/**
* Test for PMA_selectServer
*
* @return void
*/
public function testPMASelectServer()
{
$not_only_options = false;
$omit_fieldset = false;
$GLOBALS['cfg']['DefaultTabServer'] = "welcome";
$GLOBALS['cfg']['Servers'] = array('0' => array('host' => 'host0', 'port' => 'port0', 'only_db' => 'only_db0', 'user' => 'user0', 'auth_type' => 'config'), '1' => array('host' => 'host1', 'port' => 'port1', 'only_db' => 'only_db1', 'user' => 'user1', 'auth_type' => 'config'));
//$not_only_options=false & $omit_fieldset=false
$html = PMA_selectServer($not_only_options, $omit_fieldset);
$server = $GLOBALS['cfg']['Servers']['0'];
//server items
$this->assertContains($server['host'], $html);
$this->assertContains($server['port'], $html);
$this->assertContains($server['only_db'], $html);
$this->assertContains($server['user'], $html);
$not_only_options = true;
$omit_fieldset = true;
$GLOBALS['cfg']['DisplayServersList'] = null;
//$not_only_options=true & $omit_fieldset=true
$html = PMA_selectServer($not_only_options, $omit_fieldset);
//$GLOBALS['cfg']['DefaultTabServer']
$this->assertContains(PMA\libraries\Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server'), $html);
//labels
$this->assertContains(__('Current server:'), $html);
$this->assertContains('(' . __('Servers') . ')', $html);
//server items
$server = $GLOBALS['cfg']['Servers']['0'];
$this->assertContains($server['host'], $html);
$this->assertContains($server['port'], $html);
$this->assertContains($server['only_db'], $html);
$this->assertContains($server['user'], $html);
}
/**
* Test for PMA_selectServer
*
* @return void
*/
public function testPMASelectServer()
{
$not_only_options = false;
$omit_fieldset = false;
$GLOBALS['cfg']['DefaultTabServer'] = "DefaultTabServer";
$GLOBALS['cfg']['Servers'] = array('0' => array('host' => 'host0', 'port' => 'port0', 'only_db' => 'only_db0', 'user' => 'user0', 'auth_type' => 'config'), '1' => array('host' => 'host1', 'port' => 'port1', 'only_db' => 'only_db1', 'user' => 'user1', 'auth_type' => 'config'));
//$not_only_options=false & $omit_fieldset=false
$html = PMA_selectServer($not_only_options, $omit_fieldset);
$server = $GLOBALS['cfg']['Servers']['0'];
//server items
$this->assertContains($server['host'], $html);
$this->assertContains($server['port'], $html);
$this->assertContains($server['only_db'], $html);
$this->assertContains($server['user'], $html);
$not_only_options = true;
$omit_fieldset = true;
$GLOBALS['cfg']['DisplayServersList'] = null;
//$not_only_options=true & $omit_fieldset=true
$html = PMA_selectServer($not_only_options, $omit_fieldset);
//$GLOBALS['cfg']['DefaultTabServer']
$this->assertContains($GLOBALS['cfg']['DefaultTabServer'], $html);
//PMA_URL_getHiddenInputs
$this->assertContains('<input type="hidden" name="token" value="token" />', $html);
//labels
$this->assertContains(__('Current Server:'), $html);
$this->assertContains('(' . __('Servers') . ')', $html);
//server items
$server = $GLOBALS['cfg']['Servers']['0'];
$this->assertContains($server['host'], $html);
$this->assertContains($server['port'], $html);
$this->assertContains($server['only_db'], $html);
$this->assertContains($server['user'], $html);
}
/**
* Displays the MySQL servers choice form
*
* @return string HTML code for the MySQL servers choice
*/
private function _serverChoice()
{
$retval = '';
if ($GLOBALS['cfg']['NavigationDisplayServers'] && count($GLOBALS['cfg']['Servers']) > 1) {
include_once './libraries/select_server.lib.php';
$retval .= '<!-- SERVER CHOICE START -->';
$retval .= '<div id="serverChoice">';
$retval .= PMA_selectServer(true, true);
$retval .= '</div>';
$retval .= '<!-- SERVER CHOICE END -->';
}
return $retval;
}
echo '<h2>', __('phpMyAdmin Demo Server'), '</h2>';
echo '<p style="margin: 0.5em 1em 0.5em 1em">';
printf(__('You are using the demo server. You can do anything here, but ' . 'please do not change root, debian-sys-maint and pma users. ' . 'More information is available at %s.'), '<a href="http://demo.phpmyadmin.net/">demo.phpmyadmin.net</a>');
echo '</p>';
echo '</div>';
}
echo '<div class="group">';
echo '<h2>', __('General settings'), '</h2>';
echo '<ul>';
/**
* Displays the MySQL servers choice form
*/
if ($cfg['ServerDefault'] == 0 || !$cfg['NavigationDisplayServers'] && (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)) {
echo '<li id="li_select_server" class="no_bullets" >';
include_once 'libraries/select_server.lib.php';
echo PMA\libraries\Util::getImage('s_host.png'), " ", PMA_selectServer(true, true);
echo '</li>';
}
/**
* Displays the mysql server related links
*/
if ($server > 0) {
