www.aleph1.co.uk Git - yaffs-website/blob - vendor/symfony/http-foundation/ServerBag.php

   1 <?php
   2
   3 /*
   4  * This file is part of the Symfony package.
   5  *
   6  * (c) Fabien Potencier <fabien@symfony.com>
   7  *
   8  * For the full copyright and license information, please view the LICENSE
   9  * file that was distributed with this source code.
  10  */
  11
  12 namespace Symfony\Component\HttpFoundation;
  13
  14 /**
  15  * ServerBag is a container for HTTP headers from the $_SERVER variable.
  16  *
  17  * @author Fabien Potencier <fabien@symfony.com>
  18  * @author Bulat Shakirzyanov <mallluhuct@gmail.com>
  19  * @author Robert Kiss <kepten@gmail.com>
  20  */
  21 class ServerBag extends ParameterBag
  22 {
  23     /**
  24      * Gets the HTTP headers.
  25      *
  26      * @return array
  27      */
  28     public function getHeaders()
  29     {
  30         $headers = array();
  31         $contentHeaders = array('CONTENT_LENGTH' => true, 'CONTENT_MD5' => true, 'CONTENT_TYPE' => true);
  32         foreach ($this->parameters as $key => $value) {
  33             if (0 === strpos($key, 'HTTP_')) {
  34                 $headers[substr($key, 5)] = $value;
  35             }
  36             // CONTENT_* are not prefixed with HTTP_
  37             elseif (isset($contentHeaders[$key])) {
  38                 $headers[$key] = $value;
  39             }
  40         }
  41
  42         if (isset($this->parameters['PHP_AUTH_USER'])) {
  43             $headers['PHP_AUTH_USER'] = $this->parameters['PHP_AUTH_USER'];
  44             $headers['PHP_AUTH_PW'] = isset($this->parameters['PHP_AUTH_PW']) ? $this->parameters['PHP_AUTH_PW'] : '';
  45         } else {
  46             /*
  47              * php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default
  48              * For this workaround to work, add these lines to your .htaccess file:
  49              * RewriteCond %{HTTP:Authorization} ^(.+)$
  50              * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  51              *
  52              * A sample .htaccess file:
  53              * RewriteEngine On
  54              * RewriteCond %{HTTP:Authorization} ^(.+)$
  55              * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  56              * RewriteCond %{REQUEST_FILENAME} !-f
  57              * RewriteRule ^(.*)$ app.php [QSA,L]
  58              */
  59
  60             $authorizationHeader = null;
  61             if (isset($this->parameters['HTTP_AUTHORIZATION'])) {
  62                 $authorizationHeader = $this->parameters['HTTP_AUTHORIZATION'];
  63             } elseif (isset($this->parameters['REDIRECT_HTTP_AUTHORIZATION'])) {
  64                 $authorizationHeader = $this->parameters['REDIRECT_HTTP_AUTHORIZATION'];
  65             }
  66
  67             if (null !== $authorizationHeader) {
  68                 if (0 === stripos($authorizationHeader, 'basic ')) {
  69                     // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
  70                     $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)), 2);
  71                     if (count($exploded) == 2) {
  72                         list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;
  73                     }
  74                 } elseif (empty($this->parameters['PHP_AUTH_DIGEST']) && (0 === stripos($authorizationHeader, 'digest '))) {
  75                     // In some circumstances PHP_AUTH_DIGEST needs to be set
  76                     $headers['PHP_AUTH_DIGEST'] = $authorizationHeader;
  77                     $this->parameters['PHP_AUTH_DIGEST'] = $authorizationHeader;
  78                 } elseif (0 === stripos($authorizationHeader, 'bearer ')) {
  79                     /*
  80                      * XXX: Since there is no PHP_AUTH_BEARER in PHP predefined variables,
  81                      *      I'll just set $headers['AUTHORIZATION'] here.
  82                      *      http://php.net/manual/en/reserved.variables.server.php
  83                      */
  84                     $headers['AUTHORIZATION'] = $authorizationHeader;
  85                 }
  86             }
  87         }
  88
  89         if (isset($headers['AUTHORIZATION'])) {
  90             return $headers;
  91         }
  92
  93         // PHP_AUTH_USER/PHP_AUTH_PW
  94         if (isset($headers['PHP_AUTH_USER'])) {
  95             $headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
  96         } elseif (isset($headers['PHP_AUTH_DIGEST'])) {
  97             $headers['AUTHORIZATION'] = $headers['PHP_AUTH_DIGEST'];
  98         }
  99
 100         return $headers;
 101     }
 102 }