protected function _authenticate() { // this dirty hack was performed by professional stunt programmers! Don't try this at home!!! // return true; if (!Vikont_EVOConnector_Helper_Data::isModuleAllowed()) { $this->getResponse()->setHeader('HTTP/1.1', '404 Not Found')->setHeader('Status', '404 File not found')->setBody('Page not found')->sendResponse(); die; } if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $userName = Mage::getStoreConfig('evoc/auth/username', Mage_Core_Model_App::ADMIN_STORE_ID); $userPass = Mage::getStoreConfig('evoc/auth/password', Mage_Core_Model_App::ADMIN_STORE_ID); if ($userName != $_SERVER['PHP_AUTH_USER'] || $userPass != $_SERVER['PHP_AUTH_PW']) { $this->getResponse()->setHeader('HTTP/1.1', '401 Unauthorized')->setHeader('WWW-Authenticate', 'Basic realm="EVO Connector"')->setBody('Wrong username or password')->sendResponse(); die; } return true; } elseif (isset($_SERVER['HTTP_AUTHORIZATION']) && $_SERVER['HTTP_AUTHORIZATION']) { $properUserName = Mage::getStoreConfig('evoc/auth/username', Mage_Core_Model_App::ADMIN_STORE_ID); $properUserPass = Mage::getStoreConfig('evoc/auth/password', Mage_Core_Model_App::ADMIN_STORE_ID); $auth = explode(' ', '' . @$_SERVER['HTTP_AUTHORIZATION']); if (count($auth) > 1 && 'basic' == strtolower($auth[0])) { $userPassPair = base64_decode($auth[1]); if ($userPassPair && $properUserName . ':' . $properUserPass === $userPassPair) { return true; } } $this->getResponse()->setHeader('HTTP/1.1', '401 Unauthorized')->setHeader('WWW-Authenticate', 'Basic realm="EVO Connector"')->setBody('Wrong username or password')->sendResponse(); die; } else { $this->getResponse()->setHeader('HTTP/1.1', '401 Unauthorized')->setHeader('WWW-Authenticate', 'Basic realm="EVO Connector"')->setBody('Authorization required')->sendResponse(); die; } }