[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_4, updated. RELEASE_3_4_1RC1-34-gadc6de0

Mon May 23 10:33:58 CEST 2011

The branch, QA_3_4 has been updated
       via  adc6de06850e57cdb0118f9ca6f3d90f4bba47a8 (commit)
      from  e936257d44ba2103c03986dd7253519480e46fac (commit)


- Log -----------------------------------------------------------------
commit adc6de06850e57cdb0118f9ca6f3d90f4bba47a8
Author: Michal Čihař <mcihar at novell.com>
Date:   Mon May 23 10:33:14 2011 +0200

    [auth] Fixed error handling for signon auth method.
    
    The message is now stored in caller session data and properly displayed
    in example script.

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                          |    1 +
 libraries/auth/signon.auth.lib.php |   41 +++++++++++++++++++++++++----------
 scripts/signon.php                 |   15 +++++++------
 3 files changed, 38 insertions(+), 19 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 02db359..0bed539 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,7 @@
 - bug #3305606 [interface] Show all button wraps on privileges page
 - bug #3305517 [config] Config for export compression not used
 - bug #3305883 [interface] Table is dropped regardless of confirmation
+- [auth] Fixed error handling for signon auth method.
 
 3.4.1.0 (2011-05-20)
 - bug #3301108 [interface] Synchronize and already configured host
diff --git a/libraries/auth/signon.auth.lib.php b/libraries/auth/signon.auth.lib.php
index 3e0d64b..0735020 100644
--- a/libraries/auth/signon.auth.lib.php
+++ b/libraries/auth/signon.auth.lib.php
@@ -202,18 +202,35 @@ function PMA_auth_set_user()
  */
 function PMA_auth_fails()
 {
-    if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
-        $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
-    } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
-        $_SESSION['PMA_single_signon_error_message'] = __('Access denied');
-    } elseif (! empty($GLOBALS['no_activity'])) {
-        $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
-    } elseif (PMA_DBI_getError()) {
-        $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
-    } elseif (isset($php_errormsg)) {
-        $_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
-    } else {
-        $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
+    /* Session name */
+    $session_name = $GLOBALS['cfg']['Server']['SignonSession'];
+
+    /* Does session exist? */
+    if (isset($_COOKIE[$session_name])) {
+        /* End current session */
+        $old_session = session_name();
+        $old_id = session_id();
+        session_write_close();
+
+        /* Load single signon session */
+        session_name($session_name);
+        session_id($_COOKIE[$session_name]);
+        session_start();
+
+        /* Set error message */
+        if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
+            $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
+        } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
+            $_SESSION['PMA_single_signon_error_message'] = __('Access denied');
+        } elseif (! empty($GLOBALS['no_activity'])) {
+            $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
+        } elseif (PMA_DBI_getError()) {
+            $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
+        } elseif (isset($php_errormsg)) {
+            $_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
+        } else {
+            $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
+        }
     }
     PMA_auth();
 } // end of the 'PMA_auth_fails()' function
diff --git a/scripts/signon.php b/scripts/signon.php
index acb5f7d..e585625 100644
--- a/scripts/signon.php
+++ b/scripts/signon.php
@@ -11,14 +11,15 @@
  * @subpackage Example
  */
 
+/* Need to have cookie visible from parent directory */
+session_set_cookie_params(0, '/', '', 0);
+/* Create signon session */
+$session_name = 'SignonSession';
+session_name($session_name);
+session_start();
+
 /* Was data posted? */
 if (isset($_POST['user'])) {
-    /* Need to have cookie visible from parent directory */
-    session_set_cookie_params(0, '/', '', 0);
-    /* Create signon session */
-    $session_name = 'SignonSession';
-    session_name($session_name);
-    session_start();
     /* Store there credentials */
     $_SESSION['PMA_single_signon_user'] = $_POST['user'];
     $_SESSION['PMA_single_signon_password'] = $_POST['password'];
@@ -47,7 +48,7 @@ if (isset($_POST['user'])) {
 <body>
 <?php
 if (isset($_SESSION['PMA_single_signon_error_message'])) {
-    echo '<p class="error">' . $_SESSION['PMA_single_signon_message'] . '</p>';
+    echo '<p class="error">' . $_SESSION['PMA_single_signon_error_message'] . '</p>';
 }
 ?>
 <form action="signon.php" method="post">


hooks/post-receive
-- 
phpMyAdmin


