Personal/cops
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add full PHP password check (without any need from specific webserver configuration). Heavily based on a patch from Mark Bond.

Browse source
This commit is contained in:
Sébastien Lucas 2014-11-11 21:15:55 +01:00
parent 0f280f77ac
commit 3006bac2ce
2 changed files with 23 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

15
config.php
View file

@ -9,3 +9,18 @@
require_once 'config_default.php';
if (file_exists(dirname(__FILE__). '/config_local.php') && (php_sapi_name() !== 'cli'))
require_once 'config_local.php';
if(!is_null($config['cops_basic_authentication']) &&
is_array($config['cops_basic_authentication']))
{
if (!isset($_SERVER['PHP_AUTH_USER']) ||
(isset($_SERVER['PHP_AUTH_USER']) &&
($_SERVER['PHP_AUTH_USER']!=$config['cops_basic_authentication']['username'] ||
$_SERVER['PHP_AUTH_PW'] != $config['cops_basic_authentication']['password'])))
{
header('WWW-Authenticate: Basic realm="COPS Authentication"');
header('HTTP/1.0 401 Unauthorized');
echo 'Text to send if user hits Cancel button';
exit;
}
}

8
config_default.php
View file

@ -265,3 +265,11 @@
* 0 : No
*/
$config ['cops_normalized_search'] = "0";
/*
* Enable PHP password protection (You can use if htpasswd is not possible for you)
* If possible prefer htpasswd !
* array( "username" => "xxx", "password" => "secret") : Enable PHP password protection
* NULL : Disable PHP password protection (You can still use htpasswd)
*/
$config['cops_basic_authentication'] = NULL;