[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_0BETA4-394-g8fb2679
Michal Čihař
nijel at users.sourceforge.net
Fri Mar 18 16:12:26 CET 2011
The branch, master has been updated
via 8fb267930eebb72e0f5eb23044ac439c950461e3 (commit)
from efd8db8298bbf288ad596efd918661a3d3e8492d (commit)
- Log -----------------------------------------------------------------
commit 8fb267930eebb72e0f5eb23044ac439c950461e3
Author: Michal Čihař <mcihar at novell.com>
Date: Fri Mar 18 16:12:16 2011 +0100
bug #3039384 [auth] Force signon auth on signon URL change.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
libraries/auth/signon.auth.lib.php | 11 +++++++++++
2 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 8973673..d9897e8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -149,6 +149,7 @@
- bug #3206876 [core] Work without mbstring installed.
- rfe #3196075, patch #3212068 [interface] Add links to variables documentation.
- bug #3208723 [import] Fix import of utf-8 XML files.
+- bug #3039384 [auth] Force signon auth on signon URL change.
3.3.10.0 (not yet released)
- patch #3147400 [structure] Aria table size printed as unknown,
diff --git a/libraries/auth/signon.auth.lib.php b/libraries/auth/signon.auth.lib.php
index 6eb0ead..3e0d64b 100644
--- a/libraries/auth/signon.auth.lib.php
+++ b/libraries/auth/signon.auth.lib.php
@@ -19,6 +19,7 @@
* @access public
*/
function PMA_auth() {
+ unset($_SESSION['LAST_SIGNON_URL']);
if (empty($GLOBALS['cfg']['Server']['SignonURL'])) {
PMA_fatalError('You must set SignonURL!');
} elseif (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
@@ -54,9 +55,17 @@ function PMA_auth_check()
{
global $PHP_AUTH_USER, $PHP_AUTH_PW;
+ /* Check if we're using same sigon server */
+ if (isset($_SESSION['LAST_SIGNON_URL']) && $_SESSION['LAST_SIGNON_URL'] != $GLOBALS['cfg']['Server']['SignonURL']) {
+ return false;
+ }
+
/* Session name */
$session_name = $GLOBALS['cfg']['Server']['SignonSession'];
+ /* Login URL */
+ $signon_url = $GLOBALS['cfg']['Server']['SignonURL'];
+
/* Current host */
$single_signon_host = $GLOBALS['cfg']['Server']['host'];
@@ -150,8 +159,10 @@ function PMA_auth_check()
// Returns whether we get authentication settings or not
if (empty($PHP_AUTH_USER)) {
+ unset($_SESSION['LAST_SIGNON_URL']);
return false;
} else {
+ $_SESSION['LAST_SIGNON_URL'] = $GLOBALS['cfg']['Server']['SignonURL'];
return true;
}
} // end of the 'PMA_auth_check()' function
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list