|
1
|
<?php
|
|
2
|
function login__from_env()
|
|
3
|
{
|
|
4
|
return $_SERVER["PHP_AUTH_USER"]
|
|
5
|
.($_SERVER["PHP_AUTH_PW"] !== "" ? ":".$_SERVER["PHP_AUTH_PW"] : "");
|
|
6
|
}
|
|
7
|
|
|
8
|
function user2path($user) # multiple @ and nested . OK: a@b.c@url -> url?b.c.a
|
|
9
|
{
|
|
10
|
# remove padding used to visually separate 1st element: _x_@url -> x@url
|
|
11
|
# supports embedded @ inside highlighted part: _x@y_@url
|
|
12
|
$user = preg_replace('/^_*(.*?)_*(?=@|$)/', '$1', $user);
|
|
13
|
# translate reverse @-paths into forward .-paths
|
|
14
|
return implode(".", array_reverse(explode("@", $user)));
|
|
15
|
}
|
|
16
|
|
|
17
|
if (!isset($_SERVER["PHP_AUTH_USER"])) # browser first omits Authorization
|
|
18
|
{
|
|
19
|
header('WWW-Authenticate: Basic realm="please leave username/password blank or as filled in"');
|
|
20
|
}
|
|
21
|
else
|
|
22
|
{
|
|
23
|
$dest = preg_replace('!\b/!', "./", $_SERVER["SCRIPT_URI"])."?";
|
|
24
|
# append trailing . to host to prevent infinite redirect loop
|
|
25
|
if ($_SERVER["PHP_AUTH_USER"] !== "") # prepend to query string
|
|
26
|
$dest .= "."/*force dotpath*/.user2path(login__from_env());
|
|
27
|
$dest .= $_SERVER["QUERY_STRING"];
|
|
28
|
|
|
29
|
header("Location: ".$dest);
|
|
30
|
}
|
|
31
|
?>
|
