phpmyadmin/libraries/auth/signon.auth.lib.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * Set of functions used to run single signon authentication.
   5  *
   6  * @version $Id$
   7  */
   8
   9
  10 /**
  11  * Displays authentication form
  12  *
  13  * @global  string    the font face to use in case of failure
  14  * @global  string    the default font size to use in case of failure
  15  * @global  string    the big font size to use in case of failure
  16  *
  17  * @return  boolean   always true (no return indeed)
  18  *
  19  * @access  public
  20  */
  21 function PMA_auth() {
  22     if (empty($GLOBALS['cfg']['Server']['SignonURL'])) {
  23         PMA_fatalError('You must set SignonURL!');
  24     } elseif (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
  25         /* Perform logout to custom URL */
  26         PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
  27     } else {
  28         PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['SignonURL']);
  29     }
  30     exit();
  31 } // end of the 'PMA_auth()' function
  32
  33
  34 /**
  35  * Gets advanced authentication settings
  36  *
  37  * @global  string    the username if register_globals is on
  38  * @global  string    the password if register_globals is on
  39  * @global  array     the array of server variables if register_globals is
  40  *                    off
  41  * @global  array     the array of environment variables if register_globals
  42  *                    is off
  43  * @global  string    the username for the ? server
  44  * @global  string    the password for the ? server
  45  * @global  string    the username for the WebSite Professional server
  46  * @global  string    the password for the WebSite Professional server
  47  * @global  string    the username of the user who logs out
  48  *
  49  * @return  boolean   whether we get authentication settings or not
  50  *
  51  * @access  public
  52  */
  53 function PMA_auth_check()
  54 {
  55     global $PHP_AUTH_USER, $PHP_AUTH_PW;
  56
  57     /* Session name */
  58     $session_name = $GLOBALS['cfg']['Server']['SignonSession'];
  59
  60     /* Current host */
  61     $single_signon_host = $GLOBALS['cfg']['Server']['host'];
  62
  63     /* Are we requested to do logout? */
  64     $do_logout = !empty($_REQUEST['old_usr']);
  65
  66     /* Does session exist? */
  67     if (isset($_COOKIE[$session_name])) {
  68         /* End current session */
  69         $old_session = session_name();
  70         $old_id = session_id();
  71         session_write_close();
  72
  73         /* Load single signon session */
  74         session_name($session_name);
  75         session_id($_COOKIE[$session_name]);
  76         session_start();
  77
  78         /* Grab credentials if they exist */
  79         if (isset($_SESSION['PMA_single_signon_user'])) {
  80             if ($do_logout) {
  81                 $PHP_AUTH_USER = '';
  82             } else {
  83                 $PHP_AUTH_USER = $_SESSION['PMA_single_signon_user'];
  84             }
  85         }
  86         if (isset($_SESSION['PMA_single_signon_password'])) {
  87             if ($do_logout) {
  88                 $PHP_AUTH_PW = '';
  89             } else {
  90                 $PHP_AUTH_PW = $_SESSION['PMA_single_signon_password'];
  91             }
  92         }
  93         if (isset($_SESSION['PMA_single_signon_host'])) {
  94                 $single_signon_host = $_SESSION['PMA_single_signon_host'];
  95         }
  96         /* Also get token as it is needed to access subpages */
  97         if (isset($_SESSION['PMA_single_signon_token'])) {
  98             /* No need to care about token on logout */
  99             $pma_token = $_SESSION['PMA_single_signon_token'];
 100         }
 101
 102         /* End single signon session */
 103         session_write_close();
 104
 105         /* Restart phpMyAdmin session */
 106         session_name($old_session);
 107         if (!empty($old_id)) {
 108             session_id($old_id);
 109         }
 110         session_start();
 111
 112         /* Set the single signon host */
 113         $GLOBALS['cfg']['Server']['host']=$single_signon_host;
 114
 115         /* Restore our token */
 116         if (!empty($pma_token)) {
 117             $_SESSION[' PMA_token '] = $pma_token;
 118         }
 119     }
 120
 121     // Returns whether we get authentication settings or not
 122     if (empty($PHP_AUTH_USER)) {
 123         return false;
 124     } else {
 125         return true;
 126     }
 127 } // end of the 'PMA_auth_check()' function
 128
 129
 130 /**
 131  * Set the user and password after last checkings if required
 132  *
 133  * @global  array     the valid servers settings
 134  * @global  integer   the id of the current server
 135  * @global  array     the current server settings
 136  * @global  string    the current username
 137  * @global  string    the current password
 138  *
 139  * @return  boolean   always true
 140  *
 141  * @access  public
 142  */
 143 function PMA_auth_set_user()
 144 {
 145     global $cfg;
 146     global $PHP_AUTH_USER, $PHP_AUTH_PW;
 147
 148     $cfg['Server']['user']     = $PHP_AUTH_USER;
 149     $cfg['Server']['password'] = $PHP_AUTH_PW;
 150
 151     return true;
 152 } // end of the 'PMA_auth_set_user()' function
 153
 154
 155 /**
 156  * User is not allowed to login to MySQL -> authentication failed
 157  *
 158  * @return  boolean   always true (no return indeed)
 159  *
 160  * @access  public
 161  */
 162 function PMA_auth_fails()
 163 {
 164     $error = PMA_DBI_getError();
 165     if ($error && $GLOBALS['errno'] != 1045) {
 166         PMA_fatalError($error);
 167     } else {
 168         PMA_auth();
 169         return true;
 170     }
 171
 172 } // end of the 'PMA_auth_fails()' function
 173
 174 ?>