/** * prepare/override the password provided from logon form (if necessary) * @todo when we rewrite authentication api for plugins, this should be merged with prepare_username and return some object * @param string $p_password * @return string prepared password * @access public */ function auth_prepare_password($p_password) { switch (config_get('login_method')) { case BASIC_AUTH: $f_password = $_SERVER['PHP_AUTH_PW']; break; case HTTP_AUTH: if (!auth_http_is_logout_pending()) { /* this will never get hit - see auth_prepare_username */ if (isset($_SERVER['PHP_AUTH_PW'])) { $f_password = $_SERVER['PHP_AUTH_PW']; } } else { auth_http_set_logout_pending(false); auth_http_prompt(); /* calls exit */ return; } break; default: $f_password = $p_password; break; } return $f_password; }
# -------------------------------------------------------- # $Id: login.php,v 1.36 2005/08/07 16:01:37 ryandesign Exp $ # -------------------------------------------------------- # Check login then redirect to main_page.php or to login_page.php require_once 'core.php'; $f_username = gpc_get_string('username', ''); $f_password = gpc_get_string('password', ''); $f_perm_login = gpc_get_bool('perm_login'); $f_return = gpc_get_string('return', config_get('default_home_page')); $f_from = gpc_get_string('from', ''); if (BASIC_AUTH == config_get('login_method')) { $f_username = $_SERVER['REMOTE_USER']; $f_password = $_SERVER['PHP_AUTH_PW']; } if (HTTP_AUTH == config_get('login_method')) { if (!auth_http_is_logout_pending()) { if (isset($_SERVER['PHP_AUTH_USER'])) { $f_username = $_SERVER['PHP_AUTH_USER']; } if (isset($_SERVER['PHP_AUTH_PW'])) { $f_password = $_SERVER['PHP_AUTH_PW']; } } else { auth_http_set_logout_pending(false); auth_http_prompt(); break; } } if (auth_attempt_login($f_username, $f_password, $f_perm_login)) { $t_redirect_url = 'login_cookie_test.php?return=' . urlencode($f_return); } else {