/** * Test for PMA_fatalError * * @return void */ public function testFatalErrorMessageWithArgs() { $message = "Fatal error #%d in file %s."; $params = array(1, 'error_file.php'); $this->expectOutputRegex("/Fatal error #1 in file error_file.php./", "Not EQ"); PMA_fatalError($message, $params); $message = "Fatal error in file %s."; $params = 'error_file.php'; $this->expectOutputRegex("/Fatal error in file error_file.php./"); PMA_fatalError($message, $params); }
/** * Displays authentication form * * @global string the font face to use in case of failure * @global string the default font size to use in case of failure * @global string the big font size to use in case of failure * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth() { unset($_SESSION['LAST_SIGNON_URL']); if (empty($GLOBALS['cfg']['Server']['SignonURL'])) { PMA_fatalError('You must set SignonURL!'); } elseif (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) { /* Perform logout to custom URL */ PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']); } else { PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['SignonURL']); } exit; }
/** * Generates PMA_token session variable. * * @return void */ function PMA_generateToken() { if (class_exists('phpseclib\\Crypt\\Random')) { $_SESSION[' PMA_token '] = bin2hex(phpseclib\Crypt\Random::string(16)); } else { $_SESSION[' PMA_token '] = bin2hex(openssl_random_pseudo_bytes(16)); } /** * Check if token is properly generated (the genration can fail, for example * due to missing /dev/random for openssl). */ if (empty($_SESSION[' PMA_token '])) { PMA_fatalError('Failed to generate random CSRF token!'); } }
/** * get all the export options and verify * call and include the appropriate Schema Class depending on $export_type * * @param string $export_type format of the export * * @return void */ function PMA_processExportSchema($export_type) { /** * default is PDF, otherwise validate it's only letters a-z */ if (!isset($export_type) || !preg_match('/^[a-zA-Z]+$/', $export_type)) { $export_type = 'pdf'; } // sanitize this parameter which will be used below in a file inclusion $export_type = PMA_securePath($export_type); // get the specific plugin $export_plugin = PMA_getPlugin("schema", $export_type, 'libraries/plugins/schema/'); // Check schema export type if (!isset($export_plugin)) { PMA_fatalError(__('Bad type!')); } $GLOBALS['dbi']->selectDb($GLOBALS['db']); $export_plugin->exportSchema($GLOBALS['db']); }
function PMA_sessionFailed($errors) { $messages = array(); foreach ($errors as $error) { /* * Remove path from open() in error message to avoid path disclossure * * This can happen with PHP 5 when nonexisting session ID is provided, * since PHP 7, session existence is checked first. * * This error can also happen in case of session backed error (eg. * read only filesystem) on any PHP version. * * The message string is currently hardcoded in PHP, so hopefully it * will not change in future. */ $messages[] = preg_replace('/open\\(.*, O_RDWR\\)/', 'open(SESSION_FILE, O_RDWR)', htmlspecialchars($error->getMessage())); } /* * Session initialization is done before selecting language, so we * can not use translations here. */ PMA_fatalError('Error during session start; please check your PHP and/or ' . 'webserver log file and configure your PHP ' . 'installation properly. Also ensure that cookies are enabled ' . 'in your browser.' . '<br /><br />' . implode('<br /><br />', $messages)); }
$message->addParam('[/doc]'); // so we can obtain the message $_SESSION['Import_message']['message'] = $message->getDisplay(); $_SESSION['Import_message']['go_back_url'] = $goto; $message->display(); exit; // the footer is displayed automatically } /** * Sets globals from $_POST patterns, for import plugins * We only need to load the selected plugin */ if (!in_array($format, array('csv', 'ldi', 'mediawiki', 'ods', 'shp', 'sql', 'xml'))) { // this should not happen for a normal user // but only during an attack PMA_fatalError('Incorrect format parameter'); } $post_patterns = array('/^force_file_/', '/^' . $format . '_/'); foreach (array_keys($_POST) as $post_key) { foreach ($post_patterns as $one_post_pattern) { if (preg_match($one_post_pattern, $post_key)) { $GLOBALS[$post_key] = $_POST[$post_key]; } } } // Check needed parameters PMA_Util::checkParameters(array('import_type', 'format')); // We don't want anything special in format $format = PMA_securePath($format); // Import functions require_once 'libraries/import.lib.php';
