From: Devops <sys@15gifts.com>
Date: Mon, 15 May 2017 00:19:58 +0000 (+0100)
Subject: www/dbq/dbq.php
X-Git-Url: https://git.nbdom.net/?a=commitdiff_plain;h=aaad0d05d1792e94617b75cc95729ba38c315657;p=nb.git

www/dbq/dbq.php
---

diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php
index c514e4d5..b3a1c5a6 100644
--- a/www/dbq/dbq.php
+++ b/www/dbq/dbq.php
@@ -660,8 +660,9 @@ EOF;
         if ($p['value'] and !$this->str_match($value,$p['value'])) continue;
         if ($p['section'] and !$this->str_match($_section,$p['section'])) continue;
 
-        if ($_section == 'PHP_VARIABLES'
-          and preg_match('/^(.?_SERVER\[.)?(.' . $this->hide_keys_exp . ')(.\])?$/', $name)
+        if (
+          $_section == 'PHP_VARIABLES'
+          and preg_match('/^(._SERVER\[.)?(.' . $this->hide_keys_exp . ')(.\])?$/', $name)
         ) {
           $value = $this->hide_keys_value;
         }
@@ -721,13 +722,13 @@ EOF;
       unset($_SERVER['REMOTE_USER']);
 
       #header('Content-type: text/html');
-      if (empty($_REQUEST['realm'])) header('WWW-Authenticate: Basic');
-      else header('WWW-Authenticate: Basic realm="'.$_REQUEST['realm'].'"');
+      if (!empty($_REQUEST['realm'])) header('WWW-Authenticate: Basic realm="'.$_REQUEST['realm'].'"');
+      else header('WWW-Authenticate: Basic');
 
-    header('HTTP/1.1 401 Access Denied');
-    header('HTTP/1.1 401 Unauthorized');
     }
 
+    header('HTTP/1.1 401 Access Denied');
+    header('HTTP/1.1 401 Unauthorized');
     if (1) echo <<<EOF
 <script type="text/javascript">
 document.addEventListener("DOMContentLoaded", function(event){