From bc7387355f7de205906e616aa712e809bf2deb38 Mon Sep 17 00:00:00 2001
From: Megan Watson <megan@knowledgetree.com>
Date: Wed, 4 Nov 2009 12:25:17 +0200
Subject: [PATCH] Added workaround for mod_auth with php in cgi mode PT: 1627005

---
 .htaccess                                           | 5 +++++
 ktwebdav/lib/KTWebDAVServer.inc.php                 | 5 +++++
 rss.php                                             | 5 ++++-
 webservice/classes/atompub/KT_atom_HTTPauth.inc.php | 6 ++++++
 4 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/.htaccess b/.htaccess
index c5fbb1d..f7c094c 100644
--- a/.htaccess
+++ b/.htaccess
@@ -95,6 +95,11 @@ php_value max_execution_time 0
 php_value error_reporting 5
 </IfModule>
 
+# Workaround for mod_auth when running php cgi
+<IfModule mod_rewrite.c>
+RewriteEngine on
+RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
+</IfModule>
 
 #<IfModule mod_rewrite.c>
 #RewriteEngine On
diff --git a/ktwebdav/lib/KTWebDAVServer.inc.php b/ktwebdav/lib/KTWebDAVServer.inc.php
index 631849b..a11450b 100644
--- a/ktwebdav/lib/KTWebDAVServer.inc.php
+++ b/ktwebdav/lib/KTWebDAVServer.inc.php
@@ -372,6 +372,11 @@ class KTWebDAVServer extends HTTP_WebDAV_Server
     {
         $this->ktwebdavLog('Entering _check_auth...', 'info', true);
 
+        // Workaround for mod_auth when running php cgi
+        if(!isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['HTTP_AUTHORIZATION'])){
+            list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
+        }
+
         if (method_exists($this, 'checkAuth')) {
             // PEAR style method name
             return $this->checkAuth(@$_SERVER['AUTH_TYPE'],
diff --git a/rss.php b/rss.php
index 42465d9..bd46dde 100644
--- a/rss.php
+++ b/rss.php
@@ -5,7 +5,7 @@
  * KnowledgeTree Community Edition
  * Document Management Made Simple
  * Copyright (C) 2008, 2009 KnowledgeTree Inc.
- *  
+ *
  *
  * This program is free software; you can redistribute it and/or modify it under
  * the terms of the GNU General Public License version 3 as published by the
@@ -40,6 +40,9 @@ require_once(KT_LIB_DIR .'/authentication/DBAuthenticator.inc');
 require_once(KT_LIB_DIR .'/authentication/authenticationutil.inc.php');
 require_once(KT_DIR. '/plugins/rssplugin/KTrss.inc.php');
 
+// Workaround for mod_auth when running php cgi
+list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
+
 // workaround to get http authentication working in cgi mode
 $altinfo = KTUtil::arrayGet( $_SERVER, 'kt_auth', KTUtil::arrayGet( $_SERVER, 'REDIRECT_kt_auth'));
 if ( !empty( $altinfo) && !isset( $_SERVER['PHP_AUTH_USER'])) {
diff --git a/webservice/classes/atompub/KT_atom_HTTPauth.inc.php b/webservice/classes/atompub/KT_atom_HTTPauth.inc.php
index a97e3fb..b99b793 100644
--- a/webservice/classes/atompub/KT_atom_HTTPauth.inc.php
+++ b/webservice/classes/atompub/KT_atom_HTTPauth.inc.php
@@ -1,6 +1,12 @@
 <?php
 class KT_atom_HTTPauth{
 	public static function getCredentials(){
+
+	    // Workaround for mod_auth when running php cgi
+	    if(!isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['HTTP_AUTHORIZATION'])){
+            list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
+	    }
+
 		$credentials=array('user'=>'','pass'=>'','method'=>'');
 		if(isset($_SERVER['PHP_AUTH_USER'])){
 			$credentials['user']=$_SERVER['PHP_AUTH_USER'];
--
libgit2 0.21.4