Ejemplo n.º 1
0
function auth_error($exception = null)
{
    global $connection, $adminer, $token;
    $session_name = session_name();
    $error = "";
    if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) {
        $error = lang('Session support must be enabled.');
    } elseif (isset($_GET["username"])) {
        if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) {
            $error = lang('Session expired, please login again.');
        } else {
            $password =& get_session("pwds");
            if ($password !== null) {
                $error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
                $password = null;
            }
            unset_permanent();
        }
    }
    page_header(lang('Login'), $error, null);
    echo "<form action='' method='post'>\n";
    $adminer->loginForm();
    echo "<div>";
    hidden_fields($_POST, array("auth"));
    // expired session
    echo "</div>\n";
    echo "</form>\n";
    page_footer("auth");
}
Ejemplo n.º 2
0
/** Renders an error message and a login form
* @param string plain text
* @return null exits
*/
function auth_error($error)
{
    global $adminer, $has_token;
    $error = h($error);
    $session_name = session_name();
    if (isset($_GET["username"])) {
        header("HTTP/1.1 403 Forbidden");
        // 401 requires sending WWW-Authenticate header
        if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$has_token) {
            $error = lang('Session expired, please login again.');
        } else {
            add_invalid_login();
            $password = get_password();
            if ($password !== null) {
                if ($password === false) {
                    $error .= '<br>' . lang('Master password expired. <a href="https://www.adminer.org/en/extension/" target="_blank">Implement</a> %s method to make it permanent.', '<code>permanentLogin()</code>');
                }
                set_password(DRIVER, SERVER, $_GET["username"], null);
            }
            unset_permanent();
        }
    }
    if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) {
        $error = lang('Session support must be enabled.');
    }
    $params = session_get_cookie_params();
    cookie("adminer_key", $_COOKIE["adminer_key"] ? $_COOKIE["adminer_key"] : rand_string(), $params["lifetime"]);
    page_header(lang('Login'), $error, null);
    echo "<form action='' method='post'>\n";
    $adminer->loginForm();
    echo "<div>";
    hidden_fields($_POST, array("auth"));
    // expired session
    echo "</div>\n";
    echo "</form>\n";
    page_footer("auth");
    exit;
}