Replace direct access to $_SERVER with $INPUT->server->…

Note: As I do not use this plugin, this is completely untested. It should fix dokuwiki#3778 (unless I made a stupid mistake).
fiwswe · Sep 21, 2022 · ce0feb5 · ce0feb5
1 parent fe4fec2
commit ce0feb5
Showing 1 changed file with 12 additions and 10 deletions.
diff --git a/lib/plugins/authad/auth.php b/lib/plugins/authad/auth.php
@@ -97,21 +97,21 @@ public function __construct()
         }
 
         // Prepare SSO
-        if (!empty($_SERVER['REMOTE_USER'])) {
+        if (!empty($INPUT->server->str('REMOTE_USER'))) {
             // make sure the right encoding is used
             if ($this->getConf('sso_charset')) {
-                $_SERVER['REMOTE_USER'] = iconv($this->getConf('sso_charset'), 'UTF-8', $_SERVER['REMOTE_USER']);
-            } elseif (!\dokuwiki\Utf8\Clean::isUtf8($_SERVER['REMOTE_USER'])) {
-                $_SERVER['REMOTE_USER'] = utf8_encode($_SERVER['REMOTE_USER']);
+                $INPUT->server->set('REMOTE_USER', iconv($this->getConf('sso_charset'), 'UTF-8', $INPUT->server->str('REMOTE_USER')));
+            } elseif (!\dokuwiki\Utf8\Clean::isUtf8($INPUT->server->str('REMOTE_USER'))) {
+                $INPUT->server->set('REMOTE_USER', utf8_encode($INPUT->server->str('REMOTE_USER')));
             }
 
             // trust the incoming user
             if ($this->conf['sso']) {
-                $_SERVER['REMOTE_USER'] = $this->cleanUser($_SERVER['REMOTE_USER']);
+                $INPUT->server->set('REMOTE_USER', $this->cleanUser($INPUT->server->str('REMOTE_USER')));
 
                 // we need to simulate a login
                 if (empty($_COOKIE[DOKU_COOKIE])) {
-                    $INPUT->set('u', $_SERVER['REMOTE_USER']);
+                    $INPUT->set('u', $INPUT->server->str('REMOTE_USER'));
                     $INPUT->set('p', 'sso_only');
                 }
             }
@@ -131,8 +131,9 @@ public function __construct()
      */
     public function canDo($cap)
     {
+        global $INPUT;
         //capabilities depend on config, which may change depending on domain
-        $domain = $this->getUserDomain($_SERVER['REMOTE_USER']);
+        $domain = $this->getUserDomain($INPUT->server->str('REMOTE_USER'));
         $this->loadServerConfig($domain);
         return parent::canDo($cap);
     }
@@ -151,8 +152,8 @@ public function canDo($cap)
      */
     public function checkPass($user, $pass)
     {
-        if ($_SERVER['REMOTE_USER'] &&
-            $_SERVER['REMOTE_USER'] == $user &&
+        global $INPUT;
+        if ($INPUT->server->str('REMOTE_USER') == $user &&
             $this->conf['sso']
         ) return true;
 
@@ -197,6 +198,7 @@ public function getUserData($user, $requireGroups = true)
         global $conf;
         global $lang;
         global $ID;
+        global $INPUT;
         $adldap = $this->initAdLdap($this->getUserDomain($user));
         if (!$adldap) return array();
 
@@ -262,7 +264,7 @@ public function getUserData($user, $requireGroups = true)
                     $info['expiresin'] = round(($info['expiresat'] - time())/(24*60*60));
 
                     // if this is the current user, warn him (once per request only)
-                    if (($_SERVER['REMOTE_USER'] == $user) &&
+                    if (($INPUT->server->str('REMOTE_USER') == $user) &&
                         ($info['expiresin'] <= $this->conf['expirywarn']) &&
                         !$this->msgshown
                     ) {