PageRenderTime 40ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/phpmyadmin/libraries/auth/signon.auth.lib.php

https://bitbucket.org/adarshj/convenient_website
PHP | 249 lines | 121 code | 40 blank | 88 comment | 25 complexity | 2140a25760ebfe7c120d8cd7be270b33 MD5 | raw file
Possible License(s): Apache-2.0, MPL-2.0-no-copyleft-exception, LGPL-2.1, BSD-2-Clause, GPL-2.0, LGPL-3.0
  1. <?php
  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
  3. /**
  4. * Set of functions used to run single signon authentication.
  5. *
  6. * @package PhpMyAdmin-Auth-Signon
  7. */
  8. /**
  9. * Displays authentication form
  10. *
  11. * @global string the font face to use in case of failure
  12. * @global string the default font size to use in case of failure
  13. * @global string the big font size to use in case of failure
  14. *
  15. * @return boolean always true (no return indeed)
  16. *
  17. * @access public
  18. */
  19. function PMA_auth()
  20. {
  21. unset($_SESSION['LAST_SIGNON_URL']);
  22. if (empty($GLOBALS['cfg']['Server']['SignonURL'])) {
  23. PMA_fatalError('You must set SignonURL!');
  24. } elseif (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
  25. /* Perform logout to custom URL */
  26. PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
  27. } else {
  28. PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['SignonURL']);
  29. }
  30. exit();
  31. } // end of the 'PMA_auth()' function
  32. /**
  33. * Gets advanced authentication settings
  34. *
  35. * @global string the username if register_globals is on
  36. * @global string the password if register_globals is on
  37. * @global array the array of server variables if register_globals is
  38. * off
  39. * @global array the array of environment variables if register_globals
  40. * is off
  41. * @global string the username for the ? server
  42. * @global string the password for the ? server
  43. * @global string the username for the WebSite Professional server
  44. * @global string the password for the WebSite Professional server
  45. * @global string the username of the user who logs out
  46. *
  47. * @return boolean whether we get authentication settings or not
  48. *
  49. * @access public
  50. */
  51. function PMA_auth_check()
  52. {
  53. global $PHP_AUTH_USER, $PHP_AUTH_PW;
  54. /* Check if we're using same sigon server */
  55. if (isset($_SESSION['LAST_SIGNON_URL']) && $_SESSION['LAST_SIGNON_URL'] != $GLOBALS['cfg']['Server']['SignonURL']) {
  56. return false;
  57. }
  58. /* Script name */
  59. $script_name = $GLOBALS['cfg']['Server']['SignonScript'];
  60. /* Session name */
  61. $session_name = $GLOBALS['cfg']['Server']['SignonSession'];
  62. /* Login URL */
  63. $signon_url = $GLOBALS['cfg']['Server']['SignonURL'];
  64. /* Current host */
  65. $single_signon_host = $GLOBALS['cfg']['Server']['host'];
  66. /* Current port */
  67. $single_signon_port = $GLOBALS['cfg']['Server']['port'];
  68. /* No configuration updates */
  69. $single_signon_cfgupdate = array();
  70. /* Are we requested to do logout? */
  71. $do_logout = !empty($_REQUEST['old_usr']);
  72. /* Handle script based auth */
  73. if (!empty($script_name)) {
  74. if (! file_exists($script_name)) {
  75. PMA_fatalError(__('Can not find signon authentication script:') . ' ' . $script_name);
  76. }
  77. include $script_name;
  78. list ($PHP_AUTH_USER, $PHP_AUTH_PW) = get_login_credentials($cfg['Server']['user']);
  79. /* Does session exist? */
  80. } elseif (isset($_COOKIE[$session_name])) {
  81. /* End current session */
  82. $old_session = session_name();
  83. $old_id = session_id();
  84. session_write_close();
  85. /* Load single signon session */
  86. session_name($session_name);
  87. session_id($_COOKIE[$session_name]);
  88. session_start();
  89. /* Clear error message */
  90. unset($_SESSION['PMA_single_signon_error_message']);
  91. /* Grab credentials if they exist */
  92. if (isset($_SESSION['PMA_single_signon_user'])) {
  93. if ($do_logout) {
  94. $PHP_AUTH_USER = '';
  95. } else {
