Allow multiple usernames when using HTTP authentication for the admin interface

Changed $cfg['admin_http_auth_user'] to an array to provide multiple usernames.
The option to provide a string here is preserved for backward compatibility.

diff --git a/admin.php b/admin.php
index 0f8967f90736d5193841e4ba664a99dbad699b43..09bded527fa9ab6f59d204f537b39efaa150a756 100644 (file)
--- a/admin.php
+++ b/admin.php
@@ -64,7 +64,8 @@ if (php_sapi_name() == "cli") {
     if (!jirafeau_admin_session_logged()) {
         /* Test HTTP authentication. */
         if (!empty($cfg['admin_http_auth_user']) &&
     if (!jirafeau_admin_session_logged()) {
         /* Test HTTP authentication. */
         if (!empty($cfg['admin_http_auth_user']) &&

-          $cfg['admin_http_auth_user'] == $_SERVER['PHP_AUTH_USER']) {
+          ((is_array($cfg['admin_http_auth_user']) && in_array($_SERVER['PHP_AUTH_USER'], $cfg['admin_http_auth_user'])) ||
+          (($cfg['admin_http_auth_user'] == $_SERVER['PHP_AUTH_USER'])))) {

             jirafeau_admin_session_start();
         }
         /* Test web password authentication. */
             jirafeau_admin_session_start();
         }
         /* Test web password authentication. */

diff --git a/lib/config.original.php b/lib/config.original.php
index 154308955d9f8c7ec81eacc78f126359a89aadf4..bfa76af9c6f4332164799d7b263619a1019e5a5f 100644 (file)
--- a/lib/config.original.php
+++ b/lib/config.original.php
@@ -100,13 +100,15 @@ $cfg['upload_ip_nopassword'] = array();
  */
 $cfg['admin_password'] = '';
 
  */
 $cfg['admin_password'] = '';
 

-/* If set, let the user be authenticated as administrator.
- * The user provided here is the user authenticated by HTTP authentication.
+/* If set, let the users be authenticated as administrator.
+ * The users provided here are authenticated by HTTP authentication.

  * Note that Jirafeau does not manage the HTTP login part, it just checks
  * Note that Jirafeau does not manage the HTTP login part, it just checks

- * that the provided user is logged in.
+ * that one of the provided users is logged in.
+ * May be an array for multiple users or a string for a single user.
+ * The option to provide a string is for backward compatibility.

  * If »admin_password« parameter is set, then the »admin_password« is ignored.
  */
  * If »admin_password« parameter is set, then the »admin_password« is ignored.
  */

-$cfg['admin_http_auth_user'] = '';
+$cfg['admin_http_auth_user'] = array();

 
 /* List of IP allowed to access the admin interface.
  * If the list is empty, then there is no admin interface restriction based on IP.
 
 /* List of IP allowed to access the admin interface.
  * If the list is empty, then there is no admin interface restriction based on IP.