wpseek.com
Bazujące na WordPress narzędzie wyszukiwania dla deweloperów i twórców motywów.

wp_populate_basic_auth_from_authorization_header › WordPress Function

Od5.6.0

Przestarzałyn/a

› wp_populate_basic_auth_from_authorization_header ( Brak parametrów )

Zdefiniowane na:	wp-includes/load.php , linia 106
Codex:	developer.wordpress.org / wp_populate_basic_auth_from_authorization_header

Populates the Basic Auth server details from the Authorization header.

Some servers running in CGI or FastCGI mode don't pass the Authorization header on to WordPress. If it's been rewritten to the HTTP_AUTHORIZATION header, fill in the proper $_SERVER variables instead.

Powiązane Funkcje: wp_shortlink_header, wp_strict_cross_origin_referrer

Źródło

function wp_populate_basic_auth_from_authorization_header() {
	// If we don't have anything to pull from, return early.
	if ( ! isset( $_SERVER['HTTP_AUTHORIZATION'] ) && ! isset( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) ) {
		return;
	}

	// If either PHP_AUTH key is already set, do nothing.
	if ( isset( $_SERVER['PHP_AUTH_USER'] ) || isset( $_SERVER['PHP_AUTH_PW'] ) ) {
		return;
	}

	// From our prior conditional, one of these must be set.
	$header = isset( $_SERVER['HTTP_AUTHORIZATION'] ) ? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['REDIRECT_HTTP_AUTHORIZATION'];

	// Test to make sure the pattern matches expected.
	if ( ! preg_match( '%^Basic [a-z\d/+]*={0,2}$%i', $header ) ) {
		return;
	}

	// Removing `Basic ` the token would start six characters in.
	$token    = substr( $header, 6 );
	$userpass = base64_decode( $token );

	// There must be at least one colon in the string.
	if ( ! str_contains( $userpass, ':' ) ) {
		return;
	}

	list( $user, $pass ) = explode( ':', $userpass, 2 );

	// Now shove them in the proper keys where we're expecting later on.
	$_SERVER['PHP_AUTH_USER'] = $user;
	$_SERVER['PHP_AUTH_PW']   = $pass;
}