search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
patch #1863739 [auth] cache control missing (PHP-CGI), thanks to stmfd
[phpmyadmin/crack.git] / libraries / auth / cookie.auth.lib.php
blob70484d27841c1bc5db4769da7c8e29a00db530d4
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Set of functions used to run cookie based authentication.
5 * Thanks to Piotr Roszatycki <d3xter at users.sourceforge.net> and
6 * Dan Wilson who built this patch for the Debian package.
7 *
8 * @package phpMyAdmin-Auth-Cookie
9 * @version $Id$
10 */
11
12 if (! defined('PHPMYADMIN')) {
13 exit;
14 }
15
16 /**
17 * Swekey authentication functions.
18 */
19 require './libraries/auth/swekey/swekey.auth.lib.php';
20
21 if (function_exists('mcrypt_encrypt')) {
22 /**
23 * Uses faster mcrypt library if available
24 * (as this is not called from anywhere else, put the code in-line
25 * for faster execution)
26 */
27
28 /**
29 * Initialization
30 * Store the initialization vector because it will be needed for
31 * further decryption. I don't think necessary to have one iv
32 * per server so I don't put the server number in the cookie name.
33 */
34 if (empty($_COOKIE['pma_mcrypt_iv'])
35 || false === ($iv = base64_decode($_COOKIE['pma_mcrypt_iv'], true))) {
36 srand((double) microtime() * 1000000);
37 $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC), MCRYPT_RAND);
38 PMA_setCookie('pma_mcrypt_iv', base64_encode($iv));
39 }
40
41 /**
42 * Encryption using blowfish algorithm (mcrypt)
43 *
44 * @param string original data
45 * @param string the secret
46 *
47 * @return string the encrypted result
48 *
49 * @access public
50 *
51 * @author lem9
52 */
53 function PMA_blowfish_encrypt($data, $secret)
54 {
55 global $iv;
56 return base64_encode(mcrypt_encrypt(MCRYPT_BLOWFISH, $secret, $data, MCRYPT_MODE_CBC, $iv));
57 }
58
59 /**
60 * Decryption using blowfish algorithm (mcrypt)
61 *
62 * @param string encrypted data
63 * @param string the secret
64 *
65 * @return string original data
66 *
67 * @access public
68 *
69 * @author lem9
70 */
71 function PMA_blowfish_decrypt($encdata, $secret)
72 {
73 global $iv;
74 return trim(mcrypt_decrypt(MCRYPT_BLOWFISH, $secret, base64_decode($encdata), MCRYPT_MODE_CBC, $iv));
75 }
76
77 } else {
78 require_once './libraries/blowfish.php';
79 if (!$GLOBALS['cfg']['McryptDisableWarning']) {
80 trigger_error(PMA_sanitize(sprintf($strCantLoad, 'mcrypt')), E_USER_WARNING);
81 }
82 }
83
84 /**
85 * Returns blowfish secret or generates one if needed.
86 * @uses $cfg['blowfish_secret']
87 * @uses $_SESSION['auto_blowfish_secret']
88 *
89 * @access public
90 */
91 function PMA_get_blowfish_secret() {
92 if (empty($GLOBALS['cfg']['blowfish_secret'])) {
93 if (empty($_SESSION['auto_blowfish_secret'])) {
94 $_SESSION['auto_blowfish_secret'] = uniqid('', true);
95 }
96 return $_SESSION['auto_blowfish_secret'];
97 } else {
98 return $GLOBALS['cfg']['blowfish_secret'];
99 }
100 }
101
102 /**
103 * Displays authentication form
104 *
105 * this function MUST exit/quit the application
106 *
107 * @uses $GLOBALS['server']
108 * @uses $GLOBALS['PHP_AUTH_USER']
109 * @uses $GLOBALS['pma_auth_server']
110 * @uses $GLOBALS['text_dir']
111 * @uses $GLOBALS['pmaThemeImage']
112 * @uses $GLOBALS['charset']
113 * @uses $GLOBALS['target']
114 * @uses $GLOBALS['db']
115 * @uses $GLOBALS['table']
116 * @uses $GLOBALS['strWelcome']
117 * @uses $GLOBALS['strSecretRequired']
118 * @uses $GLOBALS['strError']
119 * @uses $GLOBALS['strLogin']
120 * @uses $GLOBALS['strLogServer']
121 * @uses $GLOBALS['strLogUsername']
