The branch, QA_3_4 has been updated via adc6de06850e57cdb0118f9ca6f3d90f4bba47a8 (commit) from e936257d44ba2103c03986dd7253519480e46fac (commit)
- Log ----------------------------------------------------------------- commit adc6de06850e57cdb0118f9ca6f3d90f4bba47a8 Author: Michal Čihař mcihar@novell.com Date: Mon May 23 10:33:14 2011 +0200
[auth] Fixed error handling for signon auth method.
The message is now stored in caller session data and properly displayed in example script.
-----------------------------------------------------------------------
Summary of changes: ChangeLog | 1 + libraries/auth/signon.auth.lib.php | 41 +++++++++++++++++++++++++---------- scripts/signon.php | 15 +++++++------ 3 files changed, 38 insertions(+), 19 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 02db359..0bed539 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,7 @@ - bug #3305606 [interface] Show all button wraps on privileges page - bug #3305517 [config] Config for export compression not used - bug #3305883 [interface] Table is dropped regardless of confirmation +- [auth] Fixed error handling for signon auth method.
3.4.1.0 (2011-05-20) - bug #3301108 [interface] Synchronize and already configured host diff --git a/libraries/auth/signon.auth.lib.php b/libraries/auth/signon.auth.lib.php index 3e0d64b..0735020 100644 --- a/libraries/auth/signon.auth.lib.php +++ b/libraries/auth/signon.auth.lib.php @@ -202,18 +202,35 @@ function PMA_auth_set_user() */ function PMA_auth_fails() { - if (! empty($GLOBALS['login_without_password_is_forbidden'])) { - $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)'); - } elseif (! empty($GLOBALS['allowDeny_forbidden'])) { - $_SESSION['PMA_single_signon_error_message'] = __('Access denied'); - } elseif (! empty($GLOBALS['no_activity'])) { - $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']); - } elseif (PMA_DBI_getError()) { - $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError()); - } elseif (isset($php_errormsg)) { - $_SESSION['PMA_single_signon_error_message'] = $php_errormsg; - } else { - $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server'); + /* Session name */ + $session_name = $GLOBALS['cfg']['Server']['SignonSession']; + + /* Does session exist? */ + if (isset($_COOKIE[$session_name])) { + /* End current session */ + $old_session = session_name(); + $old_id = session_id(); + session_write_close(); + + /* Load single signon session */ + session_name($session_name); + session_id($_COOKIE[$session_name]); + session_start(); + + /* Set error message */ + if (! empty($GLOBALS['login_without_password_is_forbidden'])) { + $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)'); + } elseif (! empty($GLOBALS['allowDeny_forbidden'])) { + $_SESSION['PMA_single_signon_error_message'] = __('Access denied'); + } elseif (! empty($GLOBALS['no_activity'])) { + $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']); + } elseif (PMA_DBI_getError()) { + $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError()); + } elseif (isset($php_errormsg)) { + $_SESSION['PMA_single_signon_error_message'] = $php_errormsg; + } else { + $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server'); + } } PMA_auth(); } // end of the 'PMA_auth_fails()' function diff --git a/scripts/signon.php b/scripts/signon.php index acb5f7d..e585625 100644 --- a/scripts/signon.php +++ b/scripts/signon.php @@ -11,14 +11,15 @@ * @subpackage Example */
+/* Need to have cookie visible from parent directory */ +session_set_cookie_params(0, '/', '', 0); +/* Create signon session */ +$session_name = 'SignonSession'; +session_name($session_name); +session_start(); + /* Was data posted? */ if (isset($_POST['user'])) { - /* Need to have cookie visible from parent directory */ - session_set_cookie_params(0, '/', '', 0); - /* Create signon session */ - $session_name = 'SignonSession'; - session_name($session_name); - session_start(); /* Store there credentials */ $_SESSION['PMA_single_signon_user'] = $_POST['user']; $_SESSION['PMA_single_signon_password'] = $_POST['password']; @@ -47,7 +48,7 @@ if (isset($_POST['user'])) { <body> <?php if (isset($_SESSION['PMA_single_signon_error_message'])) { - echo '<p class="error">' . $_SESSION['PMA_single_signon_message'] . '</p>'; + echo '<p class="error">' . $_SESSION['PMA_single_signon_error_message'] . '</p>'; } ?> <form action="signon.php" method="post">
hooks/post-receive