/**
* Get HTML for the Change password dialog
*
* @param string $username username
* @param string $hostname hostname
*
* @return string html snippet
*/
function PMA_getHtmlForChangePassword($username, $hostname)
{
/**
* autocomplete feature of IE kills the "onchange" event handler and it
* must be replaced by the "onpropertychange" one in this case
*/
$chg_evt_handler = PMA_USR_BROWSER_AGENT == 'IE' && PMA_USR_BROWSER_VER >= 5 && PMA_USR_BROWSER_VER < 7 ? 'onpropertychange' : 'onchange';
$is_privileges = basename($_SERVER['SCRIPT_NAME']) === 'server_privileges.php';
$html = '<form method="post" id="change_password_form" ' . 'action="' . basename($GLOBALS['PMA_PHP_SELF']) . '" ' . 'name="chgPassword" ' . 'class="' . ($is_privileges ? 'submenu-item' : '') . '">';
$html .= PMA_URL_getHiddenInputs();
if (strpos($GLOBALS['PMA_PHP_SELF'], 'server_privileges') !== false) {
$html .= '<input type="hidden" name="username" ' . 'value="' . htmlspecialchars($username) . '" />' . '<input type="hidden" name="hostname" ' . 'value="' . htmlspecialchars($hostname) . '" />';
}
$html .= '<fieldset id="fieldset_change_password">' . '<legend' . ($is_privileges ? ' data-submenu-label="' . __('Change password') . '"' : '') . '>' . __('Change password') . '</legend>' . '<table class="data noclick">' . '<tr class="odd">' . '<td colspan="2">' . '<input type="radio" name="nopass" value="1" id="nopass_1" ' . 'onclick="pma_pw.value = \'\'; pma_pw2.value = \'\'; ' . 'this.checked = true" />' . '<label for="nopass_1">' . __('No Password') . '</label>' . '</td>' . '</tr>' . '<tr class="even vmiddle">' . '<td>' . '<input type="radio" name="nopass" value="0" id="nopass_0" ' . 'onclick="document.getElementById(\'text_pma_pw\').focus();" ' . 'checked="checked" />' . '<label for="nopass_0">' . __('Password:'******' </label>' . '</td>' . '<td>' . '<input type="password" name="pma_pw" id="text_pma_pw" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . ' ' . __('Re-type:') . ' ' . '<input type="password" name="pma_pw2" id="text_pma_pw2" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . '</td>' . '</tr>';
$html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td>';
$serverType = PMA\libraries\Util::getServerType();
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50507 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
$active_auth_plugins = PMA_getActiveAuthPlugins();
$default_auth_plugin = PMA_getCurrentAuthenticationPlugin('change', $username, $hostname);
$iter = 0;
$total_plugins = count($active_auth_plugins);
foreach ($active_auth_plugins as $plugin) {
if ($plugin['PLUGIN_NAME'] == 'mysql_old_password') {
continue;
}
if ($iter != 0) {
$html .= '<td> </td>';
}
$html .= '<td>' . '<input type="radio" name="pw_hash" value="' . $plugin['PLUGIN_NAME'] . '"' . ($default_auth_plugin == $plugin['PLUGIN_NAME'] ? 'checked="checked" ' : '') . ' id="radio_pw_hash_' . $plugin['PLUGIN_NAME'] . '" />' . '<label for="radio_pw_hash_' . $plugin['PLUGIN_NAME'] . '" >' . __($plugin['PLUGIN_DESCRIPTION']) . ' </label></td></tr>';
if ($iter == $total_plugins - 2) {
$html .= '<tr id="tr_element_before_generate_password">';
} else {
if ($iter != $total_plugins - 1) {
$html .= '<tr>';
}
}
$iter++;
}
$html .= '</tr>';
$html .= '</table>';
$html .= '<div ' . ($default_auth_plugin != 'sha256_password' ? 'style="display:none"' : '') . ' id="ssl_reqd_warning_cp">' . Message::notice(__('This method requires using an \'<i>SSL connection</i>\' ' . 'or an \'<i>unencrypted connection that encrypts the password ' . 'using RSA</i>\'; while connecting to the server.') . PMA\libraries\Util::showMySQLDocu('sha256-authentication-plugin'))->getDisplay() . '</div>';
$html .= '<div ' . ($default_auth_plugin != 'sha256_password' ? 'style="display:none"' : '') . ' id="ssl_reqd_warning_cp">' . Message::notice(__('This method requires using an \'<i>SSL connection</i>\' ' . 'or an \'<i>unencrypted connection that encrypts the password ' . 'using RSA</i>\'; while connecting to the server.') . PMA\libraries\Util::showMySQLDocu('sha256-authentication-plugin'))->getDisplay() . '</div>';
} else {
$html .= '<td>' . '<input type="radio" name="pw_hash" value="mysql_native_password"' . 'checked="checked" id="radio_pw_hash_native" />' . '<label for="radio_pw_hash_native" >' . __('MySQL Native Authentication') . ' </label></td></tr>' . '<tr id="tr_element_before_generate_password"></tr>' . '</table>';
}
$html .= '</fieldset>' . '<fieldset id="fieldset_change_password_footer" class="tblFooters">' . '<input type="hidden" name="change_pw" value="1" />' . '<input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . '</form>';
return $html;
}
/**
* Gets the currently active authentication plugins
*
* @param string $orig_auth_plugin Default Authentication plugin
* @param string $mode are we creating a new user or are we just
* changing one?