include_once 'libraries/check_user_privileges.lib.php';
// Logout for advanced authentication
if ($cfg['Server']['auth_type'] != 'config') {
if ($cfg['ShowChgPassword']) {
$conditional_class = 'ajax';
PMA_printListItem(PMA\libraries\Util::getImage('s_passwd.png') . " " . __('Change password'), 'li_change_password', 'user_password.php' . $common_url_query, null, null, 'change_password_anchor', "no_bullets", $conditional_class);
}
}
// end if
/**
* User is not allowed to login to MySQL -> authentication failed
*
* @global string the MySQL error message PHP returns
* @global string the connection type (persistent or not)
* @global string the MySQL server port to use
* @global string the MySQL socket port to use
* @global array the current server settings
* @global string the font face to use in case of failure
* @global string the default font size to use in case of failure
* @global string the big font size to use in case of failure
* @global boolean tell the "PMA_mysqlDie()" function headers have been
* sent
*
* @return boolean always true (no return indeed)
*/
public function authFails()
{
$conn_error = $GLOBALS['dbi']->getError();
if (!$conn_error) {
$conn_error = __('Cannot connect: invalid settings.');
}
/* HTML header */
$response = PMA_Response::getInstance();
$response->getFooter()->setMinimal();
$header = $response->getHeader();
$header->setBodyId('loginform');
$header->setTitle(__('Access denied!'));
$header->disableMenuAndConsole();
echo '<br /><br />
<center>
<h1>';
echo sprintf(__('Welcome to %s'), ' phpMyAdmin ');
echo '</h1>
</center>
<br />
<table cellpadding="0" cellspacing="3" style="margin: 0 auto" width="80%">
<tr>
<td>';
if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
trigger_error(__('Access denied!'), E_USER_NOTICE);
} else {
// Check whether user has configured something
if ($GLOBALS['PMA_Config']->source_mtime == 0) {
echo '<p>' . sprintf(__('You probably did not create a configuration file.' . ' You might want to use the %1$ssetup script%2$s to' . ' create one.'), '<a href="setup/">', '</a>') . '</p>' . "\n";
} elseif (!isset($GLOBALS['errno']) || isset($GLOBALS['errno']) && $GLOBALS['errno'] != 2002 && $GLOBALS['errno'] != 2003) {
// if we display the "Server not responding" error, do not confuse
// users by telling them they have a settings problem
// (note: it's true that they could have a badly typed host name,
// but anyway the current message tells that the server
// rejected the connection, which is not really what happened)
// 2002 is the error given by mysqli
// 2003 is the error given by mysql
trigger_error(__('phpMyAdmin tried to connect to the MySQL server, and the' . ' server rejected the connection. You should check the' . ' host, username and password in your configuration and' . ' make sure that they correspond to the information given' . ' by the administrator of the MySQL server.'), E_USER_WARNING);
}
echo PMA_Util::mysqlDie($conn_error, '', true, '', false);
}
$GLOBALS['error_handler']->dispUserErrors();
echo '</td>
</tr>
<tr>
<td>' . "\n";
echo '<a href="' . PMA_Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server') . PMA_URL_getCommon(array()) . '" class="button disableAjax">' . __('Retry to connect') . '</a>' . "\n";
echo '</td>
</tr>' . "\n";
if (count($GLOBALS['cfg']['Servers']) > 1) {
// offer a chance to login to other servers if the current one failed
include_once './libraries/select_server.lib.php';
echo '<tr>' . "\n";
echo ' <td>' . "\n";
echo PMA_selectServer(true, true);
echo ' </td>' . "\n";
echo '</tr>' . "\n";
}
echo '</table>' . "\n";
if (!defined('TESTSUITE')) {
exit;
}
return true;
}
/**
* Displays authentication form
*
* this function MUST exit/quit the application
*
* @global string $conn_error the last connection error
*
* @return boolean|void
*/
public function auth()
{
global $conn_error;
$response = PMA_Response::getInstance();
if ($response->isAjax()) {
$response->setRequestStatus(false);
// redirect_flag redirects to the login page
$response->addJSON('redirect_flag', '1');
if (defined('TESTSUITE')) {
return true;
} else {
exit;
}
}
/* Perform logout to custom URL */
if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
if (defined('TESTSUITE')) {
return true;
} else {
exit;
}
}
// No recall if blowfish secret is not configured as it would produce
// garbage
if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
$default_user = $GLOBALS['PHP_AUTH_USER'];
$default_server = $GLOBALS['pma_auth_server'];
$autocomplete = '';
} else {
$default_user = '';
$default_server = '';
// skip the IE autocomplete feature.