/** * Error handler to catch fatal errors when loading configuration * file * * * PMA_Config_fatalErrorHandler * @return void */ public static function fatalErrorHandler() { if (!isset($GLOBALS['pma_config_loading']) || !$GLOBALS['pma_config_loading']) { return; } $error = error_get_last(); if ($error === null) { return; } PMA_fatalError(sprintf('Failed to load phpMyAdmin configuration (%s:%s): %s', Error::relPath($error['file']), $error['line'], $error['message'])); }
if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) { PMA_fatalError(__("GLOBALS overwrite attempt")); } /** * protect against possible exploits - there is no need to have so much variables */ if (count($_REQUEST) > 1000) { PMA_fatalError(__('possible exploit')); } /** * Check for numeric keys * (if register_globals is on, numeric key can be found in $GLOBALS) */ foreach ($GLOBALS as $key => $dummy) { if (is_numeric($key)) { PMA_fatalError(__('numeric key detected')); } } unset($dummy); // here, the function does not exist with this configuration: // $cfg['ServerDefault'] = 0; $GLOBALS['is_superuser'] = isset($GLOBALS['dbi']) && $GLOBALS['dbi']->isSuperuser(); if (!empty($__redirect) && in_array($__redirect, $goto_whitelist)) { /** * include subform target page */ include $__redirect; exit; } // If Zero configuration mode enabled, check PMA tables in current db. if (!defined('PMA_MINIMUM_COMMON') && !empty($GLOBALS['server']) && isset($GLOBALS['cfg']['ZeroConf']) && $GLOBALS['cfg']['ZeroConf'] == true) {
} } // Set locale _setlocale(LC_MESSAGES, $GLOBALS['lang']); _bindtextdomain('phpmyadmin', $GLOBALS['lang_path']); _bind_textdomain_codeset('phpmyadmin', 'UTF-8'); _textdomain('phpmyadmin'); /** * Messages for phpMyAdmin. * * These messages are here for easy transition to Gettext. * You should not add any messages here, use instead gettext directly * in your template/PHP file. */ if (!function_exists('__')) { PMA_fatalError('Bad invocation!'); } /* Text direction for language */ if (in_array($GLOBALS['lang'], array('ar', 'fa', 'he', 'ur'))) { $GLOBALS['text_dir'] = 'rtl'; } else { $GLOBALS['text_dir'] = 'ltr'; } /* TCPDF */ $GLOBALS['l'] = array(); /* TCPDF settings */ $GLOBALS['l']['a_meta_charset'] = 'UTF-8'; $GLOBALS['l']['a_meta_dir'] = $GLOBALS['text_dir']; $GLOBALS['l']['a_meta_language'] = $GLOBALS['lang']; /* TCPDF translations */ $GLOBALS['l']['w_page'] = __('Page number:');
/** * verifies the permissions on config file (if asked by configuration) * (must be called after config.inc.php has been merged) * * @return void */ function checkPermissions() { // Check for permissions (on platforms that support it): if ($this->get('CheckConfigurationPermissions')) { $perms = @fileperms($this->getSource()); if (!($perms === false) && $perms & 2) { // This check is normally done after loading configuration $this->checkWebServerOs(); if ($this->get('PMA_IS_WINDOWS') == 0) { $this->source_mtime = 0; /* Gettext is possibly still not loaded */ if (function_exists('__')) { $msg = __('Wrong permissions on configuration file, should not be world writable!'); } else { $msg = 'Wrong permissions on configuration file, should not be world writable!'; } PMA_fatalError($msg); } } } }
* @license http://www.gnu.org/licenses/gpl.html GNU GPL 2.0 */ /** * Core libraries. */ require './lib/common.inc.php'; $page = filter_input(INPUT_GET, 'page'); $page = preg_replace('/[^a-z]/', '', $page); if ($page === '') { $page = 'index'; } if (!file_exists("./setup/frames/$page.inc.php")) { // it will happen only when enterung URL by hand, we don't care for these cases PMA_fatalError(__('Wrong GET file attribute value')); } // Handle done action info $action_done = filter_input(INPUT_GET, 'action_done'); $action_done = preg_replace('/[^a-z_]/', '', $action_done); // send no-cache headers require './libraries/header_http.inc.php'; ?> <!DOCTYPE HTML> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8" /> <title>phpMyAdmin setup</title> <link href="../favicon.ico" rel="icon" type="image/x-icon" />