* (allowed values: 'new', 'edit', 'change_pw')
* @param string $versions Is MySQL version newer or older than 5.5.7
*
* @return string $html_output
*/
function PMA_getHtmlForAuthPluginsDropdown($orig_auth_plugin, $mode = 'new', $versions = 'new')
{
$html_output = '<select ' . 'id="select_authentication_plugin' . ($mode == 'change_pw' ? '_cp' : '') . '" ' . 'name="authentication_plugin" >';
if ($versions == 'new') {
$active_auth_plugins = PMA_getActiveAuthPlugins();
foreach ($active_auth_plugins as $plugin) {
if ($plugin['PLUGIN_NAME'] == 'mysql_old_password') {
continue;
}
// if description is known, enable its translation
if ('Native MySQL authentication' == $plugin['PLUGIN_DESCRIPTION']) {
$description = __('Native MySQL authentication');
} elseif ('SHA256 password authentication' == $plugin['PLUGIN_DESCRIPTION']) {
$description = __('SHA256 password authentication');
} else {
// but there can be other auth plugins, see
// https://github.com/phpmyadmin/phpmyadmin/issues/11561
$description = $plugin['PLUGIN_DESCRIPTION'];
}
$html_output .= '<option value="' . $plugin['PLUGIN_NAME'] . '"' . ($orig_auth_plugin == $plugin['PLUGIN_NAME'] ? 'selected ' : '') . '>' . $description . '</option>';
}
$html_output .= '</select>';
} else {
$html_output .= '<option value="mysql_native_password" >' . __('Native MySQL Authentication') . '</option>' . '</select>';
}
return $html_output;
}
/**
* Gets the currently active authentication plugins
*
* @param string $orig_auth_plugin Default Authentication plugin
* @param string $mode are we creating a new user or are we just
* changing one?
* (allowed values: 'new', 'edit', 'change_pw')
* @param string $versions Is MySQL version newer or older than 5.5.7
*
* @return string $html_output
*/
function PMA_getHtmlForAuthPluginsDropdown($orig_auth_plugin, $mode = 'new', $versions = 'new')
{
$select_id = 'select_authentication_plugin' . ($mode == 'change_pw' ? '_cp' : '');
if ($versions == 'new') {
$active_auth_plugins = PMA_getActiveAuthPlugins();
if (isset($active_auth_plugins['mysql_old_password'])) {
unset($active_auth_plugins['mysql_old_password']);
}
} else {
$active_auth_plugins = array('mysql_native_password' => __('Native MySQL authentication'));
}
$html_output = Util::getDropdown('authentication_plugin', $active_auth_plugins, $orig_auth_plugin, $select_id);
return $html_output;
}
/**
* Displays the fields used by the "new user" form as well as the
* "change login information / copy user" form.
