/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
PMA_auth();
return TRUE;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
$error = PMA_DBI_getError();
if ($error && $GLOBALS['errno'] != 1045) {
PMA_fatalError($error);
} else {
PMA_auth();
return true;
}
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* prepares error message and switches to PMA_auth() which display the error
* and the login form
*
* this function MUST exit/quit the application,
* currently doen by call to PMA_auth()
*
* @access public
*/
function PMA_auth_fails()
{
global $conn_error;
// Deletes password cookie and displays the login form
$GLOBALS['PMA_Config']->removeCookie('pmaPass-' . $GLOBALS['server']);
if (!empty($GLOBALS['login_without_password_is_forbidden'])) {
$conn_error = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
} elseif (!empty($GLOBALS['allowDeny_forbidden'])) {
$conn_error = __('Access denied');
} elseif (!empty($GLOBALS['no_activity'])) {
$conn_error = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
// Remember where we got timeout to return on same place
if (PMA_getenv('SCRIPT_NAME')) {
$GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
// avoid "missing parameter: field" on re-entry
if ('tbl_alter.php' == $GLOBALS['target']) {
$GLOBALS['target'] = 'tbl_structure.php';
}
}
} elseif (PMA_DBI_getError()) {
$conn_error = '#' . $GLOBALS['errno'] . ' ' . __('Cannot log in to the MySQL server');
} else {
$conn_error = __('Cannot log in to the MySQL server');
}
// needed for PHP-CGI (not need for FastCGI or mod-php)
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Pragma: no-cache');
PMA_auth();
}
if ($server == 0) {
$cfg['Server'] = array();
} else {
if (isset($cfg['Servers'][$server])) {
$cfg['Server'] = $cfg['Servers'][$server];
/**
* Loads the proper database interface for this server
*/
require_once './libraries/database_interface.lib.php';
// Gets the authentication library that fits the $cfg['Server'] settings
// and run authentication
// (for a quick check of path disclosure in auth/cookies:)
$coming_from_common = TRUE;
require_once './libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php';
if (!PMA_auth_check()) {
PMA_auth();
} else {
PMA_auth_set_user();
}
// Check IP-based Allow/Deny rules as soon as possible to reject the
// user
// Based on mod_access in Apache:
// http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/aaa/mod_access.c?rev=1.37&content-type=text/vnd.viewcvs-markup
// Look at: "static int check_dir_access(request_rec *r)"
// Robbat2 - May 10, 2002
if (isset($cfg['Server']['AllowDeny']) && isset($cfg['Server']['AllowDeny']['order'])) {
require_once './libraries/ip_allow_deny.lib.php';
$allowDeny_forbidden = FALSE;
// default
if ($cfg['Server']['AllowDeny']['order'] == 'allow,deny') {
$allowDeny_forbidden = TRUE;
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
$error = PMA_DBI_getError();
if ($error && $GLOBALS['errno'] != 1045) {
PMA_sendHeaderLocation('error.php?error=' . urlencode($error));
exit;
} else {
PMA_auth();
return true;
}
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
/* Session name */
$session_name = $GLOBALS['cfg']['Server']['SignonSession'];
/* Does session exist? */
if (isset($_COOKIE[$session_name])) {
/* End current session */
$old_session = session_name();
$old_id = session_id();
session_write_close();
/* Load single signon session */
session_name($session_name);
session_id($_COOKIE[$session_name]);
session_start();
/* Set error message */
if (!empty($GLOBALS['login_without_password_is_forbidden'])) {
$_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
} elseif (!empty($GLOBALS['allowDeny_forbidden'])) {
$_SESSION['PMA_single_signon_error_message'] = __('Access denied');
} elseif (!empty($GLOBALS['no_activity'])) {
$_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
} elseif (PMA_DBI_getError()) {
$_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
} elseif (isset($php_errormsg)) {
$_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
} else {
$_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
}
}
PMA_auth();
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
global $conn_error;
// Deletes password cookie and displays the login form
setcookie('pma_cookie_password', base64_encode(''), 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
if (PMA_mysql_error()) {
$conn_error = PMA_mysql_error();
} else {
if (isset($php_errormsg)) {
$conn_error = $php_errormsg;
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
}
PMA_auth();
return TRUE;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
global $conn_error, $server;
// Deletes password cookie and displays the login form
PMA_removeCookie('pma_cookie_password-' . $server);
if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
$conn_error = $GLOBALS['strAccessDenied'];
} elseif (isset($GLOBALS['no_activity']) && $GLOBALS['no_activity']) {
$conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
// Remember where we got timeout to return on same place
if (PMA_getenv('SCRIPT_NAME')) {
$GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
}