/** * check config source * * @return boolean whether source is valid or not */ function checkConfigSource() { if (!$this->getSource()) { // no configuration file set at all return false; } if (!file_exists($this->getSource())) { $this->source_mtime = 0; return false; } if (!is_readable($this->getSource())) { // manually check if file is readable // might be bug #3059806 Supporting running from CIFS/Samba shares $contents = false; $handle = @fopen($this->getSource(), 'r'); if ($handle !== false) { $contents = @fread($handle, 1); // reading 1 byte is enough to test @fclose($handle); } if ($contents === false) { $this->source_mtime = 0; PMA_fatalError(sprintf(function_exists('__') ? __('Existing configuration file (%s) is not readable.') : 'Existing configuration file (%s) is not readable.', $this->getSource())); return false; } } return true; }
/** * verifies the permissions on config file (if asked by configuration) * (must be called after config.inc.php has been merged) * * @return void */ function checkPermissions() { // Check for permissions (on platforms that support it): if ($this->get('CheckConfigurationPermissions')) { $perms = @fileperms($this->getSource()); if (!($perms === false) && $perms & 2) { // This check is normally done after loading configuration $this->checkWebServerOs(); if ($this->get('PMA_IS_WINDOWS') == 0) { $this->source_mtime = 0; PMA_fatalError(__('Wrong permissions on configuration file, ' . 'should not be world writable!')); } } } }
/** * @global array MySQL charsets map */ $GLOBALS['mysql_charset_map'] = array('big5' => 'big5', 'cp-866' => 'cp866', 'euc-jp' => 'ujis', 'euc-kr' => 'euckr', 'gb2312' => 'gb2312', 'gbk' => 'gbk', 'iso-8859-1' => 'latin1', 'iso-8859-2' => 'latin2', 'iso-8859-7' => 'greek', 'iso-8859-8' => 'hebrew', 'iso-8859-8-i' => 'hebrew', 'iso-8859-9' => 'latin5', 'iso-8859-13' => 'latin7', 'iso-8859-15' => 'latin1', 'koi8-r' => 'koi8r', 'shift_jis' => 'sjis', 'tis-620' => 'tis620', 'utf-8' => 'utf8', 'windows-1250' => 'cp1250', 'windows-1251' => 'cp1251', 'windows-1252' => 'latin1', 'windows-1256' => 'cp1256', 'windows-1257' => 'cp1257'); /* * Do the work! */ if (!PMA_langCheck()) { // fallback language $fall_back_lang = 'en'; $line = __LINE__; if (!PMA_langSet($fall_back_lang)) { trigger_error('phpMyAdmin-ERROR: invalid lang code: ' . __FILE__ . '#' . $line . ', check hard coded fall back language.', E_USER_WARNING); // stop execution // and tell the user that his chosen language is invalid PMA_fatalError('Could not load any language, please check your language settings and folder.'); } } // Set locale _setlocale(LC_MESSAGES, $GLOBALS['lang']); _bindtextdomain('phpmyadmin', $GLOBALS['lang_path']); _bind_textdomain_codeset('phpmyadmin', 'UTF-8'); _textdomain('phpmyadmin'); /** * Messages for phpMyAdmin. * * These messages are here for easy transition to Gettext. * You should not add any messages here, use instead gettext directly * in your template/PHP file. */ if (!function_exists('__')) {
// on the session data directory, so I add some "@" // See bug #1538132. This would block normal behavior on a cluster //ini_set('session.save_handler', 'files'); $session_name = 'phpMyAdmin'; @session_name($session_name); if (! isset($_COOKIE[$session_name])) { // on first start of session we check for errors // f.e. session dir cannot be accessed - session file not created $orig_error_count = $GLOBALS['error_handler']->countErrors(); $r = session_start(); if ($r !== true || $orig_error_count != $GLOBALS['error_handler']->countErrors()) { setcookie($session_name, '', 1); PMA_fatalError('strSessionStartupErrorGeneral'); } unset($orig_error_count); } else { @session_start(); } /** * Token which is used for authenticating access queries. * (we use "space PMA_token space" to prevent overwriting) */ if (!isset($_SESSION[' PMA_token '])) { $_SESSION[' PMA_token '] = md5(uniqid(rand(), true)); } /**
