[Feature] Ability to use HTTP authentication in ATOM feeds by passing the GET parameter auth=http

git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@10430 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-07 20:08:53 +00:00 · 2010-01-19 19:08:51 +00:00 · 2010-01-19 19:08:51 +00:00 · 77af6caed7
commit 77af6caed7
parent ff0b94f238
9 changed files with 123 additions and 0 deletions
--- a/phpBB/.htaccess
+++ b/phpBB/.htaccess
@ -1,3 +1,13 @@
+#
+# Uncomment the statement below if you want to make use of
+# HTTP authentication and it does not already work.
+# This could be required if you are for example using PHP via Apache CGI.
+#
+#<IfModule mod_rewrite.c>
+#RewriteEngine on
+#RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
+#</IfModule>
+
 <Files "config.php">
 Order Allow,Deny
 Deny from All
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@ -152,6 +152,7 @@
 		<li>[Change] SQLite is no longer autoloaded by the installer. (Bug #56105)</li>
 		<li>[Change] Friends and foes will not show up as private message rule options if their respective UCP modules are disabled. (Bug #51155)</li>
 		<li>[Change] Offer for guests to log in for egosearch and unreadposts search before the search permissions check. (Bug #51585)</li>
+		<li>[Feature] Ability to use HTTP authentication in ATOM feeds by passing the GET parameter &quot;auth=http&quot;.</li>
 	</ul>

 	<a name="v305"></a><h3>1.ii. Changes since 3.0.5</h3>
--- a/phpBB/feed.php
+++ b/phpBB/feed.php
@ -30,6 +30,15 @@ if (!$config['feed_enable'])

 // Start session
 $user->session_begin();
+
+if (!empty($config['feed_http_auth']) && request_var('auth', '') == 'http')
+{
+	phpbb_http_login(array(
+		'auth_message'	=> 'Feed',
+		'viewonline'	=> request_var('viewonline', true),
+	));
+}
+
 $auth->acl($user->data);
 $user->setup();

--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@ -267,6 +267,7 @@ class acp_board
 						'legend1'					=> 'ACP_FEED_GENERAL',
 						'feed_enable'				=> array('lang' => 'ACP_FEED_ENABLE',				'validate' => 'bool',	'type' => 'radio:enabled_disabled',	'explain' => true ),
 						'feed_item_statistics'		=> array('lang' => 'ACP_FEED_ITEM_STATISTICS',		'validate' => 'bool',	'type' => 'radio:enabled_disabled',	'explain' => true),
+						'feed_http_auth'			=> array('lang' => 'ACP_FEED_HTTP_AUTH',			'validate' => 'bool',	'type' => 'radio:enabled_disabled',	'explain' => true),

 						'legend2'					=> 'ACP_FEED_POST_BASED',
 						'feed_limit_post'			=> array('lang' => 'ACP_FEED_LIMIT',				'validate' => 'int:5',	'type' => 'text:3:4',				'explain' => true),
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -3920,6 +3920,103 @@ function phpbb_optionset($bit, $set, $data)
 	return $data;
 }

