function shield_boot in Shield 7
Same name and namespace in other branches
- 6 shield.module \shield_boot()
Implements hook_boot().
File
- ./
shield.module, line 158 - Functions for shield module
Code
function shield_boot() {
// Bail if the page isn't protected by Shield.
if (!shield_get_status()) {
return;
}
// Announce authentication to other modules like HTTPRL and AdvAgg.
$_SERVER['AUTH_TYPE'] = 'Basic';
// Look for HTTP authentication variables as URL parameters.
if (isset($_GET['Authorization']) && preg_match('/Basic\\s+(.*)$/i', $_GET['Authorization'], $matches)) {
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
// Attempt to authenticate user.
$user = variable_get('shield_user', '');
$pass = variable_get('shield_pass', '');
// If we have mod_php.
if (!empty($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && $_SERVER['PHP_AUTH_USER'] === $user && $_SERVER['PHP_AUTH_PW'] === $pass) {
return;
}
elseif (substr(php_sapi_name(), 0, 3) == 'cgi' || substr(php_sapi_name(), 0, 3) == 'fpm') {
// We have (some sort of) CGI.
if (isset($_SERVER['REDIRECT_REMOTE_USER'])) {
$auth_var = 'REDIRECT_REMOTE_USER';
}
else {
$auth_var = 'REMOTE_USER';
}
if (!empty($_SERVER[$auth_var])) {
list($redir_user, $redir_pw) = explode(':', base64_decode(substr($_SERVER[$auth_var], 6)));
if ($redir_user == $user && $redir_pw == $pass) {
return;
}
}
}
$print = variable_get('shield_print', '');
$headers = array(
'WWW-Authenticate' => sprintf('Basic realm="%s"', strtr($print, array(
'[user]' => $user,
'[pass]' => $pass,
))),
'status' => '401 Unauthorized',
);
drupal_send_headers($headers, TRUE);
exit;
}