122 * @uses $GLOBALS['strLogPassword']
123 * @uses $GLOBALS['strServerChoice']
124 * @uses $GLOBALS['strGo']
125 * @uses $GLOBALS['strCookiesRequired']
126 * @uses $GLOBALS['strPmaDocumentation']
127 * @uses $GLOBALS['pmaThemeImage']
128 * @uses $cfg['Servers']
129 * @uses $cfg['LoginCookieRecall']
130 * @uses $cfg['Lang']
131 * @uses $cfg['Server']
132 * @uses $cfg['ReplaceHelpImg']
133 * @uses $cfg['blowfish_secret']
134 * @uses $cfg['AllowArbitraryServer']
135 * @uses $_COOKIE
136 * @uses $_REQUEST['old_usr']
137 * @uses PMA_sendHeaderLocation()
138 * @uses PMA_select_language()
139 * @uses PMA_select_server()
140 * @uses file_exists()
141 * @uses sprintf()
142 * @uses count()
143 * @uses htmlspecialchars()
144 * @uses is_array()
145 * @global string the last connection error
146 *
147 * @access public
148 */
149 function PMA_auth()
150 {
151 global $conn_error;
152
153 /* Perform logout to custom URL */
154 if (! empty($_REQUEST['old_usr'])
155 && ! empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
156 PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
157 exit;
158 }
159
160 /* No recall if blowfish secret is not configured as it would produce garbage */
161 if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
162 $default_user = $GLOBALS['PHP_AUTH_USER'];
163 $default_server = $GLOBALS['pma_auth_server'];
164 $autocomplete = '';
165 } else {
166 $default_user = '';
167 $default_server = '';
168 // skip the IE autocomplete feature.
169 $autocomplete = ' autocomplete="off"';
170 }
171
172 $cell_align = ($GLOBALS['text_dir'] == 'ltr') ? 'left' : 'right';
173
174 // Defines the charset to be used
175 header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
176 // Defines the "item" image depending on text direction
177 $item_img = $GLOBALS['pmaThemeImage'] . 'item_' . $GLOBALS['text_dir'] . '.png';
178
179 /* HTML header; do not show here the PMA version to improve security */
180 $page_title = 'phpMyAdmin ';
181 require './libraries/header_meta_style.inc.php';
182 ?>
183 <script type="text/javascript">
184 //<![CDATA[
185 // show login form in top frame
186 if (top != self) {
187 window.top.location.href=location;
188 }
189 //]]>
190 </script>
191 </head>
192
193 <body class="loginform">
194
195 <?php
196 if (file_exists('./config.header.inc.php')) {
197 require './config.header.inc.php';
198 }
199 ?>
200
201 <div class="container">
202 <a href="http://www.phpmyadmin.net" target="_blank" class="logo"><?php
203 $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
204 if (@file_exists($logo_image)) {
205 echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
206 } else {
207 echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" '
208 . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
209 }
210 ?></a>
211 <h1>
212 <?php
213 echo sprintf($GLOBALS['strWelcome'],
214 '<bdo dir="ltr" xml:lang="en">' . $page_title . '</bdo>');
215 ?>
216 </h1>
217 <?php
218
219 // Show error message
220 if (! empty($conn_error)) {
221 PMA_Message::rawError($conn_error)->display();
222 }
223
224 // Displays the languages form
225 if (empty($GLOBALS['cfg']['Lang'])) {
226 require_once './libraries/display_select_lang.lib.php';
227 // use fieldset, don't show doc link
228 PMA_select_language(true, false);
229 }
230
231 ?>
232 <br />
233 <!-- Login form -->
234 <form method="post" action="index.php" name="login_form"<?php echo $autocomplete; ?> target="_top" class="login">
235 <fieldset>
236 <legend>
237 <?php
238 echo $GLOBALS['strLogin'];
239 echo '<a href="./Documentation.html" target="documentation" ' .