*
* @param string $mode are we creating a new user or are we just
* changing one? (allowed values: 'new', 'change')
* @param string $username User name
* @param string $hostname Host name
*
* @global array $cfg the phpMyAdmin configuration
* @global resource $user_link the database connection
*
* @return string $html_output a HTML snippet
*/
function PMA_getHtmlForLoginInformationFields($mode = 'new', $username = null, $hostname = null)
{
list($username_length, $hostname_length) = PMA_getUsernameAndHostnameLength();
if (isset($GLOBALS['username']) && mb_strlen($GLOBALS['username']) === 0) {
$GLOBALS['pred_username'] = '******';
}
$html_output = '<fieldset id="fieldset_add_user_login">' . "\n" . '<legend>' . __('Login Information') . '</legend>' . "\n" . '<div class="item">' . "\n" . '<label for="select_pred_username">' . "\n" . ' ' . __('User name:') . "\n" . '</label>' . "\n" . '<span class="options">' . "\n";
$html_output .= '<select name="pred_username" id="select_pred_username" ' . 'title="' . __('User name') . '"' . "\n";
$html_output .= ' onchange="' . 'if (this.value == \'any\') {' . ' username.value = \'\'; ' . ' user_exists_warning.style.display = \'none\'; ' . ' username.required = false; ' . '} else if (this.value == \'userdefined\') {' . ' username.focus(); username.select(); ' . ' username.required = true; ' . '}">' . "\n";
$html_output .= '<option value="any"' . (isset($GLOBALS['pred_username']) && $GLOBALS['pred_username'] == 'any' ? ' selected="selected"' : '') . '>' . __('Any user') . '</option>' . "\n";
$html_output .= '<option value="userdefined"' . (!isset($GLOBALS['pred_username']) || $GLOBALS['pred_username'] == 'userdefined' ? ' selected="selected"' : '') . '>' . __('Use text field') . ':</option>' . "\n";
$html_output .= '</select>' . "\n" . '</span>' . "\n";
$html_output .= '<input type="text" name="username" class="autofocus"' . ' maxlength="' . $username_length . '" title="' . __('User name') . '"' . (empty($GLOBALS['username']) ? '' : ' value="' . htmlspecialchars(isset($GLOBALS['new_username']) ? $GLOBALS['new_username'] : $GLOBALS['username']) . '"') . ' onchange="pred_username.value = \'userdefined\'; this.required = true;" ' . (!isset($GLOBALS['pred_username']) || $GLOBALS['pred_username'] == 'userdefined' ? 'required="required"' : '') . ' />' . "\n";
$html_output .= '<div id="user_exists_warning"' . ' name="user_exists_warning" style="display:none;">' . Message::notice(__('An account already exists with the same username ' . 'but possibly a different hostname.'))->getDisplay() . '</div>';
$html_output .= '</div>';
$html_output .= '<div class="item">' . "\n" . '<label for="select_pred_hostname">' . "\n" . ' ' . __('Host name:') . "\n" . '</label>' . "\n";
$html_output .= '<span class="options">' . "\n" . ' <select name="pred_hostname" id="select_pred_hostname" ' . 'title="' . __('Host name') . '"' . "\n";
$_current_user = $GLOBALS['dbi']->fetchValue('SELECT USER();');
if (!empty($_current_user)) {
$thishost = str_replace("'", '', mb_substr($_current_user, mb_strrpos($_current_user, '@') + 1));
if ($thishost == 'localhost' || $thishost == '127.0.0.1') {
unset($thishost);
}
}
$html_output .= ' onchange="' . 'if (this.value == \'any\') { ' . ' hostname.value = \'%\'; ' . '} else if (this.value == \'localhost\') { ' . ' hostname.value = \'localhost\'; ' . '} ' . (empty($thishost) ? '' : 'else if (this.value == \'thishost\') { ' . ' hostname.value = \'' . addslashes(htmlspecialchars($thishost)) . '\'; ' . '} ') . 'else if (this.value == \'hosttable\') { ' . ' hostname.value = \'\'; ' . ' hostname.required = false; ' . '} else if (this.value == \'userdefined\') {' . ' hostname.focus(); hostname.select(); ' . ' hostname.required = true; ' . '}">' . "\n";
unset($_current_user);
// when we start editing a user, $GLOBALS['pred_hostname'] is not defined
if (!isset($GLOBALS['pred_hostname']) && isset($GLOBALS['hostname'])) {
switch (mb_strtolower($GLOBALS['hostname'])) {
case 'localhost':
case '127.0.0.1':
$GLOBALS['pred_hostname'] = 'localhost';
break;
case '%':
$GLOBALS['pred_hostname'] = 'any';
break;
default:
$GLOBALS['pred_hostname'] = 'userdefined';
break;
}
}
$html_output .= '<option value="any"' . (isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'any' ? ' selected="selected"' : '') . '>' . __('Any host') . '</option>' . "\n" . '<option value="localhost"' . (isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'localhost' ? ' selected="selected"' : '') . '>' . __('Local') . '</option>' . "\n";
if (!empty($thishost)) {
$html_output .= '<option value="thishost"' . (isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'thishost' ? ' selected="selected"' : '') . '>' . __('This Host') . '</option>' . "\n";