$controllink = PMA_DBI_connect($cfg['Server']['controluser'], $cfg['Server']['controlpass'], true); } // Connects to the server (validates user's login) $userlink = PMA_DBI_connect($cfg['Server']['user'], $cfg['Server']['password'], false); if (!$controllink) { $controllink = $userlink; } /* Log success */ PMA_log_user($cfg['Server']['user']); /** * with phpMyAdmin 3 we support MySQL >=5 * but only production releases: * - > 5.0.15 */ if (PMA_MYSQL_INT_VERSION < 50015) { PMA_fatalError('strUpgrade', array('MySQL', '5.0.15')); } /** * SQL Parser code */ require_once './libraries/sqlparser.lib.php'; /** * SQL Validator interface code */ require_once './libraries/sqlvalidator.lib.php'; /** * the PMA_List_Database class */ require_once './libraries/PMA.php'; $pma = new PMA(); $pma->userlink = $userlink;
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Validation callback. * * @package PhpMyAdmin-Setup */ /** * Core libraries. */ require './lib/common.inc.php'; $validators = array(); require './libraries/config/Validator.php'; header('Content-type: application/json'); $ids = isset($_POST['id']) ? $_POST['id'] : null; $vids = explode(',', $ids); $vals = isset($_POST['values']) ? $_POST['values'] : null; $values = json_decode($vals); if (!$values instanceof stdClass) { PMA_fatalError(__('Wrong data')); } $values = (array) $values; $result = PMA\libraries\config\Validator::validate($GLOBALS['ConfigFile'], $vids, $values, true); if ($result === false) { $result = 'Wrong data or no validation for ' . $vids; } echo $result !== true ? json_encode($result) : '';
/** * Warn or fail on missing extension. * * @param string $extension Extension name * @param bool $fatal Whether the error is fatal. * @param string $extra Extra string to append to message. * * @return void */ function PMA_warnMissingExtension($extension, $fatal = false, $extra = '') { /* Gettext does not have to be loaded yet here */ if (function_exists('__')) { $message = __('The %s extension is missing. Please check your PHP configuration.'); } else { $message = 'The %s extension is missing. Please check your PHP configuration.'; } $doclink = PMA_getPHPDocLink('book.' . $extension . '.php'); $message = sprintf($message, '[a@' . $doclink . '@Documentation][em]' . $extension . '[/em][/a]'); if ($extra != '') { $message .= ' ' . $extra; } if ($fatal) { PMA_fatalError($message); return; } $GLOBALS['error_handler']->addError($message, E_USER_WARNING, '', '', false); }
} } // Connects to the server (validates user's login) $userlink = PMA_DBI_connect($cfg['Server']['user'], $cfg['Server']['password'], false); if (!$controllink) { $controllink = $userlink; } /* Log success */ PMA_log_user($cfg['Server']['user']); /** * with phpMyAdmin 3 we support MySQL >=5 * but only production releases: * - > 5.0.15 */ if (PMA_MYSQL_INT_VERSION < 50015) { PMA_fatalError(__('You should upgrade to %s %s or later.'), array('MySQL', '5.0.15')); } if (PMA_DRIZZLE) { // DisableIS must be set to false for Drizzle, it maps SHOW commands // to INFORMATION_SCHEMA queries anyway so it's fast on large servers $cfg['Server']['DisableIS'] = false; // SHOW OPEN TABLES is not supported by Drizzle $cfg['SkipLockedTables'] = false; } /** * SQL Parser code */ include_once './libraries/sqlparser.lib.php'; /** * SQL Validator interface code */
// See bug #1538132. This would block normal behavior on a cluster //ini_set('session.save_handler', 'files'); $session_name = 'phpMyAdmin'; @session_name($session_name); if (!isset($_COOKIE[$session_name])) { // on first start of session we check for errors // f.e. session dir cannot be accessed - session file not created $orig_error_count = $GLOBALS['error_handler']->countErrors(); $r = session_start(); if ($r !== true || $orig_error_count != $GLOBALS['error_handler']->countErrors()) { setcookie($session_name, '', 1); /* * Session initialization is done before selecting language, so we * can not use translations here. */ PMA_fatalError('Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.'); } unset($orig_error_count); } else { session_start(); } /** * Token which is used for authenticating access queries. * (we use "space PMA_token space" to prevent overwriting) */ if (!isset($_SESSION[' PMA_token '])) { $_SESSION[' PMA_token '] = md5(uniqid(rand(), true)); } /** * tries to secure session from hijacking and fixation * should be called before login and after successfull login
