Passlock with exception

// Snippet to allow exceptions on passlocks for things such as Paypal Callback
// implement hook_boot()
function custom_boot() {
  require_once DRUPAL_ROOT . '/includes/password.inc';
 
  $exception_path = "/url_required_to_bypass_passlock";
 
  // Allow Paypal callback through
  if ($_SERVER["REQUEST_URI"] == $exception_path)
    return;
 
  // Allow logged in user through
  if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
    $query = "SELECT pass FROM {users} WHERE name = :name";
    $result = db_query($query, array(':name' => $_SERVER['PHP_AUTH_USER']));
    $account = new stdClass();
    foreach ($result as $row) {
      $account->pass = $row->pass;
    }
    if (isset($account->pass)) {
      if (user_check_password($_SERVER['PHP_AUTH_PW'], $account)) {
        return;
      }
    }
  }
 
  // Allow cron through
  if (basename($_SERVER['PHP_SELF']) == 'cron.php')
    return;
 
  // Allow PHP CLI/Drush through
  if (isset($_SERVER['argc'])) {
    if (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))
      return;
  }
 
  header('WWW-Authenticate: Basic realm="Development"');
  header('HTTP/1.0 401 Unauthorized');
  exit;
}
Help Share this Article