elseif ( ! OCP\User::checkPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) ) { // second, authenticated attempt, request repeated authentication header('WWW-Authenticate: Basic realm="Retry OwnCloud relay authorization"'); header('HTTP/1.0 401 Unauthorized'); // important: flush, so that auth headers are not swallowed by OC flush(); ob_flush(); // log denied access attempt OC_Shorty_Hooks::registerClick ( $result[0], $request, 'failed' ); // fallback: refuse forwarding => 403: Forbidden throw new OC_Shorty_HttpException ( 403 ); } } break; case 'public': // no access restriction, so all fine! } // switch status // finish this script to record the click, even if the client detaches right after the redirect ignore_user_abort ( TRUE ); // register click OC_Shorty_Hooks::registerClick ( $result[0], $request, 'granted' ); // forward to target, regardless of who sends the request header("HTTP/1.0 301 Moved Permanently"); // http forwarding header header ( sprintf('Location: %s', $target) ); } // if id } catch ( OC_Shorty_Exception $e ) { header($e->getMessage()); } ?>