Add full PHP password check (without any need from specific webserver configuration). Heavily based on a patch from Mark Bond.
This commit is contained in:
parent
0f280f77ac
commit
3006bac2ce
15
config.php
15
config.php
|
@ -9,3 +9,18 @@
|
|||
require_once 'config_default.php';
|
||||
if (file_exists(dirname(__FILE__). '/config_local.php') && (php_sapi_name() !== 'cli'))
|
||||
require_once 'config_local.php';
|
||||
|
||||
if(!is_null($config['cops_basic_authentication']) &&
|
||||
is_array($config['cops_basic_authentication']))
|
||||
{
|
||||
if (!isset($_SERVER['PHP_AUTH_USER']) ||
|
||||
(isset($_SERVER['PHP_AUTH_USER']) &&
|
||||
($_SERVER['PHP_AUTH_USER']!=$config['cops_basic_authentication']['username'] ||
|
||||
$_SERVER['PHP_AUTH_PW'] != $config['cops_basic_authentication']['password'])))
|
||||
{
|
||||
header('WWW-Authenticate: Basic realm="COPS Authentication"');
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
echo 'Text to send if user hits Cancel button';
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -265,3 +265,11 @@
|
|||
* 0 : No
|
||||
*/
|
||||
$config ['cops_normalized_search'] = "0";
|
||||
|
||||
/*
|
||||
* Enable PHP password protection (You can use if htpasswd is not possible for you)
|
||||
* If possible prefer htpasswd !
|
||||
* array( "username" => "xxx", "password" => "secret") : Enable PHP password protection
|
||||
* NULL : Disable PHP password protection (You can still use htpasswd)
|
||||
*/
|
||||
$config['cops_basic_authentication'] = NULL;
|
||||
|
|
Loading…
Reference in a new issue