$autocomplete = ' autocomplete="off"';
}
$response->getFooter()->setMinimal();
$header = $response->getHeader();
$header->setBodyId('loginform');
$header->setTitle('phpMyAdmin');
$header->disableMenuAndConsole();
$header->disableWarnings();
if (file_exists(CUSTOM_HEADER_FILE)) {
include CUSTOM_HEADER_FILE;
}
echo '
<div class="container">
<a href="';
echo PMA_linkURL('https://www.phpmyadmin.net/');
echo '" target="_blank" class="logo">';
$logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
if (@file_exists($logo_image)) {
echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
} else {
echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
}
echo '</a>
<h1>';
echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>');
echo "</h1>";
// Show error message
if (!empty($conn_error)) {
PMA_Message::rawError($conn_error)->display();
} elseif (isset($_GET['session_expired']) && intval($_GET['session_expired']) == 1) {
PMA_Message::rawError(__('Your session has expired. Please log in again.'))->display();
}
echo "<noscript>\n";
PMA_message::error(__("Javascript must be enabled past this point!"))->display();
echo "</noscript>\n";
echo "<div class='hide js-show'>";
// Displays the languages form
if (empty($GLOBALS['cfg']['Lang'])) {
include_once './libraries/display_select_lang.lib.php';
// use fieldset, don't show doc link
echo PMA_getLanguageSelectorHtml(true, false);
}
echo '</div>
<br />
<!-- Login form -->
<form method="post" action="index.php" name="login_form"' . $autocomplete . ' class="disableAjax login hide js-show">
<fieldset>
<legend>';
echo __('Log in');
echo PMA_Util::showDocu('index');
echo '</legend>';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo '
<div class="item">
<label for="input_servername" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '">';
echo __('Server:');
echo '</label>
<input type="text" name="pma_servername" id="input_servername"';
echo ' value="';
echo htmlspecialchars($default_server);
echo '" size="24" class="textfield" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '" />
</div>';
}
echo '<div class="item">
<label for="input_username">' . __('Username:'******'</label>
<input type="text" name="pma_username" id="input_username" ' . 'value="' . htmlspecialchars($default_user) . '" size="24"' . ' class="textfield"/>
</div>
<div class="item">
<label for="input_password">' . __('Password:'******'</label>
<input type="password" name="pma_password" id="input_password"' . ' value="" size="24" class="textfield" />
</div>';
if (count($GLOBALS['cfg']['Servers']) > 1) {
echo '<div class="item">
<label for="select_server">' . __('Server Choice:') . '</label>
<select name="server" id="select_server"';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo ' onchange="document.forms[\'login_form\'].' . 'elements[\'pma_servername\'].value = \'\'" ';
}
echo '>';
include_once './libraries/select_server.lib.php';
echo PMA_selectServer(false, false);
echo '</select></div>';
} else {
echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
}
// end if (server choice)
// Add captcha input field if reCaptcha is enabled
if (!empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) && !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])) {
// If enabled show captcha to the user on the login screen.
