diff options
author | cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2010-09-28 22:09:58 +0000 |
---|---|---|
committer | cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f> | 2010-09-28 22:09:58 +0000 |
commit | b9256b14377251e6303d6abbe3cd7e7edc2583a4 (patch) | |
tree | 942649f3cb34cc91b926f16e5e134170bd6caec1 /www | |
parent | f20135d16a0fa2bb8cd2820323052fccab8f3451 (diff) | |
download | semanticscuttle-b9256b14377251e6303d6abbe3cd7e7edc2583a4.tar.gz semanticscuttle-b9256b14377251e6303d6abbe3cd7e7edc2583a4.tar.bz2 |
add header to httpauth.inc.php
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@765 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'www')
-rw-r--r-- | www/api/httpauth.inc.php | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/www/api/httpauth.inc.php b/www/api/httpauth.inc.php index 0e3a66d..ee5c7f2 100644 --- a/www/api/httpauth.inc.php +++ b/www/api/httpauth.inc.php @@ -1,10 +1,29 @@ <?php +/** + * Checks if the user is logged on and sends a HTTP basic auth + * request to the browser if not. In that case the script ends. + * If username and password are available, the user service's + * login method is used to log the user in. + * + * SemanticScuttle - your social bookmark manager. + * + * PHP version 5. + * + * @category Bookmarking + * @package SemanticScuttle + * @author Benjamin Huynh-Kim-Bang <mensonge@users.sourceforge.net> + * @author Christian Weiske <cweiske@cweiske.de> + * @author Eric Dane <ericdane@users.sourceforge.net> + * @license GPL http://www.gnu.org/licenses/gpl.html + * @link http://sourceforge.net/projects/semanticscuttle + */ require_once '../www-header.php'; -// Provides HTTP Basic authentication of a user -// and logs the user in if necessary - -function authenticate() { +/** + * Sends HTTP auth headers to the browser + */ +function authenticate() +{ header('WWW-Authenticate: Basic realm="SemanticScuttle API"'); header('HTTP/1.0 401 Unauthorized'); @@ -26,7 +45,9 @@ if (!$userservice->isLoggedOn()) { if (!isset($_SERVER['PHP_AUTH_USER'])) { authenticate(); } else { - $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + $login = $userservice->login( + $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] + ); if ($login) { $currentUser = $userservice->getCurrentObjectUser(); } else { |