240 'title="' . $GLOBALS['strPmaDocumentation'] . '">';
241 if ($GLOBALS['cfg']['ReplaceHelpImg']) {
242 echo '<img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_help.png" width="11" height="11" alt="' . $GLOBALS['strPmaDocumentation'] . '" />';
243 } else {
244 echo '(*)';
245 }
246 echo '</a>';
247 ?>
248 </legend>
249
250 <?php if ($GLOBALS['cfg']['AllowArbitraryServer']) { ?>
251 <div class="item">
252 <label for="input_servername" title="<?php echo $GLOBALS['strLogServerHelp']; ?>"><?php echo $GLOBALS['strLogServer']; ?></label>
253 <input type="text" name="pma_servername" id="input_servername" value="<?php echo htmlspecialchars($default_server); ?>" size="24" class="textfield" title="<?php echo $GLOBALS['strLogServerHelp']; ?>" />
254 </div>
255 <?php } ?>
256 <div class="item">
257 <label for="input_username"><?php echo $GLOBALS['strLogUsername']; ?></label>
258 <input type="text" name="pma_username" id="input_username" value="<?php echo htmlspecialchars($default_user); ?>" size="24" class="textfield"/>
259 </div>
260 <div class="item">
261 <label for="input_password"><?php echo $GLOBALS['strLogPassword']; ?></label>
262 <input type="password" name="pma_password" id="input_password" value="" size="24" class="textfield" />
263 </div>
264 <?php
265 if (count($GLOBALS['cfg']['Servers']) > 1) {
266 ?>
267 <div class="item">
268 <label for="select_server"><?php echo $GLOBALS['strServerChoice']; ?>:</label>
269 <select name="server" id="select_server"
270 <?php
271 if ($GLOBALS['cfg']['AllowArbitraryServer']) {
272 echo ' onchange="document.forms[\'login_form\'].elements[\'pma_servername\'].value = \'\'" ';
273 }
274 echo '>';
275
276 require_once './libraries/select_server.lib.php';
277 PMA_select_server(false, false);
278
279 echo '</select></div>';
280 } else {
281 echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
282 } // end if (server choice)
283 ?>
284 </fieldset>
285 <fieldset class="tblFooters">
286 <input value="<?php echo $GLOBALS['strGo']; ?>" type="submit" id="input_go" />
287 <?php
288 $_form_params = array();
289 if (! empty($GLOBALS['target'])) {
290 $_form_params['target'] = $GLOBALS['target'];
291 }
292 if (! empty($GLOBALS['db'])) {
293 $_form_params['db'] = $GLOBALS['db'];
294 }
295 if (! empty($GLOBALS['table'])) {
296 $_form_params['table'] = $GLOBALS['table'];
297 }
298 // do not generate a "server" hidden field as we want the "server"
299 // drop-down to have priority
300 echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server');
301 ?>
302 </fieldset>
303 </form>
304
305 <?php
306
307 // BEGIN Swekey Integration
308 Swekey_login('input_username', 'input_go');
309 // END Swekey Integration
310
311 // show the "Cookies required" message only if cookies are disabled
312 // (we previously tried to set some cookies)
313 if (empty($_COOKIE)) {
314 trigger_error($GLOBALS['strCookiesRequired'], E_USER_NOTICE);
315 }
316 if ($GLOBALS['error_handler']->hasDisplayErrors()) {
317 echo '<div>';
318 $GLOBALS['error_handler']->dispErrors();
319 echo '</div>';
320 }
321 ?>
322 </div>
323 <script type="text/javascript">
324 // <![CDATA[
325 function PMA_focusInput()
326 {
327 var input_username = document.getElementById('input_username');
328 var input_password = document.getElementById('input_password');
329 if (input_username.value == '') {
330 input_username.focus();
331 } else {
332 input_password.focus();
333 }
334 }
335
336 window.setTimeout('PMA_focusInput()', 500);
337 // ]]>
338 </script>
339 <?php
340 if (file_exists('./config.footer.inc.php')) {
341 require './config.footer.inc.php';
342 }
343 ?>
344 </body>
345 </html>
346 <?php
347 exit;
348 } // end of the 'PMA_auth()' function
