/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { PMA_auth(); return TRUE; }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { $error = PMA_DBI_getError(); if ($error && $GLOBALS['errno'] != 1045) { PMA_fatalError($error); } else { PMA_auth(); return true; } }
/** * User is not allowed to login to MySQL -> authentication failed * * prepares error message and switches to PMA_auth() which display the error * and the login form * * this function MUST exit/quit the application, * currently doen by call to PMA_auth() * * @access public */ function PMA_auth_fails() { global $conn_error; // Deletes password cookie and displays the login form $GLOBALS['PMA_Config']->removeCookie('pmaPass-' . $GLOBALS['server']); if (!empty($GLOBALS['login_without_password_is_forbidden'])) { $conn_error = __('Login without a password is forbidden by configuration (see AllowNoPassword)'); } elseif (!empty($GLOBALS['allowDeny_forbidden'])) { $conn_error = __('Access denied'); } elseif (!empty($GLOBALS['no_activity'])) { $conn_error = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']); // Remember where we got timeout to return on same place if (PMA_getenv('SCRIPT_NAME')) { $GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME')); // avoid "missing parameter: field" on re-entry if ('tbl_alter.php' == $GLOBALS['target']) { $GLOBALS['target'] = 'tbl_structure.php'; } } } elseif (PMA_DBI_getError()) { $conn_error = '#' . $GLOBALS['errno'] . ' ' . __('Cannot log in to the MySQL server'); } else { $conn_error = __('Cannot log in to the MySQL server'); } // needed for PHP-CGI (not need for FastCGI or mod-php) header('Cache-Control: no-store, no-cache, must-revalidate'); header('Pragma: no-cache'); PMA_auth(); }
if ($server == 0) { $cfg['Server'] = array(); } else { if (isset($cfg['Servers'][$server])) { $cfg['Server'] = $cfg['Servers'][$server]; /** * Loads the proper database interface for this server */ require_once './libraries/database_interface.lib.php'; // Gets the authentication library that fits the $cfg['Server'] settings // and run authentication // (for a quick check of path disclosure in auth/cookies:) $coming_from_common = TRUE; require_once './libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php'; if (!PMA_auth_check()) { PMA_auth(); } else { PMA_auth_set_user(); } // Check IP-based Allow/Deny rules as soon as possible to reject the // user // Based on mod_access in Apache: // http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/aaa/mod_access.c?rev=1.37&content-type=text/vnd.viewcvs-markup // Look at: "static int check_dir_access(request_rec *r)" // Robbat2 - May 10, 2002 if (isset($cfg['Server']['AllowDeny']) && isset($cfg['Server']['AllowDeny']['order'])) { require_once './libraries/ip_allow_deny.lib.php'; $allowDeny_forbidden = FALSE; // default if ($cfg['Server']['AllowDeny']['order'] == 'allow,deny') { $allowDeny_forbidden = TRUE;
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { $error = PMA_DBI_getError(); if ($error && $GLOBALS['errno'] != 1045) { PMA_sendHeaderLocation('error.php?error=' . urlencode($error)); exit; } else { PMA_auth(); return true; } }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { /* Session name */ $session_name = $GLOBALS['cfg']['Server']['SignonSession']; /* Does session exist? */ if (isset($_COOKIE[$session_name])) { /* End current session */ $old_session = session_name(); $old_id = session_id(); session_write_close(); /* Load single signon session */ session_name($session_name); session_id($_COOKIE[$session_name]); session_start(); /* Set error message */ if (!empty($GLOBALS['login_without_password_is_forbidden'])) { $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)'); } elseif (!empty($GLOBALS['allowDeny_forbidden'])) { $_SESSION['PMA_single_signon_error_message'] = __('Access denied'); } elseif (!empty($GLOBALS['no_activity'])) { $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']); } elseif (PMA_DBI_getError()) { $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError()); } elseif (isset($php_errormsg)) { $_SESSION['PMA_single_signon_error_message'] = $php_errormsg; } else { $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server'); } } PMA_auth(); }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { global $conn_error; // Deletes password cookie and displays the login form setcookie('pma_cookie_password', base64_encode(''), 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']); if (PMA_mysql_error()) { $conn_error = PMA_mysql_error(); } else { if (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = $GLOBALS['strCannotLogin']; } } PMA_auth(); return TRUE; }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { global $conn_error, $server; // Deletes password cookie and displays the login form PMA_removeCookie('pma_cookie_password-' . $server); if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) { $conn_error = $GLOBALS['strAccessDenied']; } elseif (isset($GLOBALS['no_activity']) && $GLOBALS['no_activity']) { $conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']); // Remember where we got timeout to return on same place if (PMA_getenv('SCRIPT_NAME')) { $GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME')); } } elseif (PMA_DBI_getError()) { $conn_error = PMA_sanitize(PMA_DBI_getError()); } elseif (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = $GLOBALS['strCannotLogin']; } PMA_auth(); return true; }
