/**
* prepare/override the password provided from logon form (if necessary)
* @todo when we rewrite authentication api for plugins, this should be merged with prepare_username and return some object
* @param string $p_password
* @return string prepared password
* @access public
*/
function auth_prepare_password($p_password)
{
switch (config_get('login_method')) {
case BASIC_AUTH:
$f_password = $_SERVER['PHP_AUTH_PW'];
break;
case HTTP_AUTH:
if (!auth_http_is_logout_pending()) {
/* this will never get hit - see auth_prepare_username */
if (isset($_SERVER['PHP_AUTH_PW'])) {
$f_password = $_SERVER['PHP_AUTH_PW'];
}
} else {
auth_http_set_logout_pending(false);
auth_http_prompt();
/* calls exit */
return;
}
break;
default:
$f_password = $p_password;
break;
}
return $f_password;
}
# --------------------------------------------------------
# $Id: login.php,v 1.36 2005/08/07 16:01:37 ryandesign Exp $
# --------------------------------------------------------
# Check login then redirect to main_page.php or to login_page.php
require_once 'core.php';
$f_username = gpc_get_string('username', '');
$f_password = gpc_get_string('password', '');
$f_perm_login = gpc_get_bool('perm_login');
$f_return = gpc_get_string('return', config_get('default_home_page'));
$f_from = gpc_get_string('from', '');
if (BASIC_AUTH == config_get('login_method')) {
$f_username = $_SERVER['REMOTE_USER'];
$f_password = $_SERVER['PHP_AUTH_PW'];
}
if (HTTP_AUTH == config_get('login_method')) {
if (!auth_http_is_logout_pending()) {
if (isset($_SERVER['PHP_AUTH_USER'])) {
$f_username = $_SERVER['PHP_AUTH_USER'];
}
if (isset($_SERVER['PHP_AUTH_PW'])) {
$f_password = $_SERVER['PHP_AUTH_PW'];
}
} else {
auth_http_set_logout_pending(false);
auth_http_prompt();
break;
}
}
if (auth_attempt_login($f_username, $f_password, $f_perm_login)) {
$t_redirect_url = 'login_cookie_test.php?return=' . urlencode($f_return);
} else {
