Fix bug #2928905: API was broken when no user was logged in

author cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>

Sat, 16 Jan 2010 08:14:39 +0000 (08:14 +0000)

committer cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>

Sat, 16 Jan 2010 08:14:39 +0000 (08:14 +0000)
author cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>
Sat, 16 Jan 2010 08:14:39 +0000 (08:14 +0000)
committer cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>
Sat, 16 Jan 2010 08:14:39 +0000 (08:14 +0000)
diff --git a/doc/ChangeLog b/doc/ChangeLog

index 1dcb6a8cf7d149e63ab3b8c9ad80a886e8a088c1..e033cb694659322d8e9d257ba9c2dd470356b700 100644 (file)
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,6 +1,10 @@
  ChangeLog for SemantiScuttle
  ============================
  
+0.95.2 - 2010-FIXME
+-------------------
+- Fix bug #2928905: API was broken when no user was logged in
+
  0.95.1 - 2009-11-16
  -------------------
  - Fix bug: admin tags were not shown because javascript include was broken.
diff --git a/www/api/httpauth.inc.php b/www/api/httpauth.inc.php

index 23e3a5e31e0877c3a9a8c568a2d540cb2ef17f3b..1d20d310d7343bb8985efb26c8e87ec53a5ddfc3 100644 (file)
--- a/www/api/httpauth.inc.php
+++ b/www/api/httpauth.inc.php
@@ -1,8 +1,8 @@
  <?php
  require_once '../../src/SemanticScuttle/header.php';
  
-//  Provides HTTP Basic authentication of a user, and sets two variables, sId and username,
-//  with the user's info.
+// Provides HTTP Basic authentication of a user
+// and logs the user in if necessary
  
  function authenticate() {
         header('WWW-Authenticate: Basic realm="SemanticScuttle API"');
@@ -11,23 +11,25 @@ function authenticate() {
         die(T_("Use of the API calls requires authentication."));
  }
  
-if(!$userservice->isLoggedOn()) {
+if (!$userservice->isLoggedOn()) {
         /* Maybe we have caught authentication data in $_SERVER['REMOTE_USER']
          ( Inspired by http://www.yetanothercommunitysystem.com/article-321-regle-comment-utiliser-l-authentification-http-en-php-chez-ovh ) */
-       if((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
-       && preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)) {
-               list($name, $password) = explode(':', base64_decode($matches[1]));
-               $_SERVER['PHP_AUTH_USER'] = strip_tags($name);
-               $_SERVER['PHP_AUTH_PW'] = strip_tags($password);
+       if ((!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
+        && isset($_SERVER['REMOTE_USER'])
+        && preg_match('/Basic\s+(.*)$/i', $_SERVER['REMOTE_USER'], $matches)
+    ) {
+        list($name, $password) = explode(':', base64_decode($matches[1]));
+        $_SERVER['PHP_AUTH_USER'] = strip_tags($name);
+        $_SERVER['PHP_AUTH_PW'] = strip_tags($password);
         }
  
-       if (!isset($_SERVER['PHP_AUTH_USER'])) {
-               authenticate();
-       } else {
-               $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
-               if (!$login) {
-                       authenticate();
-               }
-       }
+    if (!isset($_SERVER['PHP_AUTH_USER'])) {
+        authenticate();
+    } else {
+        $login = $userservice->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
+        if (!$login) {
+            authenticate();
+        }
+    }
  }
  ?>
author	cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>
	Sat, 16 Jan 2010 08:14:39 +0000 (08:14 +0000)
committer	cweiske <cweiske@b3834d28-1941-0410-a4f8-b48e95affb8f>
	Sat, 16 Jan 2010 08:14:39 +0000 (08:14 +0000)
doc/ChangeLog		patch \| blob \| history
www/api/httpauth.inc.php		patch \| blob \| history