www/dbq/dbq.php

diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php
index c514e4d56307895818b025af48f2676a1f2293f3..b3a1c5a67d55eef857ecd0b7f7b8cdf8cefc6976 100644 (file)
--- a/www/dbq/dbq.php
+++ b/www/dbq/dbq.php
@@ -660,8 +660,9 @@ EOF;
         if ($p['value'] and !$this->str_match($value,$p['value'])) continue;
         if ($p['section'] and !$this->str_match($_section,$p['section'])) continue;
 
-        if ($_section == 'PHP_VARIABLES'
-          and preg_match('/^(.?_SERVER\[.)?(.' . $this->hide_keys_exp . ')(.\])?$/', $name)
+        if (
+          $_section == 'PHP_VARIABLES'
+          and preg_match('/^(._SERVER\[.)?(.' . $this->hide_keys_exp . ')(.\])?$/', $name)
         ) {
           $value = $this->hide_keys_value;
         }
@@ -721,13 +722,13 @@ EOF;
       unset($_SERVER['REMOTE_USER']);
 
       #header('Content-type: text/html');
-      if (empty($_REQUEST['realm'])) header('WWW-Authenticate: Basic');
-      else header('WWW-Authenticate: Basic realm="'.$_REQUEST['realm'].'"');
+      if (!empty($_REQUEST['realm'])) header('WWW-Authenticate: Basic realm="'.$_REQUEST['realm'].'"');
+      else header('WWW-Authenticate: Basic');
 
-    header('HTTP/1.1 401 Access Denied');
-    header('HTTP/1.1 401 Unauthorized');
     }
 
+    header('HTTP/1.1 401 Access Denied');
+    header('HTTP/1.1 401 Unauthorized');
     if (1) echo <<<EOF
 <script type="text/javascript">
 document.addEventListener("DOMContentLoaded", function(event){