revert erroneously merged pull request

.gitignore

@@ -7,11 +7,9 @@ vendor/
 .project
 .buildpath
 .ptp-sync*
-.vscode/
 
 .htaccess
 .htaccessbak
-.htpasswd
 
 application/config/development/
 application/config/extensions/

.htaccess_exmpl

@@ -1,11 +0,0 @@
-# Be careful if you change the AuthName, also change it in the configs
-AuthName "FH-Complete"
-AuthType Basic
-# Change this to your root-folder
-AuthUserFile /var/www/html/.htpasswd
-
-require valid-user 
-
-# Follow symbolic links.
-Options +FollowSymLinks
-

.htpasswd_exmpl

@@ -1,14 +0,0 @@
-admin:$apr1$w6jylrnm$fbKTilbCkJ9M0cySq7lDi1
-pam:$apr1$TJRAwUxR$PifE5Lj0cs7yar7VuAlLC0
-assistenz1:
-assistenz2:
-assistenz2:
-student1:
-student2:
-student3:
-gl1:
-gl2:
-lektor1:
-lektor2:
-lektor3:
-aufnahme:

application/config/auth.php

@@ -5,7 +5,7 @@ if (!defined('BASEPATH')) exit('No direct script access allowed');
 // Array or a string of authentication methods sorted by priority (highest to lowest)
 // NOTE: AUTH_HBALDAP works also as login page (old ugly HTTP basic authentication)
 //		should be placed at the end of the array
-$config['authentication_foreign_methods'] = array(AUTH_BT, AUTH_HBA, AUTH_HBALDAP);
+$config['authentication_foreign_methods'] = array(AUTH_BT, AUTH_HBALDAP);
 
 // Login method
 $config['authentication_login'] = AUTH_LDAP;

application/config/constants.php

@@ -44,7 +44,6 @@ define('BEGINNING_OF_TIME',					'1970-01-01');
 |--------------------------------------------------------------------------
 */
 // Foreign authentication methods
-define('AUTH_HBA',	'httpBasicAuth');
 define('AUTH_HBALDAP',	'httpBasicAuthLDAP');
 define('AUTH_BT',		'bewerbung');
 

application/libraries/AuthLib.php

@@ -37,8 +37,7 @@ class AuthLib
 		// Gets CI instance
 		$this->_ci =& get_instance();
 
-		if ($authenticate === true) 
-			$this->_authenticate(); // if required -> authenticate the current user
+		if ($authenticate === true) $this->_authenticate(); // if required -> authenticate the current user
 	}
 
 	//------------------------------------------------------------------------------------------------------------------
@@ -362,40 +361,6 @@ class AuthLib
 		return $bt;
 	}
 
-	/**
-	 * Checks if the user is already authenticated with HTTP basic authentication 
-	 * NOTE: this method also display a login, not possible to be avoided due HTTP basic authentication limitations
-	 */
-	private function _checkHBAuthentication()
-	{
-		$hta = error('Not authenticated', AUTH_NOT_AUTHENTICATED); // by default is NOT authenticated
-
-		// Checks if an HTTP basic authentication is active and checks credentials using LDAP
-		if (!isset($_SERVER['PHP_AUTH_USER']))
-		{
-			// If NOT send the header to perform an HTTP basic authentication
-			header('WWW-Authenticate: Basic realm="'.AUTH_NAME.'"');
-		}
-		else // otherwise
-		{
-			// NOTE: Username needs to be trimmed and lowered because htaccess is allowing login
-			$hta = $this->_createAuthObjByPerson(array('uid' => mb_strtolower(trim($_SERVER['PHP_AUTH_USER']))));
-		}
-
-		// Invalid credentials
-		// NOTE: this is a corner case because of the HTTP basic authentication
-		if (getCode($hta) == AUTH_NOT_AUTHENTICATED || getCode($hta) == AUTH_INVALID_CREDENTIALS)
-		{
-			$this->_showInvalidAuthentication(); // this also stop the execution
-		}
-		elseif (isError($hta)) // display error and stop execution
-		{
-			$this->_showError(getError($hta));
-		}
-
-		return $hta; // if success then is returned!
-	}
-	
 	/**
 	 * Checks if the user is already authenticated with HTTP basic authentication + LDAP
 	 * NOTE: this method also display a login, not possible to be avoided due HTTP basic authentication limitations
@@ -471,9 +436,6 @@ class AuthLib
 				case AUTH_BT: // Bewerbung tool
 					$auth = $this->_checkBTAuthentication();
 					break;
-				case AUTH_HBA: // HTTP basic authentication
-					$auth = $this->_checkHBAuthentication();
-					break;
 				case AUTH_HBALDAP: // HTTP basic authentication + LDAP
 					$auth = $this->_checkHBALDAPAuthentication();
 					break;

composer.json

@@ -442,6 +442,7 @@
 		"squizlabs/php_codesniffer": "3.6.*",
 		"phpmd/phpmd": "2.*",
 		"phpmetrics/phpmetrics": "2.*",
-		"irstea/phpcpd-shim": "6.*"
+		"sebastian/phpcpd": "3.*",
+		"phpunit/phpunit": "^6"
 	}
 }

include/auth_demo.class.php

@@ -52,8 +52,7 @@ class authentication extends auth
 	// derzeit checkldapuser in functions.inc.php bzw per htaccess
 	public function checkpassword($username, $passwort)
 	{
-		var_dump($username);
-		if ($passwort=='1q2w3' 
+		if($passwort=='1q2w3' 
 			&& ($username=='pam'
 			|| $username=='admin'
 			|| $username=='assistenz1'
@@ -67,12 +66,8 @@ class authentication extends auth
 			|| $username=='lektor1'
 			|| $username=='lektor2'
 			|| $username=='lektor3'
-			|| $username=='aufnahme')
-			)
-			{
-				$_SERVER['PHP_AUTH_USER']=$username;
-				return true;
-			}
+			|| $username == 'aufnahme'))
+			return true;
 		else
 			return false;
 	}