Merge pull request #141 from rasky/http_without_pwd

Aleksander Machniak

2013-11-08 a96a22cc3e671181bee753c174ab134541ad3844

Merge pull request #141 from rasky/http_without_pwd

Allow HTTP authentication without password.

 plugins/http_authentication/http_authentication.php

@@ -29,7 +29,7 @@

    function startup($args)
    {
        if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
        if (!empty($_SERVER['PHP_AUTH_USER'])) {
            $rcmail = rcmail::get_instance();
            $rcmail->add_shutdown_function(array('http_authentication', 'shutdown'));

@@ -38,7 +38,8 @@
                $args['action'] = 'login';
            }
            // Set user password in session (see shutdown() method for more info)
            else if (!empty($_SESSION['user_id']) && empty($_SESSION['password'])) {
            else if (!empty($_SESSION['user_id']) && empty($_SESSION['password'])
                     && !empty($_SERVER['PHP_AUTH_PW'])) {
                $_SESSION['password'] = $rcmail->encrypt($_SERVER['PHP_AUTH_PW']);
            }
        }
@@ -61,8 +62,9 @@
            return $args;
        }

        if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
        if (!empty($_SERVER['PHP_AUTH_USER'])) {
            $args['user'] = $_SERVER['PHP_AUTH_USER'];
            if (!empty($_SERVER['PHP_AUTH_PW']))
            $args['pass'] = $_SERVER['PHP_AUTH_PW'];
        }