// if it fails try alternative extension ... // and display an error ... /** * @todo add different messages for alternative extension * and complete fail (no alternative extension too) */ $error = sprintf(PMA_sanitize($GLOBALS['strCantLoad']), $GLOBALS['cfg']['Server']['extension']) . ' - <a href="./Documentation.html#faqmysql" target="documentation">' . $GLOBALS['strDocu'] . '</a>'; trigger_error($error, E_USER_ERROR); if ($GLOBALS['cfg']['Server']['extension'] === 'mysql') { $alternativ_extension = 'mysqli'; } else { $alternativ_extension = 'mysql'; } if (!PMA_DBI_checkMysqlExtension($alternativ_extension)) { // if alternative fails too ... PMA_fatalError(sprintf($GLOBALS['strCantLoad'], $GLOBALS['cfg']['Server']['extension']) . ' - [a@./Documentation.html#faqmysql@documentation]' . $GLOBALS['strDocu'] . '[/a]'); } $GLOBALS['cfg']['Server']['extension'] = $alternativ_extension; unset($alternativ_extension); } /** * Including The DBI Plugin */ require_once './libraries/dbi/' . $GLOBALS['cfg']['Server']['extension'] . '.dbi.lib.php'; /** * Common Functions */ function PMA_DBI_query($query, $link = null, $options = 0) { $res = PMA_DBI_try_query($query, $link, $options) or PMA_mysqlDie(PMA_DBI_getError($link), $query); return $res;
/** * Function added to avoid path disclosures. * Called by each script that needs parameters, it displays * an error message and, by default, stops the execution. * * Not sure we could use a strMissingParameter message here, * would have to check if the error message file is always available * * @param string[] $params The names of the parameters needed by the calling * script * @param bool $request Whether to include this list in checking for * special params * * @return void * * @global boolean $checked_special flag whether any special variable * was required * * @access public */ public static function checkParameters($params, $request = true) { global $checked_special; if (!isset($checked_special)) { $checked_special = false; } $reported_script_name = basename($GLOBALS['PMA_PHP_SELF']); $found_error = false; $error_message = ''; foreach ($params as $param) { if ($request && $param != 'db' && $param != 'table') { $checked_special = true; } if (!isset($GLOBALS[$param])) { $error_message .= $reported_script_name . ': ' . __('Missing parameter:') . ' ' . $param . self::showDocu('faq', 'faqmissingparameters') . '<br />'; $found_error = true; } } if ($found_error) { PMA_fatalError($error_message, null, false); } }
/* vim: set expandtab sw=4 ts=4 sts=4: */ /** * "Echo" service to allow force downloading of exported charts (png or svg) * and server status monitor settings * * @package PhpMyAdmin */ use PMA\libraries\PMA_String; define('PMA_MINIMUM_COMMON', true); require_once 'libraries/common.inc.php'; /* For chart exporting */ if (isset($_REQUEST['filename']) && isset($_REQUEST['image'])) { $allowed = array('image/png' => 'png', 'image/svg+xml' => 'svg'); /* Check whether MIME type is allowed */ if (!isset($allowed[$_REQUEST['type']])) { PMA_fatalError(__('Invalid export type')); } /* * Check file name to match mime type and not contain new lines * to prevent response splitting. */ $extension = $allowed[$_REQUEST['type']]; $valid_match = '/^[^\\n\\r]*\\.' . $extension . '$/'; if (!preg_match($valid_match, $_REQUEST['filename'])) { if (!preg_match('/^[^\\n\\r]*$/', $_REQUEST['filename'])) { /* Filename is unsafe, discard it */ $filename = 'download.' . $extension; } else { /* Add extension */ $filename = $_REQUEST['filename'] . '.' . $extension; }
