[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_4, updated. RELEASE_3_4_1RC1-34-gadc6de0
Michal Čihař
nijel at users.sourceforge.net
Mon May 23 10:33:58 CEST 2011
The branch, QA_3_4 has been updated
via adc6de06850e57cdb0118f9ca6f3d90f4bba47a8 (commit)
from e936257d44ba2103c03986dd7253519480e46fac (commit)
- Log -----------------------------------------------------------------
commit adc6de06850e57cdb0118f9ca6f3d90f4bba47a8
Author: Michal Čihař <mcihar at novell.com>
Date: Mon May 23 10:33:14 2011 +0200
[auth] Fixed error handling for signon auth method.
The message is now stored in caller session data and properly displayed
in example script.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
libraries/auth/signon.auth.lib.php | 41 +++++++++++++++++++++++++----------
scripts/signon.php | 15 +++++++------
3 files changed, 38 insertions(+), 19 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 02db359..0bed539 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,7 @@
- bug #3305606 [interface] Show all button wraps on privileges page
- bug #3305517 [config] Config for export compression not used
- bug #3305883 [interface] Table is dropped regardless of confirmation
+- [auth] Fixed error handling for signon auth method.
3.4.1.0 (2011-05-20)
- bug #3301108 [interface] Synchronize and already configured host
diff --git a/libraries/auth/signon.auth.lib.php b/libraries/auth/signon.auth.lib.php
index 3e0d64b..0735020 100644
--- a/libraries/auth/signon.auth.lib.php
+++ b/libraries/auth/signon.auth.lib.php
@@ -202,18 +202,35 @@ function PMA_auth_set_user()
*/
function PMA_auth_fails()
{
- if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
- $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
- } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
- $_SESSION['PMA_single_signon_error_message'] = __('Access denied');
- } elseif (! empty($GLOBALS['no_activity'])) {
- $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
- } elseif (PMA_DBI_getError()) {
- $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
- } elseif (isset($php_errormsg)) {
- $_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
- } else {
- $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
+ /* Session name */
+ $session_name = $GLOBALS['cfg']['Server']['SignonSession'];
+
+ /* Does session exist? */
+ if (isset($_COOKIE[$session_name])) {
+ /* End current session */
+ $old_session = session_name();
+ $old_id = session_id();
+ session_write_close();
+
+ /* Load single signon session */
+ session_name($session_name);
+ session_id($_COOKIE[$session_name]);
+ session_start();
+
+ /* Set error message */
+ if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
+ $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
+ } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
+ $_SESSION['PMA_single_signon_error_message'] = __('Access denied');
+ } elseif (! empty($GLOBALS['no_activity'])) {
+ $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
+ } elseif (PMA_DBI_getError()) {
+ $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
+ } elseif (isset($php_errormsg)) {
+ $_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
+ } else {
+ $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
+ }
}
PMA_auth();
} // end of the 'PMA_auth_fails()' function
diff --git a/scripts/signon.php b/scripts/signon.php
index acb5f7d..e585625 100644
--- a/scripts/signon.php
+++ b/scripts/signon.php
@@ -11,14 +11,15 @@
* @subpackage Example
*/
+/* Need to have cookie visible from parent directory */
+session_set_cookie_params(0, '/', '', 0);
+/* Create signon session */
+$session_name = 'SignonSession';
+session_name($session_name);
+session_start();
+
/* Was data posted? */
if (isset($_POST['user'])) {
- /* Need to have cookie visible from parent directory */
- session_set_cookie_params(0, '/', '', 0);
- /* Create signon session */
- $session_name = 'SignonSession';
- session_name($session_name);
- session_start();
/* Store there credentials */
$_SESSION['PMA_single_signon_user'] = $_POST['user'];
$_SESSION['PMA_single_signon_password'] = $_POST['password'];
@@ -47,7 +48,7 @@ if (isset($_POST['user'])) {
<body>
<?php
if (isset($_SESSION['PMA_single_signon_error_message'])) {
- echo '<p class="error">' . $_SESSION['PMA_single_signon_message'] . '</p>';
+ echo '<p class="error">' . $_SESSION['PMA_single_signon_error_message'] . '</p>';
}
?>
<form action="signon.php" method="post">
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list