summaryrefslogtreecommitdiff
path: root/www/api
diff options
context:
space:
mode:
authorcweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>2010-09-28 22:09:58 +0000
committercweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>2010-09-28 22:09:58 +0000
commitb9256b14377251e6303d6abbe3cd7e7edc2583a4 (patch)
tree942649f3cb34cc91b926f16e5e134170bd6caec1 /www/api
parentf20135d16a0fa2bb8cd2820323052fccab8f3451 (diff)
downloadsemanticscuttle-b9256b14377251e6303d6abbe3cd7e7edc2583a4.tar.gz
semanticscuttle-b9256b14377251e6303d6abbe3cd7e7edc2583a4.tar.bz2
add header to httpauth.inc.php
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@765 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'www/api')
-rw-r--r--www/api/httpauth.inc.php31
1 files changed, 26 insertions, 5 deletions
diff --git a/www/api/httpauth.inc.php b/www/api/httpauth.inc.php
index 0e3a66d..ee5c7f2 100644
--- a/www/api/httpauth.inc.php
+++ b/www/api/httpauth.inc.php
@@ -1,10 +1,29 @@
<?php
+/**
+ * Checks if the user is logged on and sends a HTTP basic auth
+ * request to the browser if not. In that case the script ends.
+ * If username and password are available, the user service's
+ * login method is used to log the user in.
+ *
+ * SemanticScuttle - your social bookmark manager.
+ *
+ * PHP version 5.
+ *
+ * @category Bookmarking
+ * @package SemanticScuttle
+ * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net>
+ * @author Christian Weiske <cweiske@cweiske.de>
+ * @author Eric Dane <ericdane@users.sourceforge.net>
+ * @license GPL http://www.gnu.org/licenses/gpl.html
+ * @link http://sourceforge.net/projects/semanticscuttle
+ */
require_once '../www-header.php';
-// Provides HTTP Basic authentication of a user
-// and logs the user in if necessary
-
-function authenticate() {
+/**
+ * Sends HTTP auth headers to the browser
+ */
+function authenticate()
+{
header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
header('HTTP/1.0 401 Unauthorized');
@@ -26,7 +45,9 @@ if (!$userservice->isLoggedOn()) {
if (!isset($_SERVER['PHP_AUTH_USER'])) {
authenticate();
} else {
- $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+ $login = $userservice->login(
+ $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
+ );
if ($login) {
$currentUser = $userservice->getCurrentObjectUser();
} else {