PMA\libraries\plugins\auth\AuthenticationHttp::authCheck PHP 메소드

    public function authCheck()
    {
        global $PHP_AUTH_USER, $PHP_AUTH_PW;
        // Grabs the $PHP_AUTH_USER variable
        if (empty($PHP_AUTH_USER)) {
            if (PMA_getenv('PHP_AUTH_USER')) {
                $PHP_AUTH_USER = PMA_getenv('PHP_AUTH_USER');
            } elseif (PMA_getenv('REMOTE_USER')) {
                // CGI, might be encoded, see below
                $PHP_AUTH_USER = PMA_getenv('REMOTE_USER');
            } elseif (PMA_getenv('REDIRECT_REMOTE_USER')) {
                // CGI, might be encoded, see below
                $PHP_AUTH_USER = PMA_getenv('REDIRECT_REMOTE_USER');
            } elseif (PMA_getenv('AUTH_USER')) {
                // WebSite Professional
                $PHP_AUTH_USER = PMA_getenv('AUTH_USER');
            } elseif (PMA_getenv('HTTP_AUTHORIZATION')) {
                // IIS, might be encoded, see below
                $PHP_AUTH_USER = PMA_getenv('HTTP_AUTHORIZATION');
            } elseif (PMA_getenv('Authorization')) {
                // FastCGI, might be encoded, see below
                $PHP_AUTH_USER = PMA_getenv('Authorization');
            }
        }
        // Grabs the $PHP_AUTH_PW variable
        if (empty($PHP_AUTH_PW)) {
            if (PMA_getenv('PHP_AUTH_PW')) {
                $PHP_AUTH_PW = PMA_getenv('PHP_AUTH_PW');
            } elseif (PMA_getenv('REMOTE_PASSWORD')) {
                // Apache/CGI
                $PHP_AUTH_PW = PMA_getenv('REMOTE_PASSWORD');
            } elseif (PMA_getenv('AUTH_PASSWORD')) {
                // WebSite Professional
                $PHP_AUTH_PW = PMA_getenv('AUTH_PASSWORD');
            }
        }
        // Decode possibly encoded information (used by IIS/CGI/FastCGI)
        // (do not use explode() because a user might have a colon in his password
        if (strcmp(substr($PHP_AUTH_USER, 0, 6), 'Basic ') == 0) {
            $usr_pass = base64_decode(substr($PHP_AUTH_USER, 6));
            if (!empty($usr_pass)) {
                $colon = strpos($usr_pass, ':');
                if ($colon) {
                    $PHP_AUTH_USER = substr($usr_pass, 0, $colon);
                    $PHP_AUTH_PW = substr($usr_pass, $colon + 1);
                }
                unset($colon);
            }
            unset($usr_pass);
        }
        // sanitize username
        $PHP_AUTH_USER = PMA_sanitizeMySQLUser($PHP_AUTH_USER);
        // User logged out -> ensure the new username is not the same
        $old_usr = isset($_REQUEST['old_usr']) ? $_REQUEST['old_usr'] : '';
        if (!empty($old_usr) && (isset($PHP_AUTH_USER) && hash_equals($old_usr, $PHP_AUTH_USER))) {
            $PHP_AUTH_USER = '';
        }
        // Returns whether we get authentication settings or not
        if (empty($PHP_AUTH_USER)) {
            return false;
        } else {
            return true;
        }
    }

 /**
  * Test for PMA\libraries\plugins\auth\AuthenticationHttp::authCheck
  *
  * @param string $user           test username
  * @param string $pass           test password
  * @param string $userIndex      index to test username against
  * @param string $passIndex      index to test username against
  * @param string $expectedReturn expected return value from test
  * @param string $expectedUser   expected username to be set
  * @param string $expectedPass   expected password to be set
  * @param string $old_usr        value for $_REQUEST['old_usr']
  *
  * @return void
  * @dataProvider authCheckProvider
  */
 public function testAuthCheck($user, $pass, $userIndex, $passIndex, $expectedReturn, $expectedUser, $expectedPass, $old_usr = '')
 {
     $GLOBALS['PHP_AUTH_USER'] = '';
     $GLOBALS['PHP_AUTH_PW'] = '';
     $_SERVER[$userIndex] = $user;
     $_SERVER[$passIndex] = $pass;
     $_REQUEST['old_usr'] = $old_usr;
     $this->assertEquals($expectedReturn, $this->object->authCheck());
     $this->assertEquals($expectedUser, $GLOBALS['PHP_AUTH_USER']);
     $this->assertEquals($expectedPass, $GLOBALS['PHP_AUTH_PW']);
     $_SERVER[$userIndex] = null;
     $_SERVER[$passIndex] = null;
 }