/** * User is not allowed to login to MySQL -> authentication failed * * prepares error message and switches to PMA_auth() which display the error * and the login form * * this function MUST exit/quit the application, * currently doen by call to PMA_auth() * * @uses $GLOBALS['server'] * @uses $GLOBALS['allowDeny_forbidden'] * @uses $GLOBALS['strAccessDenied'] * @uses $GLOBALS['strNoActivity'] * @uses $GLOBALS['strCannotLogin'] * @uses $GLOBALS['no_activity'] * @uses $cfg['LoginCookieValidity'] * @uses PMA_removeCookie() * @uses PMA_getenv() * @uses PMA_DBI_getError() * @uses PMA_sanitize() * @uses PMA_auth() * @uses sprintf() * @uses basename() * @access public */ function PMA_auth_fails() { global $conn_error; // Deletes password cookie and displays the login form PMA_removeCookie('pmaPass-' . $GLOBALS['server']); if (!empty($GLOBALS['login_without_password_is_forbidden'])) { $conn_error = $GLOBALS['strLoginWithoutPassword']; } elseif (!empty($GLOBALS['allowDeny_forbidden'])) { $conn_error = $GLOBALS['strAccessDenied']; } elseif (!empty($GLOBALS['no_activity'])) { $conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']); // Remember where we got timeout to return on same place if (PMA_getenv('SCRIPT_NAME')) { $GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME')); // avoid "missing parameter: field" on re-entry if ('tbl_alter.php' == $GLOBALS['target']) { $GLOBALS['target'] = 'tbl_structure.php'; } } } elseif (PMA_DBI_getError()) { $conn_error = '#' . $GLOBALS['errno'] . ' ' . $GLOBALS['strCannotLogin']; } else { $conn_error = $GLOBALS['strCannotLogin']; } // needed for PHP-CGI (not need for FastCGI or mod-php) header('Cache-Control: no-store, no-cache, must-revalidate'); header('Pragma: no-cache'); PMA_auth(); }
/** * User is not allowed to login to MySQL -> authentication failed * * prepares error message and switches to PMA_auth() which display the error * and the login form * * this function MUST exit/quit the application, * currently doen by call to PMA_auth() * * @todo $php_errormsg is invalid here!? it will never be set in this scope * @uses $GLOBALS['server'] * @uses $GLOBALS['allowDeny_forbidden'] * @uses $GLOBALS['strAccessDenied'] * @uses $GLOBALS['strNoActivity'] * @uses $GLOBALS['strCannotLogin'] * @uses $GLOBALS['no_activity'] * @uses $cfg['LoginCookieValidity'] * @uses PMA_removeCookie() * @uses PMA_getenv() * @uses PMA_DBI_getError() * @uses PMA_sanitize() * @uses PMA_auth() * @uses sprintf() * @uses basename() * @access public */ function PMA_auth_fails() { global $conn_error; // Deletes password cookie and displays the login form PMA_removeCookie('pmaPass-' . $GLOBALS['server']); if (!empty($GLOBALS['allowDeny_forbidden'])) { $conn_error = $GLOBALS['strAccessDenied']; } elseif (!empty($GLOBALS['no_activity'])) { $conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']); // Remember where we got timeout to return on same place if (PMA_getenv('SCRIPT_NAME')) { $GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME')); // avoid "missing parameter: field" on re-entry if ('tbl_alter.php' == $GLOBALS['target']) { $GLOBALS['target'] = 'tbl_structure.php'; } } } elseif (PMA_DBI_getError()) { $conn_error = PMA_sanitize(PMA_DBI_getError()); } elseif (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = $GLOBALS['strCannotLogin']; } PMA_auth(); }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { global $conn_error, $server; // Deletes password cookie and displays the login form setcookie('pma_cookie_password-' . $server, '', 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']); if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) { $conn_error = $GLOBALS['strAccessDenied']; } else { if (isset($GLOBALS['no_activity']) && $GLOBALS['no_activity']) { $conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']); } else { if (PMA_DBI_getError()) { $conn_error = PMA_DBI_getError(); } else { if (isset($php_errormsg)) { $conn_error = $php_errormsg; } else { $conn_error = $GLOBALS['strCannotLogin']; } } } } PMA_auth(); return TRUE; }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { if (!empty($GLOBALS['login_without_password_is_forbidden'])) { $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)'); } elseif (!empty($GLOBALS['allowDeny_forbidden'])) { $_SESSION['PMA_single_signon_error_message'] = __('Access denied'); } elseif (!empty($GLOBALS['no_activity'])) { $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']); } elseif (PMA_DBI_getError()) { $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError()); } elseif (isset($php_errormsg)) { $_SESSION['PMA_single_signon_error_message'] = $php_errormsg; } else { $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server'); } PMA_auth(); }
/** * User is not allowed to login to MySQL -> authentication failed * * @return boolean always true (no return indeed) * * @access public */ function PMA_auth_fails() { // Deletes password cookie and displays the login form setcookie('pma_cookie_password', '', 0, $GLOBALS['cookie_path'], '', $GLOBALS['is_https']); PMA_auth(); return TRUE; }