  96. $PHP_AUTH_USER = $_SESSION['PMA_single_signon_user'];
  97. }
  98. }
  99. if (isset($_SESSION['PMA_single_signon_password'])) {
  100. if ($do_logout) {
  101. $PHP_AUTH_PW = '';
  102. } else {
  103. $PHP_AUTH_PW = $_SESSION['PMA_single_signon_password'];
  104. }
  105. }
  106. if (isset($_SESSION['PMA_single_signon_host'])) {
  107. $single_signon_host = $_SESSION['PMA_single_signon_host'];
  108. }
  109. if (isset($_SESSION['PMA_single_signon_port'])) {
  110. $single_signon_port = $_SESSION['PMA_single_signon_port'];
  111. }
  112. if (isset($_SESSION['PMA_single_signon_cfgupdate'])) {
  113. $single_signon_cfgupdate = $_SESSION['PMA_single_signon_cfgupdate'];
  114. }
  115. /* Also get token as it is needed to access subpages */
  116. if (isset($_SESSION['PMA_single_signon_token'])) {
  117. /* No need to care about token on logout */
  118. $pma_token = $_SESSION['PMA_single_signon_token'];
  119. }
  120. /* End single signon session */
  121. session_write_close();
  122. /* Restart phpMyAdmin session */
  123. session_name($old_session);
  124. if (!empty($old_id)) {
  125. session_id($old_id);
  126. }
  127. session_start();
  128. /* Set the single signon host */
  129. $GLOBALS['cfg']['Server']['host'] = $single_signon_host;
  130. /* Set the single signon port */
  131. $GLOBALS['cfg']['Server']['port'] = $single_signon_port;
  132. /* Configuration update */
  133. $GLOBALS['cfg']['Server'] = array_merge($GLOBALS['cfg']['Server'], $single_signon_cfgupdate);
  134. /* Restore our token */
  135. if (!empty($pma_token)) {
  136. $_SESSION[' PMA_token '] = $pma_token;
  137. }
  138. /**
  139. * Clear user cache.
  140. */
  141. PMA_clearUserCache();
  142. }
  143. // Returns whether we get authentication settings or not
  144. if (empty($PHP_AUTH_USER)) {
  145. unset($_SESSION['LAST_SIGNON_URL']);
  146. return false;
  147. } else {
  148. $_SESSION['LAST_SIGNON_URL'] = $GLOBALS['cfg']['Server']['SignonURL'];
  149. return true;
  150. }
  151. } // end of the 'PMA_auth_check()' function
  152. /**
  153. * Set the user and password after last checkings if required
  154. *
  155. * @global array the valid servers settings
  156. * @global integer the id of the current server
  157. * @global array the current server settings
  158. * @global string the current username
  159. * @global string the current password
  160. *
  161. * @return boolean always true
  162. *
  163. * @access public
  164. */
  165. function PMA_auth_set_user()
  166. {
  167. global $cfg;
  168. global $PHP_AUTH_USER, $PHP_AUTH_PW;
  169. $cfg['Server']['user'] = $PHP_AUTH_USER;
  170. $cfg['Server']['password'] = $PHP_AUTH_PW;
  171. return true;
  172. } // end of the 'PMA_auth_set_user()' function
  173. /**
  174. * User is not allowed to login to MySQL -> authentication failed
  175. *
  176. * @return boolean always true (no return indeed)
  177. *
  178. * @access public
  179. */
  180. function PMA_auth_fails()
  181. {
  182. /* Session name */
  183. $session_name = $GLOBALS['cfg']['Server']['SignonSession'];
  184. /* Does session exist? */
  185. if (isset($_COOKIE[$session_name])) {
  186. /* End current session */
  187. $old_session = session_name();
  188. $old_id = session_id();
  189. session_write_close();
  190. /* Load single signon session */
  191. session_name($session_name);
  192. session_id($_COOKIE[$session_name]);
  193. session_start();
  194. /* Set error message */
  195. if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
  196. $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
  197. } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
  198. $_SESSION['PMA_single_signon_error_message'] = __('Access denied');
  199. } elseif (! empty($GLOBALS['no_activity'])) {
  200. $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
  201. } elseif (PMA_DBI_getError()) {
  202. $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
  203. } else {
  204. $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
  205. }
  206. }
  207. PMA_auth();
  208. } // end of the 'PMA_auth_fails()' function
  209. ?>