+/**
+* Login using http authenticate.
+*
+* @param array	$param		Parameter array, see $param_defaults array.
+*
+* @return void
+*/
+function phpbb_http_login($param)
+{
+	global $auth, $user;
+	global $config;
+
+	$param_defaults = array(
+		'auth_message'	=> '',
+
+		'autologin'		=> false,
+		'viewonline'	=> true,
+		'admin'			=> false,
+	);
+
+	// Overwrite default values with passed values
+	$param = array_merge($param_defaults, $param);
+
+	// User is already logged in
+	// We will not overwrite his session
+	if (!empty($user->data['is_registered']))
+	{
+		return;
+	}
+
+	// $_SERVER keys to check
+	$username_keys = array(
+		'PHP_AUTH_USER',
+		'Authorization',
+		'REMOTE_USER', 'REDIRECT_REMOTE_USER',
+		'HTTP_AUTHORIZATION', 'REDIRECT_HTTP_AUTHORIZATION',
+		'REMOTE_AUTHORIZATION', 'REDIRECT_REMOTE_AUTHORIZATION',
+		'AUTH_USER',
+	);
+
+	$password_keys = array(
+		'PHP_AUTH_PW',
+		'REMOTE_PASSWORD',
+		'AUTH_PASSWORD',
+	);
+
+	$username = null;
+	foreach ($username_keys as $k)
+	{
+		if (isset($_SERVER[$k]))
+		{
+			$username = $_SERVER[$k];
+			break;
+		}
+	}
+
+	$password = null;
+	foreach ($password_keys as $k)
+	{
+		if (isset($_SERVER[$k]))
+		{
+			$password = $_SERVER[$k];
+			break;
+		}
+	}
+
+	// Decode encoded information (IIS, CGI, FastCGI etc.)
+	if (!is_null($username) && is_null($password) && strpos($username, 'Basic ') === 0)
+	{
+		list($username, $password) = explode(':', base64_decode(substr($username, 6)), 2);
+    }
+
+	if (!is_null($username) && !is_null($password))
+	{
+		set_var($username, $username, 'string', true);
+		set_var($password, $password, 'string', true);
+
+		$auth_result = $auth->login($username, $password, $param['autologin'], $param['viewonline'], $param['admin']);
+
+		if ($auth_result['status'] == LOGIN_SUCCESS)
+		{
+			return;
+		}
+	}
+
+	// Prepend sitename to auth_message
+	$param['auth_message'] = ($param['auth_message'] === '') ? $config['sitename'] : $config['sitename'] . ' - ' . $param['auth_message'];
+
+	// We should probably filter out non-ASCII characters - RFC2616
+	$param['auth_message'] = preg_replace('/[\x80-\xFF]/', '?', $param['auth_message']);
+
+	header('WWW-Authenticate: Basic realm="' . $param['auth_message'] . '"');
+	header('HTTP/1.0 401 Unauthorized');
+
+	trigger_error('NOT_AUTHORISED');
+}
+
 /**
 * Generate page header
 */
--- a/phpBB/includes/questionnaire/questionnaire.php
+++ b/phpBB/includes/questionnaire/questionnaire.php
@ -350,6 +350,7 @@ class phpbb_questionnaire_phpbb_data_provider
 			'enable_pm_icons' => true,
 			'enable_post_confirm' => true,
 			'feed_enable' => true,
+			'feed_http_auth' => true,
 			'feed_limit_post' => true,
 			'feed_limit_topic' => true,
 			'feed_overall' => true,
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@ -1578,6 +1578,7 @@ function change_database_data(&$no_updates, $version)

 			// ATOM Feeds
 			set_config('feed_overall', '1');
+			set_config('feed_http_auth', '0');
 			set_config('feed_limit_post', (string) (isset($config['feed_limit']) ? (int) $config['feed_limit'] : 15));
 			set_config('feed_limit_topic', (string) (isset($config['feed_overall_topics_limit']) ? (int) $config['feed_overall_topics_limit'] : 10));
 			set_config('feed_topics_new', (!empty($config['feed_overall_topics']) ? '1' : '0'));
--- a/phpBB/install/schemas/schema_data.sql
+++ b/phpBB/install/schemas/schema_data.sql
@ -99,6 +99,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_pm_icons', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_post_confirm', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('feed_enable', '0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('feed_http_auth', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('feed_limit_post', '15');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('feed_limit_topic', '10');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('feed_overall_forums', '0');
--- a/phpBB/language/en/acp/board.php
+++ b/phpBB/language/en/acp/board.php
@ -276,6 +276,8 @@ $lang = array_merge($lang, array(
 	'ACP_FEED_OVERALL_FORUMS'			=> 'Enable forums feed',
 	'ACP_FEED_OVERALL_FORUMS_EXPLAIN'	=> 'Enables the “All forums” feed, which displays a list of forums.',

+	'ACP_FEED_HTTP_AUTH'				=> 'Allow HTTP Authentication',
+	'ACP_FEED_HTTP_AUTH_EXPLAIN'		=> 'Enables HTTP authentication, which allows users to receive content that is hidden to guest users by adding the <samp>auth=http</samp> parameter to the feed URL. Please note that some PHP setups require additional changes to the .htaccess file. Instructions can be found in that file.',
 	'ACP_FEED_ITEM_STATISTICS'			=> 'Item statistics',
 	'ACP_FEED_ITEM_STATISTICS_EXPLAIN'	=> 'Display individual statistics underneath feed items<br />(e.g. posted by, date and time, replies, views)',
 	'ACP_FEED_EXCLUDE_ID'				=> 'Exclude these forums',