} elseif (PMA_DBI_getError()) {
$conn_error = PMA_sanitize(PMA_DBI_getError());
} elseif (isset($php_errormsg)) {
$conn_error = $php_errormsg;
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
PMA_auth();
return true;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* prepares error message and switches to PMA_auth() which display the error
* and the login form
*
* this function MUST exit/quit the application,
* currently doen by call to PMA_auth()
*
* @uses $GLOBALS['server']
* @uses $GLOBALS['allowDeny_forbidden']
* @uses $GLOBALS['strAccessDenied']
* @uses $GLOBALS['strNoActivity']
* @uses $GLOBALS['strCannotLogin']
* @uses $GLOBALS['no_activity']
* @uses $cfg['LoginCookieValidity']
* @uses PMA_removeCookie()
* @uses PMA_getenv()
* @uses PMA_DBI_getError()
* @uses PMA_sanitize()
* @uses PMA_auth()
* @uses sprintf()
* @uses basename()
* @access public
*/
function PMA_auth_fails()
{
global $conn_error;
// Deletes password cookie and displays the login form
PMA_removeCookie('pmaPass-' . $GLOBALS['server']);
if (!empty($GLOBALS['login_without_password_is_forbidden'])) {
$conn_error = $GLOBALS['strLoginWithoutPassword'];
} elseif (!empty($GLOBALS['allowDeny_forbidden'])) {
$conn_error = $GLOBALS['strAccessDenied'];
} elseif (!empty($GLOBALS['no_activity'])) {
$conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
// Remember where we got timeout to return on same place
if (PMA_getenv('SCRIPT_NAME')) {
$GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
// avoid "missing parameter: field" on re-entry
if ('tbl_alter.php' == $GLOBALS['target']) {
$GLOBALS['target'] = 'tbl_structure.php';
}
}
} elseif (PMA_DBI_getError()) {
$conn_error = '#' . $GLOBALS['errno'] . ' ' . $GLOBALS['strCannotLogin'];
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
// needed for PHP-CGI (not need for FastCGI or mod-php)
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Pragma: no-cache');
PMA_auth();
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* prepares error message and switches to PMA_auth() which display the error
* and the login form
*
* this function MUST exit/quit the application,
* currently doen by call to PMA_auth()
*
* @todo $php_errormsg is invalid here!? it will never be set in this scope
* @uses $GLOBALS['server']
* @uses $GLOBALS['allowDeny_forbidden']
* @uses $GLOBALS['strAccessDenied']
* @uses $GLOBALS['strNoActivity']
* @uses $GLOBALS['strCannotLogin']
* @uses $GLOBALS['no_activity']
* @uses $cfg['LoginCookieValidity']
* @uses PMA_removeCookie()
* @uses PMA_getenv()
* @uses PMA_DBI_getError()
* @uses PMA_sanitize()
* @uses PMA_auth()
* @uses sprintf()
* @uses basename()
* @access public
*/
function PMA_auth_fails()
{
global $conn_error;
// Deletes password cookie and displays the login form
PMA_removeCookie('pmaPass-' . $GLOBALS['server']);
if (!empty($GLOBALS['allowDeny_forbidden'])) {
$conn_error = $GLOBALS['strAccessDenied'];
} elseif (!empty($GLOBALS['no_activity'])) {
$conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
// Remember where we got timeout to return on same place
if (PMA_getenv('SCRIPT_NAME')) {
$GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
// avoid "missing parameter: field" on re-entry
if ('tbl_alter.php' == $GLOBALS['target']) {
$GLOBALS['target'] = 'tbl_structure.php';
}
}
} elseif (PMA_DBI_getError()) {
$conn_error = PMA_sanitize(PMA_DBI_getError());
} elseif (isset($php_errormsg)) {
$conn_error = $php_errormsg;
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
PMA_auth();
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
global $conn_error, $server;
// Deletes password cookie and displays the login form
setcookie('pma_cookie_password-' . $server, '', 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
$conn_error = $GLOBALS['strAccessDenied'];
} else {
if (isset($GLOBALS['no_activity']) && $GLOBALS['no_activity']) {
$conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
} else {
if (PMA_DBI_getError()) {
$conn_error = PMA_DBI_getError();
} else {
if (isset($php_errormsg)) {
$conn_error = $php_errormsg;
} else {
$conn_error = $GLOBALS['strCannotLogin'];
}
}
}
}
PMA_auth();
return TRUE;
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
if (!empty($GLOBALS['login_without_password_is_forbidden'])) {
$_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
} elseif (!empty($GLOBALS['allowDeny_forbidden'])) {
$_SESSION['PMA_single_signon_error_message'] = __('Access denied');
} elseif (!empty($GLOBALS['no_activity'])) {
$_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
} elseif (PMA_DBI_getError()) {
$_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
} elseif (isset($php_errormsg)) {
$_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
} else {
$_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
}
PMA_auth();
}
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @return boolean always true (no return indeed)
*
* @access public
*/
function PMA_auth_fails()
{
// Deletes password cookie and displays the login form
setcookie('pma_cookie_password', '', 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']);
PMA_auth();
return TRUE;
}
