From 143d920cb703d47bd8606ba2497241fce7d06a27 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Wed, 10 Oct 2012 12:25:32 +0200 Subject: Accept authentication via post parameters Passing the authentication headers is slightly complicated with fastcgi so we support both and let the users choose. Signed-off-by: Florian Pritz --- application/controllers/file.php | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) (limited to 'application') diff --git a/application/controllers/file.php b/application/controllers/file.php index d53a5833b..427af33dc 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -43,11 +43,24 @@ class File extends CI_Controller { $this->var->view_dir = "file"; } - if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_USER'] && $_SERVER['PHP_AUTH_PW']) { - if (!$this->muser->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { - // TODO: better message - echo "login failed.\n"; - exit; + if (is_cli_client()) { + $username = $this->input->post("username"); + $password = $this->input->post("password"); + + // prefer post parameters if either (username or password) is set + if ($username === false && $password === false) { + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { + $username = $_SERVER['PHP_AUTH_USER']; + $password = $_SERVER['PHP_AUTH_PW']; + } + } + + if ($username !== false && $password !== false) { + if (!$this->muser->login($username, $password)) { + // TODO: better message + echo "login failed.\n"; + exit; + } } } -- cgit v1.2.3-24-g4f1b