summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2012-10-10 12:25:32 +0200
committerFlorian Pritz <bluewind@xinu.at>2012-10-10 12:33:12 +0200
commit143d920cb703d47bd8606ba2497241fce7d06a27 (patch)
tree5aa554eb73ae550a130c491495466eb613ed3299
parentdb220a21c3d49e0ac0ff5eb0789bb718f177e0b8 (diff)
Accept authentication via post parameters
Passing the authentication headers is slightly complicated with fastcgi so we support both and let the users choose. Signed-off-by: Florian Pritz <bluewind@xinu.at>
-rw-r--r--application/controllers/file.php23
1 files changed, 18 insertions, 5 deletions
diff --git a/application/controllers/file.php b/application/controllers/file.php
index d53a5833b..427af33dc 100644
--- a/application/controllers/file.php
+++ b/application/controllers/file.php
@@ -43,11 +43,24 @@ class File extends CI_Controller {
$this->var->view_dir = "file";
}
- if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_USER'] && $_SERVER['PHP_AUTH_PW']) {
- if (!$this->muser->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
- // TODO: better message
- echo "login failed.\n";
- exit;
+ if (is_cli_client()) {
+ $username = $this->input->post("username");
+ $password = $this->input->post("password");
+
+ // prefer post parameters if either (username or password) is set
+ if ($username === false && $password === false) {
+ if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
+ $username = $_SERVER['PHP_AUTH_USER'];
+ $password = $_SERVER['PHP_AUTH_PW'];
+ }
+ }
+
+ if ($username !== false && $password !== false) {
+ if (!$this->muser->login($username, $password)) {
+ // TODO: better message
+ echo "login failed.\n";
+ exit;
+ }
}
}