echo '<script src="https://www.google.com/recaptcha/api.js?hl=' . $GLOBALS['lang'] . '" async defer></script>';
echo '<div class="g-recaptcha" data-sitekey="' . $GLOBALS['cfg']['CaptchaLoginPublicKey'] . '"></div>';
}
echo '</fieldset>
<fieldset class="tblFooters">
<input value="' . __('Go') . '" type="submit" id="input_go" />';
$_form_params = array();
if (!empty($GLOBALS['target'])) {
$_form_params['target'] = $GLOBALS['target'];
}
if (!empty($GLOBALS['db'])) {
$_form_params['db'] = $GLOBALS['db'];
}
if (!empty($GLOBALS['table'])) {
$_form_params['table'] = $GLOBALS['table'];
}
// do not generate a "server" hidden field as we want the "server"
// drop-down to have priority
echo PMA_URL_getHiddenInputs($_form_params, '', 0, 'server');
echo '</fieldset>
</form>';
// BEGIN Swekey Integration
Swekey_login('input_username', 'input_go');
// END Swekey Integration
if ($GLOBALS['error_handler']->hasDisplayErrors()) {
echo '<div id="pma_errors">';
$GLOBALS['error_handler']->dispErrors();
echo '</div>';
}
echo '</div>';
if (file_exists(CUSTOM_FOOTER_FILE)) {
include CUSTOM_FOOTER_FILE;
}
if (!defined('TESTSUITE')) {
exit;
} else {
return true;
}
}
echo '<h2>' . __('phpMyAdmin Demo Server') . '</h2>';
echo '<p style="margin: 0.5em 1em 0.5em 1em">';
printf(__('You are using the demo server. You can do anything here, but ' . 'please do not change root, debian-sys-maint and pma users. ' . 'More information is available at %s.'), '<a href="http://demo.phpmyadmin.net/">demo.phpmyadmin.net</a>');
echo '</p>';
echo '</div>';
}
echo '<div class="group">';
echo '<h2>' . __('General Settings') . '</h2>';
echo '<ul>';
/**
* Displays the MySQL servers choice form
*/
if ($cfg['ServerDefault'] == 0 || !$cfg['NavigationDisplayServers'] && (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)) {
echo '<li id="li_select_server" class="no_bullets" >';
include_once 'libraries/select_server.lib.php';
echo PMA_Util::getImage('s_host.png') . " " . PMA_selectServer(true, true);
echo '</li>';
}
/**
* Displays the mysql server related links
*/
if ($server > 0 && !PMA_DRIZZLE) {
include_once 'libraries/check_user_privileges.lib.php';
// Logout for advanced authentication
if ($cfg['Server']['auth_type'] != 'config') {
if ($cfg['ShowChgPassword']) {
$conditional_class = 'ajax';
PMA_printListItem(PMA_Util::getImage('s_passwd.png') . " " . __('Change password'), 'li_change_password', 'user_password.php' . $common_url_query, null, null, 'change_password_anchor', "no_bullets", $conditional_class);
}
}
// end if
if ($server > 0
|| (! $cfg['LeftDisplayServers'] && count($cfg['Servers']) > 1)
) {
echo '<div class="group">';
echo '<h2>' . __('General Settings') . '</h2>';
echo '<ul>';
/**
* Displays the MySQL servers choice form
*/
if (! $cfg['LeftDisplayServers']
&& (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)
) {
echo '<li id="li_select_server">';
include_once 'libraries/select_server.lib.php';
PMA_selectServer(true, true);
echo '</li>';
}
/**
* Displays the mysql server related links
*/
if ($server > 0 && ! PMA_DRIZZLE) {
include_once 'libraries/check_user_privileges.lib.php';
// Logout for advanced authentication
if ($cfg['Server']['auth_type'] != 'config') {
if ($cfg['ShowChgPassword']) {
if ($GLOBALS['cfg']['AjaxEnable']) {
$conditional_class = 'ajax';
} else {
/**
* Displays authentication form
*
* this function MUST exit/quit the application
*
* @global string the last connection error
*
* @return void
*/
public function auth()
{
global $conn_error;
$response = PMA_Response::getInstance();
if ($response->isAjax()) {
$response->isSuccess(false);
if (!empty($conn_error)) {
$response->addJSON('message', PMA_Message::error($conn_error));
} else {
$response->addJSON('message', PMA_Message::error(__('Your session has expired. Please login again.')));
}
exit;
}
/* Perform logout to custom URL */
if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
exit;
}
// No recall if blowfish secret is not configured as it would produce
// garbage
if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
$default_user = $GLOBALS['PHP_AUTH_USER'];
$default_server = $GLOBALS['pma_auth_server'];
$autocomplete = '';
} else {
$default_user = '';
$default_server = '';
// skip the IE autocomplete feature.
