From 8a34084df101a8511b4be4adc4c489baae3bcfce Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Tue, 5 Jan 2021 10:37:30 +0300
Subject: auth_remote: rewrite header checking to be more readable

---
 plugins/auth_remote/init.php | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'plugins')

diff --git a/plugins/auth_remote/init.php b/plugins/auth_remote/init.php
index d2e7a35e6..343758b60 100644
--- a/plugins/auth_remote/init.php
+++ b/plugins/auth_remote/init.php
@@ -41,12 +41,14 @@ class Auth_Remote extends Plugin implements IAuthModule {
 	 * @SuppressWarnings(PHPMD.UnusedFormalParameter)
 	 */
 	function authenticate($login, $password) {
-		$try_login = $_SERVER["REMOTE_USER"];
-		if (!$try_login) $try_login = $_SERVER["HTTP_REMOTE_USER"];
+		$try_login = "";
 
-		// php-cgi
-		if (!$try_login) $try_login = $_SERVER["REDIRECT_REMOTE_USER"];
-		if (!$try_login) $try_login = $_SERVER["PHP_AUTH_USER"];
+		foreach (["REMOTE_USER", "HTTP_REMOTE_USER", "REDIRECT_REMOTE_USER", "PHP_AUTH_USER"] as $hdr) {
+			if (isset($_SERVER[$hdr])) {
+				$try_login = $_SERVER["hdr"];
+				break;
+			}
+		}
 
 		if (!$try_login) $try_login = $this->get_login_by_ssl_certificate();
 
-- 
cgit v1.2.3