search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix for the Open in New Window in Patient/Client->Patients search gui, take 2.
[openemr.git] / phpmyadmin / libraries / auth / http.auth.lib.php
blob8499a827c9d242d466a787f1621bd6a185f3dec9
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Set of functions used to run http authentication.
5 * NOTE: Requires PHP loaded as a Apache module.
6 *
7 * @version $Id$
8 */
9
10
11 /**
12 * Displays authentication form
13 *
14 * @global string the font face to use in case of failure
15 * @global string the default font size to use in case of failure
16 * @global string the big font size to use in case of failure
17 *
18 * @return boolean always true (no return indeed)
19 *
20 * @access public
21 */
22 function PMA_auth() {
23
24 /* Perform logout to custom URL */
25 if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
26 PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
27 exit;
28 }
29
30 if (empty($GLOBALS['cfg']['Server']['verbose'])) {
31 $server_message = $GLOBALS['cfg']['Server']['host'];
32 } else {
33 $server_message = $GLOBALS['cfg']['Server']['verbose'];
34 }
35 // remove non US-ASCII to respect RFC2616
36 $server_message = preg_replace('/[^\x20-\x7e]/i', '', $server_message);
37 header('WWW-Authenticate: Basic realm="phpMyAdmin ' . $server_message . '"');
38 header('HTTP/1.0 401 Unauthorized');
39 if (php_sapi_name() !== 'cgi-fcgi') {
40 header('status: 401 Unauthorized');
41 }
42
43 // Defines the charset to be used
44 header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
45 /* HTML header */
46 $page_title = $GLOBALS['strAccessDenied'];
47 require './libraries/header_meta_style.inc.php';
48 ?>
49 </head>
50 <body>
51 <?php if (file_exists('./config.header.inc.php')) {
52 require './config.header.inc.php';
53 }
54 ?>
55
56 <br /><br />
57 <center>
58 <h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?></h1>
59 </center>
60 <br />
61 <div class="warning"><?php echo $GLOBALS['strWrongUser']; ?></div>
62
63 <?php if (file_exists('./config.footer.inc.php')) {
64 require './config.footer.inc.php';
65 }
66 ?>
67
68 </body>
69 </html>
70 <?php
71 exit();
72 } // end of the 'PMA_auth()' function
73
74
75 /**
76 * Gets advanced authentication settings
77 *
78 * @global string the username if register_globals is on
79 * @global string the password if register_globals is on
80 * @global array the array of server variables if register_globals is
81 * off
82 * @global array the array of environment variables if register_globals
83 * is off
84 * @global string the username for the ? server
85 * @global string the password for the ? server
86 * @global string the username for the WebSite Professional server
87 * @global string the password for the WebSite Professional server
88 * @global string the username of the user who logs out
89 *
90 * @return boolean whether we get authentication settings or not
91 *
92 * @access public
93 */
94 function PMA_auth_check()
95 {
96 global $PHP_AUTH_USER, $PHP_AUTH_PW;
97 global $old_usr;
98
99 // Grabs the $PHP_AUTH_USER variable whatever are the values of the
100 // 'register_globals' and the 'variables_order' directives
101 // loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
102 if (empty($PHP_AUTH_USER)) {
103 if (PMA_getenv('PHP_AUTH_USER')) {
104 $PHP_AUTH_USER = PMA_getenv('PHP_AUTH_USER');
105 } elseif (PMA_getenv('REMOTE_USER')) {
106 // CGI, might be encoded, see below
107 $PHP_AUTH_USER = PMA_getenv('REMOTE_USER');
108 } elseif (PMA_getenv('REDIRECT_REMOTE_USER')) {
109 // CGI, might be encoded, see below
110 $PHP_AUTH_USER = PMA_getenv('REDIRECT_REMOTE_USER');