/** * Uses faster mcrypt library if available * (as this is not called from anywhere else, put the code in-line * for faster execution) */ /** * Initialization * Store the initialization vector because it will be needed for * further decryption. I don't think necessary to have one iv * per server so I don't put the server number in the cookie name. */ if (empty($_COOKIE['pma_mcrypt_iv']) || false === ($iv = base64_decode($_COOKIE['pma_mcrypt_iv'], true))) { srand((double) microtime() * 1000000); $td = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_CBC, ''); if ($td === false) { PMA_fatalError(__('Failed to use Blowfish from mcrypt!')); } $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); $GLOBALS['PMA_Config']->setCookie('pma_mcrypt_iv', base64_encode($iv)); } /** * Encryption using blowfish algorithm (mcrypt) * * @param string $data original data * @param string $secret the secret * * @return string the encrypted result * * @access public * */
/** * User is not allowed to login to MySQL -> authentication failed * * @return bool true */ public function authFails() { $error = $GLOBALS['dbi']->getError(); if ($error && $GLOBALS['errno'] != 1045) { PMA_fatalError($error); return true; } $this->authForm(); return true; }
} // Generate error url and check for needed variables if ($export_type == 'server') { $err_url = 'server_export.php?' . PMA_URL_getCommon(); } elseif ($export_type == 'database' && strlen($db)) { $err_url = 'db_export.php?' . PMA_URL_getCommon($db); // Check if we have something to export if (isset($table_select)) { $tables = $table_select; } else { $tables = array(); } } elseif ($export_type == 'table' && strlen($db) && strlen($table)) { $err_url = 'tbl_export.php?' . PMA_URL_getCommon($db, $table); } else { PMA_fatalError(__('Bad parameters!')); } /** * Increase time limit for script execution and initializes some variables */ @set_time_limit($cfg['ExecTimeLimit']); if (!empty($cfg['MemoryLimit'])) { @ini_set('memory_limit', $cfg['MemoryLimit']); } register_shutdown_function('PMA_shutdownDuringExport'); // Start with empty buffer $dump_buffer = ''; $dump_buffer_len = 0; // We send fake headers to avoid browser timeout when buffering $time_start = time(); }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { $error = PMA_DBI_getError(); if ($error && $GLOBALS['errno'] != 1045) { PMA_fatalError($error); } else { PMA_auth(); return true; } }
/** * Gets advanced authentication settings * * @global string $PHP_AUTH_USER the username * @global string $PHP_AUTH_PW the password * * @return boolean whether we get authentication settings or not */ public function authCheck() { global $PHP_AUTH_USER, $PHP_AUTH_PW; /* Check if we're using same signon server */ $signon_url = $GLOBALS['cfg']['Server']['SignonURL']; if (isset($_SESSION['LAST_SIGNON_URL']) && $_SESSION['LAST_SIGNON_URL'] != $signon_url) { return false; } /* Script name */ $script_name = $GLOBALS['cfg']['Server']['SignonScript']; /* Session name */ $session_name = $GLOBALS['cfg']['Server']['SignonSession']; /* Login URL */ $signon_url = $GLOBALS['cfg']['Server']['SignonURL']; /* Current host */ $single_signon_host = $GLOBALS['cfg']['Server']['host']; /* Current port */ $single_signon_port = $GLOBALS['cfg']['Server']['port']; /* No configuration updates */ $single_signon_cfgupdate = array(); /* Are we requested to do logout? */ $do_logout = !empty($_REQUEST['old_usr']); /* Handle script based auth */ if (!empty($script_name)) { if (!file_exists($script_name)) { PMA_fatalError(__('Can not find signon authentication script:') . ' ' . $script_name); } include $script_name; list($PHP_AUTH_USER, $PHP_AUTH_PW) = get_login_credentials($GLOBALS['cfg']['Server']['user']); } elseif (isset($_COOKIE[$session_name])) { /* Does session exist? */ /* End current session */ $old_session = session_name(); $old_id = session_id(); if (!defined('TESTSUITE')) { session_write_close(); } /* Load single signon session */ session_name($session_name); session_id($_COOKIE[$session_name]); if (!defined('TESTSUITE')) { session_start(); } /* Clear error message */ unset($_SESSION['PMA_single_signon_error_message']); /* Grab credentials if they