$autocomplete = ' autocomplete="off"';
}
$cell_align = $GLOBALS['text_dir'] == 'ltr' ? 'left' : 'right';
$response->getFooter()->setMinimal();
$header = $response->getHeader();
$header->setBodyId('loginform');
$header->setTitle('phpMyAdmin');
$header->disableMenu();
$header->disableWarnings();
if (file_exists(CUSTOM_HEADER_FILE)) {
include CUSTOM_HEADER_FILE;
}
echo '
<div class="container">
<a href="';
echo PMA_linkURL('http://www.phpmyadmin.net/');
echo '" target="_blank" class="logo">';
$logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
if (@file_exists($logo_image)) {
echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
} else {
echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" ' . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
}
echo '</a>
<h1>';
echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>');
echo "</h1>";
// Show error message
if (!empty($conn_error)) {
PMA_Message::rawError($conn_error)->display();
}
echo "<noscript>\n";
PMA_message::error(__("Javascript must be enabled past this point"))->display();
echo "</noscript>\n";
echo "<div class='hide js-show'>";
// Displays the languages form
if (empty($GLOBALS['cfg']['Lang'])) {
include_once './libraries/display_select_lang.lib.php';
// use fieldset, don't show doc link
PMA_Language_select(true, false);
}
echo '</div>
<br />
<!-- Login form -->
<form method="post" action="index.php" name="login_form"' . $autocomplete . ' target="_top" class="login hide js-show">
<fieldset>
<legend>';
echo __('Log in');
echo PMA_Util::showDocu('');
echo '</legend>';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo '
<div class="item">
<label for="input_servername" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '">';
echo __('Server:');
echo '</label>
<input type="text" name="pma_servername" id="input_servername"';
echo ' value="';
echo htmlspecialchars($default_server);
echo '" size="24" class="textfield" title="';
echo __('You can enter hostname/IP address and port separated by space.');
echo '" />
</div>';
}
echo '<div class="item">
<label for="input_username">' . __('Username:'******'</label>
<input type="text" name="pma_username" id="input_username" ' . 'value="' . htmlspecialchars($default_user) . '" size="24"' . ' class="textfield"/>
</div>
<div class="item">
<label for="input_password">' . __('Password:'******'</label>
<input type="password" name="pma_password" id="input_password"' . ' value="" size="24" class="textfield" />
</div>';
if (count($GLOBALS['cfg']['Servers']) > 1) {
echo '<div class="item">
<label for="select_server">' . __('Server Choice') . ':</label>
<select name="server" id="select_server"';
if ($GLOBALS['cfg']['AllowArbitraryServer']) {
echo ' onchange="document.forms[\'login_form\'].' . 'elements[\'pma_servername\'].value = \'\'" ';
}
echo '>';
include_once './libraries/select_server.lib.php';
PMA_selectServer(false, false);
echo '</select></div>';
} else {
echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
}
// end if (server choice)
echo '</fieldset>
<fieldset class="tblFooters">
<input value="' . __('Go') . '" type="submit" id="input_go" />';
$_form_params = array();
if (!empty($GLOBALS['target'])) {
$_form_params['target'] = $GLOBALS['target'];
}
if (!empty($GLOBALS['db'])) {
$_form_params['db'] = $GLOBALS['db'];
}
if (!empty($GLOBALS['table'])) {
$_form_params['table'] = $GLOBALS['table'];
}
// do not generate a "server" hidden field as we want the "server"
// drop-down to have priority
echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server');
echo '</fieldset>
</form>';
// BEGIN Swekey Integration
Swekey_login('input_username', 'input_go');
// END Swekey Integration
// show the "Cookies required" message only if cookies are disabled
// (we previously tried to set some cookies)
if (empty($_COOKIE)) {
trigger_error(__('Cookies must be enabled past this point.'), E_USER_NOTICE);
}
if ($GLOBALS['error_handler']->hasDisplayErrors()) {
echo '<div>';
$GLOBALS['error_handler']->dispErrors();
echo '</div>';
}
echo '</div>';
if (file_exists(CUSTOM_FOOTER_FILE)) {
include CUSTOM_FOOTER_FILE;
}
echo '
<script type="text/javascript">
//<![CDATA[
// show login form in top frame.
if (top != self || ! $(\'body#loginform\').length) {
window.top.location.href=location;
}
//]]>
</script>';
exit;
}