public static function parseUserPass(HTTP\Request $httpRequest) { // Apache and mod_php if ($user = $httpRequest->getRawServerValue('PHP_AUTH_USER')) { $pass = ""; if ($passw = $httpRequest->getRawServerValue('PHP_AUTH_PW')) { $pass = $passw; } return array($user, $pass); } // Most other webservers $auth = $httpRequest->getHeader('Authorization'); // Apache could prefix environment variables with REDIRECT_ when urls // are passed through mod_rewrite if (!$auth) { $auth = $httpRequest->getRawServerValue('REDIRECT_HTTP_AUTHORIZATION'); } if (!$auth) { return false; } if (strpos(strtolower($auth), 'basic') !== 0) { return false; } return explode(':', base64_decode(substr($auth, 6)), 2); }