From c0a71ac4d7f629084facef5a5bbd58a6f1c2af7d Mon Sep 17 00:00:00 2001
From: Ivan Enderlin <ivan.enderlin@hoa-project.net>
Date: Thu, 19 Mar 2015 16:51:41 +0100
Subject: [PATCH] `getCredentials` returns null if incomplete.

If the colon is missing (in `user:password`), `getCredentials` will
return an array of one value instead of null whereas this is incorrect.
We then check that the credentials form a pair of two values.
---
 lib/Auth/Basic.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/Auth/Basic.php b/lib/Auth/Basic.php
index 0b23db0..ae30e8a 100644
--- a/lib/Auth/Basic.php
+++ b/lib/Auth/Basic.php
@@ -37,7 +37,13 @@ function getCredentials() {
             return null;
         }
 
-        return explode(':',base64_decode(substr($auth, 6)), 2);
+        $credentials = explode(':',base64_decode(substr($auth, 6)), 2);
+
+        if (2 !== count($credentials)) {
+            return null;
+        }
+
+        return $credentials;
 
     }