fix: Updated http-auth to work with nginx http auth #6102 (#6174)

html/includes/authenticate.inc.php

@@ -46,6 +46,8 @@ if (isset($_POST['username']) && isset($_POST['password'])) {
     $_SESSION['password'] = $_GET['password'];
 } elseif (isset($_SERVER['REMOTE_USER'])) {
     $_SESSION['username'] = $_SERVER['REMOTE_USER'];
+} elseif (isset($_SERVER['PHP_AUTH_USER'])) {
+    $_SESSION['username'] = $_SERVER['PHP_AUTH_USER'];
 }
 
 if (!isset($config['auth_mechanism'])) {

html/includes/authentication/http-auth.inc.php

@@ -11,8 +11,8 @@ function authenticate($username, $password)
 {
     global $config;
 
-    if (isset($_SERVER['REMOTE_USER'])) {
+    if (isset($_SERVER['REMOTE_USER']) || isset($_SERVER['PHP_AUTH_USER'])) {
-        $_SESSION['username'] = mres($_SERVER['REMOTE_USER']);
+        $_SESSION['username'] = mres($_SERVER['REMOTE_USER']) ?: mres($_SERVER['PHP_AUTH_USER']);
 
         $row = @dbFetchRow('SELECT username FROM `users` WHERE `username`=?', array($_SESSION['username']));
         if (isset($row['username']) && $row['username'] == $_SESSION['username']) {