/1.0 401 Unauthorized');
- die("Use of the API calls requires authentication.");
-}
-
-
-/* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
-( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
-if((!$_SERVER['PHP_AUTH_USER'] || !$_SERVER['PHP_AUTH_USER'])
-&& preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) {
-list($name, $password) = explode(':', base64_decode($matches[1]));
-$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
-$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
+ die(T_("Use of the API calls requires authentication."));
}
+if(!$userservice->isLoggedOn()) {
+ /* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
+ ( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
+ if((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
+ && preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) {
+ list($name, $password) = explode(':', base64_decode($matches[1]));
+ $_SERVER['PHP_AUTH_USER'] = strip_tags($name);
+ $_SERVER['PHP_AUTH_PW'] = strip_tags($password);
+ }
-if (!isset($_SERVER['PHP_AUTH_USER'])) {
- authenticate();
-} else {
- require_once('../header.inc.php');
- $userservice =& ServiceFactory::getServiceInstance('UserService');
+ if (!isset($_SERVER['PHP_AUTH_USER'])) {
+ authenticate();
+ } else {
+ require_once('../header.inc.php');
+ $userservice =& ServiceFactory::getServiceInstance('UserService');
- $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
- if (!$login) {
- authenticate();
+ $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+ if (!$login) {
+ authenticate();
+ }
}
}
?>