exist */ if (isset($_SESSION['PMA_single_signon_user'])) { if ($do_logout) { $PHP_AUTH_USER = ''; } else { $PHP_AUTH_USER = $_SESSION['PMA_single_signon_user']; } } if (isset($_SESSION['PMA_single_signon_password'])) { if ($do_logout) { $PHP_AUTH_PW = ''; } else { $PHP_AUTH_PW = $_SESSION['PMA_single_signon_password']; } } if (isset($_SESSION['PMA_single_signon_host'])) { $single_signon_host = $_SESSION['PMA_single_signon_host']; } if (isset($_SESSION['PMA_single_signon_port'])) { $single_signon_port = $_SESSION['PMA_single_signon_port']; } if (isset($_SESSION['PMA_single_signon_cfgupdate'])) { $single_signon_cfgupdate = $_SESSION['PMA_single_signon_cfgupdate']; } /* Also get token as it is needed to access subpages */ if (isset($_SESSION['PMA_single_signon_token'])) { /* No need to care about token on logout */ $pma_token = $_SESSION['PMA_single_signon_token']; } /* End single signon session */ if (!defined('TESTSUITE')) { session_write_close(); } /* Restart phpMyAdmin session */ session_name($old_session); if (!empty($old_id)) { session_id($old_id); } if (!defined('TESTSUITE')) { session_start(); } /* Set the single signon host */ $GLOBALS['cfg']['Server']['host'] = $single_signon_host; /* Set the single signon port */ $GLOBALS['cfg']['Server']['port'] = $single_signon_port; /* Configuration update */ $GLOBALS['cfg']['Server'] = array_merge($GLOBALS['cfg']['Server'], $single_signon_cfgupdate); /* Restore our token */ if (!empty($pma_token)) { $_SESSION[' PMA_token '] = $pma_token; } /** * Clear user cache. */ PMA\libraries\Util::clearUserCache(); } // Returns whether we get authentication settings or not if (empty($PHP_AUTH_USER)) { unset($_SESSION['LAST_SIGNON_URL']); return false; } else { $_SESSION['LAST_SIGNON_URL'] = $GLOBALS['cfg']['Server']['SignonURL']; return true; } }
/** * calls $function for every element in $array recursively * * this function is protected against deep recursion attack CVE-2006-1549, * 1000 seems to be more than enough * * @param array &$array array to walk * @param string $function function to call for every array element * @param bool $apply_to_keys_also whether to call the function for the keys also * * @return void * * @see http://www.php-security.org/MOPB/MOPB-02-2007.html * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549 */ function PMA_arrayWalkRecursive(&$array, $function, $apply_to_keys_also = false) { static $recursive_counter = 0; $walked_keys = array(); if (++$recursive_counter > 1000) { PMA_fatalError(__('possible deep recursion attack')); } foreach ($array as $key => $value) { if (isset($walked_keys[$key])) { continue; } $walked_keys[$key] = true; if (is_array($value)) { PMA_arrayWalkRecursive($array[$key], $function, $apply_to_keys_also); } else { $array[$key] = $function($value); } if ($apply_to_keys_also && is_string($key)) { $new_key = $function($key); if ($new_key != $key) { $array[$new_key] = $array[$key]; unset($array[$key]); $walked_keys[$new_key] = true; } } } $recursive_counter--; }
$GLOBALS['server'] = 0; $cfg['Server'] = array(); } } $GLOBALS['url_params']['server'] = $GLOBALS['server']; if (!empty($cfg['Server'])) { /** * Loads the proper database interface for this server */ require_once './libraries/database_interface.lib.php'; // Gets the authentication library that fits the $cfg['Server'] settings // and run authentication // to allow HTTP or http $cfg['Server']['auth_type'] = strtolower($cfg['Server']['auth_type']); if (!file_exists('./libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php')) { PMA_fatalError($strInvalidAuthMethod . ' ' . $cfg['Server']['auth_type']); } /** * the required auth type plugin */ require_once './libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php'; if (!PMA_auth_check()) { PMA_auth(); } else { PMA_auth_set_user(); } // Check IP-based Allow/Deny rules as soon as possible to reject the // user // Based on mod_access in Apache: // http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/aaa/mod_access.c?rev=1.37&content-type=text/vnd.viewcvs-markup // Look at: "static int check_dir_access(request_rec *r)"