}
unset($thishost);
$html_output .= '<option value="hosttable"' . (isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'hosttable' ? ' selected="selected"' : '') . '>' . __('Use Host Table') . '</option>' . "\n";
$html_output .= '<option value="userdefined"' . (isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'userdefined' ? ' selected="selected"' : '') . '>' . __('Use text field:') . '</option>' . "\n" . '</select>' . "\n" . '</span>' . "\n";
$html_output .= '<input type="text" name="hostname" maxlength="' . $hostname_length . '" value="' . htmlspecialchars(isset($GLOBALS['hostname']) ? $GLOBALS['hostname'] : '%') . '" title="' . __('Host name') . '" onchange="pred_hostname.value = \'userdefined\'; ' . 'this.required = true;" ' . (isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'userdefined' ? 'required="required"' : '') . ' />' . "\n" . Util::showHint(__('When Host table is used, this field is ignored ' . 'and values stored in Host table are used instead.')) . '</div>' . "\n";
$html_output .= '<div class="item">' . "\n" . '<label for="select_pred_password">' . "\n" . ' ' . __('Password:'******'</label>' . "\n" . '<span class="options">' . "\n" . '<select name="pred_password" id="select_pred_password" title="' . __('Password') . '"' . "\n";
$html_output .= ' onchange="' . 'if (this.value == \'none\') { ' . ' pma_pw.value = \'\'; pma_pw2.value = \'\'; ' . ' pma_pw.required = false; pma_pw2.required = false; ' . '} else if (this.value == \'userdefined\') { ' . ' pma_pw.focus(); pma_pw.select(); ' . ' pma_pw.required = true; pma_pw2.required = true; ' . '} else { ' . ' pma_pw.required = false; pma_pw2.required = false; ' . '}">' . "\n" . ($mode == 'change' ? '<option value="keep" selected="selected">' . __('Do not change the password') . '</option>' . "\n" : '') . '<option value="none"';
if (isset($GLOBALS['username']) && $mode != 'change') {
$html_output .= ' selected="selected"';
}
$html_output .= '>' . __('No Password') . '</option>' . "\n" . '<option value="userdefined"' . (isset($GLOBALS['username']) ? '' : ' selected="selected"') . '>' . __('Use text field') . ':</option>' . "\n" . '</select>' . "\n" . '</span>' . "\n" . '<input type="password" id="text_pma_pw" name="pma_pw" ' . 'title="' . __('Password') . '" ' . 'onchange="pred_password.value = \'userdefined\'; this.required = true; ' . 'pma_pw2.required = true;" ' . (isset($GLOBALS['username']) ? '' : 'required="required"') . '/>' . "\n" . '</div>' . "\n";
$html_output .= '<div class="item" ' . 'id="div_element_before_generate_password">' . "\n" . '<label for="text_pma_pw2">' . "\n" . ' ' . __('Re-type:') . "\n" . '</label>' . "\n" . '<span class="options"> </span>' . "\n" . '<input type="password" name="pma_pw2" id="text_pma_pw2" ' . 'title="' . __('Re-type') . '" ' . 'onchange="pred_password.value = \'userdefined\'; this.required = true; ' . 'pma_pw.required = true;" ' . (isset($GLOBALS['username']) ? '' : 'required="required"') . '/>' . "\n" . '</div>' . "\n" . '<div class="item" id="authentication_plugin_div">' . '<label for="select_authentication_plugin" >';
$serverType = Util::getServerType();
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50507 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
$html_output .= __('Authentication Plugin') . '</label><span class="options"> </span>' . "\n" . '<select id="select_authentication_plugin" name="authentication_plugin" >';
$active_auth_plugins = PMA_getActiveAuthPlugins();
$orig_auth_plugin = PMA_getCurrentAuthenticationPlugin($mode, $username, $hostname);
foreach ($active_auth_plugins as $plugin) {
if ($plugin['PLUGIN_NAME'] == 'mysql_old_password') {
continue;
}
$html_output .= '<option value="' . $plugin['PLUGIN_NAME'] . '"' . ($orig_auth_plugin == $plugin['PLUGIN_NAME'] ? 'selected ' : '') . '>' . __($plugin['PLUGIN_DESCRIPTION']) . '</option>';
}
$html_output .= '</select>' . '<div id="ssl_reqd_warning" ' . ($orig_auth_plugin == 'sha256_password' ? '' : ' style="display:none"') . ' >' . Message::notice(__('This method requires using an \'<i>SSL connection</i>\' ' . 'or an \'<i>unencrypted connection that encrypts the password ' . 'using RSA</i>\'; while connecting to the server.') . Util::showMySQLDocu('sha256-authentication-plugin'))->getDisplay() . '</div>';
} else {
$html_output .= __('Password Hashing Method') . '</label><span class="options"> </span>' . "\n" . '<select id="select_authentication_plugin" ' . 'name="authentication_plugin" >' . '<option value="mysql_native_password" >' . __('MySQL Native Authentication') . '</option>' . '</select>';
}
$html_output .= '</div>' . "\n" . '</fieldset>' . "\n";
return $html_output;
}
