|
1
|
<?php
|
|
2
|
function login__from_env()
|
|
3
|
{
|
|
4
|
return $_SERVER["PHP_AUTH_USER"]
|
|
5
|
.($_SERVER["PHP_AUTH_PW"] !== "" ? ":".$_SERVER["PHP_AUTH_PW"] : "");
|
|
6
|
}
|
|
7
|
|
|
8
|
function user2path($user) # multiple @ and nested . OK: a@b.c@url -> url?b.c.a
|
|
9
|
{
|
|
10
|
$path = $user;
|
|
11
|
|
|
12
|
# remove padding used to visually separate elements:__x__@y__@url -> x@y@url
|
|
13
|
$path = preg_replace('/\b__|__\b/', '', $path);
|
|
14
|
|
|
15
|
# remove comments: (c)x(d)@url -> x@url
|
|
16
|
# can't use : for this because Firefox will not update the "password" for
|
|
17
|
# the website with the new value after the :
|
|
18
|
$path = preg_replace('/\(.*?\)/', '', $path);
|
|
19
|
|
|
20
|
# translate reverse @-paths into forward .-paths
|
|
21
|
$path = implode(".", array_reverse(explode("@", $path)));
|
|
22
|
|
|
23
|
return $path;
|
|
24
|
}
|
|
25
|
|
|
26
|
if (!isset($_SERVER["PHP_AUTH_USER"])) # browser first omits Authorization
|
|
27
|
{
|
|
28
|
header('WWW-Authenticate: Basic realm="please leave username/password blank or as filled in"');
|
|
29
|
}
|
|
30
|
else
|
|
31
|
{
|
|
32
|
$dest = preg_replace('!\b/!', "./", $_SERVER["SCRIPT_URI"])."?";
|
|
33
|
# append trailing . to host to prevent infinite redirect loop
|
|
34
|
if ($_SERVER["PHP_AUTH_USER"] !== "") # prepend to query string
|
|
35
|
$dest .= "."/*force dotpath*/.user2path(login__from_env());
|
|
36
|
$dest .= $_SERVER["QUERY_STRING"];
|
|
37
|
|
|
38
|
header("Location: ".$dest);
|
|
39
|
}
|
|
40
|
?>
|
