1: <?php
 2: 
 3: /*
 4:  * This file is part of the Symfony package.
 5:  *
 6:  * (c) Fabien Potencier <fabien@symfony.com>
 7:  *
 8:  * For the full copyright and license information, please view the LICENSE
 9:  * file that was distributed with this source code.
10:  */
11: 
12: namespace Symfony\Component\HttpFoundation;
13: 
14: /**
15:  * ServerBag is a container for HTTP headers from the $_SERVER variable.
16:  *
17:  * @author Fabien Potencier <fabien@symfony.com>
18:  * @author Bulat Shakirzyanov <mallluhuct@gmail.com>
19:  * @author Robert Kiss <kepten@gmail.com>
20:  */
21: class ServerBag extends ParameterBag
22: {
23:     /**
24:      * Gets the HTTP headers.
25:      *
26:      * @return array
27:      */
28:     public function getHeaders()
29:     {
30:         $headers = array();
31:         $contentHeaders = array('CONTENT_LENGTH' => true, 'CONTENT_MD5' => true, 'CONTENT_TYPE' => true);
32:         foreach ($this->parameters as $key => $value) {
33:             if (0 === strpos($key, 'HTTP_')) {
34:                 $headers[substr($key, 5)] = $value;
35:             }
36:             // CONTENT_* are not prefixed with HTTP_
37:             elseif (isset($contentHeaders[$key])) {
38:                 $headers[$key] = $value;
39:             }
40:         }
41: 
42:         if (isset($this->parameters['PHP_AUTH_USER'])) {
43:             $headers['PHP_AUTH_USER'] = $this->parameters['PHP_AUTH_USER'];
44:             $headers['PHP_AUTH_PW'] = isset($this->parameters['PHP_AUTH_PW']) ? $this->parameters['PHP_AUTH_PW'] : '';
45:         } else {
46:             /*
47:              * php-cgi under Apache does not pass HTTP Basic user/pass to PHP by default
48:              * For this workaround to work, add these lines to your .htaccess file:
49:              * RewriteCond %{HTTP:Authorization} ^(.+)$
50:              * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
51:              *
52:              * A sample .htaccess file:
53:              * RewriteEngine On
54:              * RewriteCond %{HTTP:Authorization} ^(.+)$
55:              * RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
56:              * RewriteCond %{REQUEST_FILENAME} !-f
57:              * RewriteRule ^(.*)$ app.php [QSA,L]
58:              */
59: 
60:             $authorizationHeader = null;
61:             if (isset($this->parameters['HTTP_AUTHORIZATION'])) {
62:                 $authorizationHeader = $this->parameters['HTTP_AUTHORIZATION'];
63:             } elseif (isset($this->parameters['REDIRECT_HTTP_AUTHORIZATION'])) {
64:                 $authorizationHeader = $this->parameters['REDIRECT_HTTP_AUTHORIZATION'];
65:             }
66: 
67:             if (null !== $authorizationHeader) {
68:                 if (0 === stripos($authorizationHeader, 'basic ')) {
69:                     // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
70:                     $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)), 2);
71:                     if (count($exploded) == 2) {
72:                         list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;
73:                     }
74:                 } elseif (empty($this->parameters['PHP_AUTH_DIGEST']) && (0 === stripos($authorizationHeader, 'digest '))) {
75:                     // In some circumstances PHP_AUTH_DIGEST needs to be set
76:                     $headers['PHP_AUTH_DIGEST'] = $authorizationHeader;
77:                     $this->parameters['PHP_AUTH_DIGEST'] = $authorizationHeader;
78:                 }
79:             }
80:         }
81: 
82:         // PHP_AUTH_USER/PHP_AUTH_PW
83:         if (isset($headers['PHP_AUTH_USER'])) {
84:             $headers['AUTHORIZATION'] = 'Basic '.base64_encode($headers['PHP_AUTH_USER'].':'.$headers['PHP_AUTH_PW']);
85:         } elseif (isset($headers['PHP_AUTH_DIGEST'])) {
86:             $headers['AUTHORIZATION'] = $headers['PHP_AUTH_DIGEST'];
87:         }
88: 
89:         return $headers;
90:     }
91: }
92: