]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4de8da3)
Make PHP_AUTH_* variables not available in safe mode under Apache. Patch by
authorAndrei Zmievski <andrei@php.net>
Sat, 21 Dec 2002 20:09:09 +0000 (20:09 +0000)
committerAndrei Zmievski <andrei@php.net>
Sat, 21 Dec 2002 20:09:09 +0000 (20:09 +0000)
Philip Olson.

sapi/apache/mod_php4.c patch | blob | history

diff --git a/sapi/apache/mod_php4.c b/sapi/apache/mod_php4.c
index ce060e3c7561052251e49e58bb6a871cf0f74d88..5168ddf0fe679d72b142b311a15cfa7b234600a1 100644 (file)
--- a/sapi/apache/mod_php4.c
+++ b/sapi/apache/mod_php4.c
@@ -415,7 +415,7 @@ static void init_request_info(TSRMLS_D)
                authorization = table_get(r->headers_in, "Authorization");
        }
        if (authorization
-               && !auth_type(r)
+               && (!PG(safe_mode) || (PG(safe_mode) && !auth_type(r)))
                && !strcasecmp(getword(r->pool, &authorization, ' '), "Basic")) {
                tmp = uudecode(r->pool, authorization);
                SG(request_info).auth_user = getword_nulls_nc(r->pool, &tmp, ':');
Unnamed repository; edit this file 'description' to name the repository.