111 } elseif (PMA_getenv('AUTH_USER')) {
112 // WebSite Professional
113 $PHP_AUTH_USER = PMA_getenv('AUTH_USER');
114 } elseif (PMA_getenv('HTTP_AUTHORIZATION')) {
115 // IIS, might be encoded, see below
116 $PHP_AUTH_USER = PMA_getenv('HTTP_AUTHORIZATION');
117 } elseif (PMA_getenv('Authorization')) {
118 // FastCGI, might be encoded, see below
119 $PHP_AUTH_USER = PMA_getenv('Authorization');
120 }
121 }
122 // Grabs the $PHP_AUTH_PW variable whatever are the values of the
123 // 'register_globals' and the 'variables_order' directives
124 // loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
125 if (empty($PHP_AUTH_PW)) {
126 if (PMA_getenv('PHP_AUTH_PW')) {
127 $PHP_AUTH_PW = PMA_getenv('PHP_AUTH_PW');
128 } elseif (PMA_getenv('REMOTE_PASSWORD')) {
129 // Apache/CGI
130 $PHP_AUTH_PW = PMA_getenv('REMOTE_PASSWORD');
131 } elseif (PMA_getenv('AUTH_PASSWORD')) {
132 // WebSite Professional
133 $PHP_AUTH_PW = PMA_getenv('AUTH_PASSWORD');
134 }
135 }
136
137 // Decode possibly encoded information (used by IIS/CGI/FastCGI)
138 // (do not use explode() because a user might have a colon in his password
139 if (strcmp(substr($PHP_AUTH_USER, 0, 6), 'Basic ') == 0) {
140 $usr_pass = base64_decode(substr($PHP_AUTH_USER, 6));
141 if (! empty($usr_pass)) {
142 $colon = strpos($usr_pass, ':');
143 if ($colon) {
144 $PHP_AUTH_USER = substr($usr_pass, 0, $colon);
145 $PHP_AUTH_PW = substr($usr_pass, $colon + 1);
146 }
147 unset($colon);
148 }
149 unset($usr_pass);
150 }
151
152 // User logged out -> ensure the new username is not the same
153 if (!empty($old_usr)
154 && (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER)) {
155 $PHP_AUTH_USER = '';
156 // -> delete user's choices that were stored in session
157 session_destroy();
158 }
159
160 // Returns whether we get authentication settings or not
161 if (empty($PHP_AUTH_USER)) {
162 return false;
163 } else {
164 return true;
165 }
166 } // end of the 'PMA_auth_check()' function
167
168
169 /**
170 * Set the user and password after last checkings if required
171 *
172 * @global array the valid servers settings
173 * @global integer the id of the current server
174 * @global array the current server settings
175 * @global string the current username
176 * @global string the current password
177 *
178 * @return boolean always true
179 *
180 * @access public
181 */
182 function PMA_auth_set_user()
183 {
184 global $cfg, $server;
185 global $PHP_AUTH_USER, $PHP_AUTH_PW;
186
187 // Ensures valid authentication mode, 'only_db', bookmark database and
188 // table names and relation table name are used
189 if ($cfg['Server']['user'] != $PHP_AUTH_USER) {
190 $servers_cnt = count($cfg['Servers']);
191 for ($i = 1; $i <= $servers_cnt; $i++) {
192 if (isset($cfg['Servers'][$i])
193 && ($cfg['Servers'][$i]['host'] == $cfg['Server']['host'] && $cfg['Servers'][$i]['user'] == $PHP_AUTH_USER)) {
194 $server = $i;
195 $cfg['Server'] = $cfg['Servers'][$i];
196 break;
197 }
198 } // end for
199 } // end if
200
201 $cfg['Server']['user'] = $PHP_AUTH_USER;
202 $cfg['Server']['password'] = $PHP_AUTH_PW;
203
204 return true;
205 } // end of the 'PMA_auth_set_user()' function
206
207
208 /**
209 * User is not allowed to login to MySQL -> authentication failed
210 *
211 * @return boolean always true (no return indeed)
212 *
213 * @access public
214 */
215 function PMA_auth_fails()
216 {
217 $error = PMA_DBI_getError();
218 if ($error && $GLOBALS['errno'] != 1045) {
219 PMA_fatalError($error);
220 } else {
221 PMA_auth();
222 return true;
223 }
224
225 } // end of the 'PMA_auth_fails()' function
226
227 ?>
Mirror of official OpenEMR Sourceforge repository