extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-27 17:18:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Api - fix authentication loop with password protected email download links

Browse Source
This commit is contained in:
nathangray 2019-02-25 11:25:31 -07:00
parent 4a37e31102
commit be7e9c123f
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
api/src/Sharing.php
View File

@ -195,9 +195,9 @@ class Sharing
// check password, if required
if ($share['share_passwd'] && (empty($_SERVER['PHP_AUTH_PW']) ||
!(Api\Auth::compare_password($_SERVER['PHP_AUTH_PW'], $share['share_passwd'], 'crypt') ||
Api\Header\Authenticate::decode_password($_SERVER['PHP_AUTH_PW']) &&
Api\Auth::compare_password($_SERVER['PHP_AUTH_PW'], $share['share_passwd'], 'crypt'))))
!(Auth::compare_password($_SERVER['PHP_AUTH_PW'], $share['share_passwd'], 'crypt') ||
Header\Authenticate::decode_password($_SERVER['PHP_AUTH_PW']) &&
Auth::compare_password($_SERVER['PHP_AUTH_PW'], $share['share_passwd'], 'crypt'))))
{
$realm = 'EGroupware share '.$share['share_token'];
header('WWW-Authenticate: Basic realm="'.$realm.'"');