349
350
351
352 /**
353 * Gets advanced authentication settings
354 *
355 * this function DOES NOT check authentication - it just checks/provides
356 * authentication credentials required to connect to the MySQL server
357 * usually with PMA_DBI_connect()
358 *
359 * it returns false if something is missing - which usually leads to
360 * PMA_auth() which displays login form
361 *
362 * it returns true if all seems ok which usually leads to PMA_auth_set_user()
363 *
364 * it directly switches to PMA_auth_fails() if user inactivity timout is reached
365 *
366 * @todo AllowArbitraryServer on does not imply that the user wants an
367 * arbitrary server, or? so we should also check if this is filled and
368 * not only if allowed
369 * @uses $GLOBALS['PHP_AUTH_USER']
370 * @uses $GLOBALS['PHP_AUTH_PW']
371 * @uses $GLOBALS['no_activity']
372 * @uses $GLOBALS['server']
373 * @uses $GLOBALS['from_cookie']
374 * @uses $GLOBALS['pma_auth_server']
375 * @uses $cfg['AllowArbitraryServer']
376 * @uses $cfg['LoginCookieValidity']
377 * @uses $cfg['Servers']
378 * @uses $_REQUEST['old_usr'] from logout link
379 * @uses $_REQUEST['pma_username'] from login form
380 * @uses $_REQUEST['pma_password'] from login form
381 * @uses $_REQUEST['pma_servername'] from login form
382 * @uses $_COOKIE
383 * @uses $_SESSION['last_access_time']
384 * @uses PMA_removeCookie()
385 * @uses PMA_blowfish_decrypt()
386 * @uses PMA_auth_fails()
387 * @uses time()
388 *
389 * @return boolean whether we get authentication settings or not
390 *
391 * @access public
392 */
393 function PMA_auth_check()
394 {
395 // Initialization
396 /**
397 * @global $GLOBALS['pma_auth_server'] the user provided server to connect to
398 */
399 $GLOBALS['pma_auth_server'] = '';
400
401 $GLOBALS['PHP_AUTH_USER'] = $GLOBALS['PHP_AUTH_PW'] = '';
402 $GLOBALS['from_cookie'] = false;
403
404 // BEGIN Swekey Integration
405 if (! Swekey_auth_check()) {
406 return false;
407 }
408 // END Swekey Integration
409
410 if (defined('PMA_CLEAR_COOKIES')) {
411 foreach($GLOBALS['cfg']['Servers'] as $key => $val) {
412 PMA_removeCookie('pmaPass-' . $key);
413 PMA_removeCookie('pmaServer-' . $key);
414 PMA_removeCookie('pmaUser-' . $key);
415 }
416 return false;
417 }
418
419 if (! empty($_REQUEST['old_usr'])) {
420 // The user wants to be logged out
421 // -> delete his choices that were stored in session
422
423 // according to the PHP manual we should do this before the destroy:
424 //$_SESSION = array();
425 // but we still need some parts of the session information
426 // in libraries/header_meta_style.inc.php
427
428 session_destroy();
429 // -> delete password cookie(s)
430 if ($GLOBALS['cfg']['LoginCookieDeleteAll']) {
431 foreach($GLOBALS['cfg']['Servers'] as $key => $val) {
432 PMA_removeCookie('pmaPass-' . $key);
433 if (isset($_COOKIE['pmaPass-' . $key])) {
434 unset($_COOKIE['pmaPass-' . $key]);
435 }
436 }
437 } else {
438 PMA_removeCookie('pmaPass-' . $GLOBALS['server']);
439 if (isset($_COOKIE['pmaPass-' . $GLOBALS['server']])) {
440 unset($_COOKIE['pmaPass-' . $GLOBALS['server']]);
441 }
442 }
443 }
444
445 if (! empty($_REQUEST['pma_username'])) {
446 // The user just logged in
447 $GLOBALS['PHP_AUTH_USER'] = $_REQUEST['pma_username'];
448 $GLOBALS['PHP_AUTH_PW'] = empty($_REQUEST['pma_password']) ? '' : $_REQUEST['pma_password'];
449 if ($GLOBALS['cfg']['AllowArbitraryServer'] && isset($_REQUEST['pma_servername'])) {
450 $GLOBALS['pma_auth_server'] = $_REQUEST['pma_servername'];
451 }
452 return true;
453 }
454
455 // At the end, try to set the $GLOBALS['PHP_AUTH_USER']
456 // and $GLOBALS['PHP_AUTH_PW'] variables from cookies
457
458 // servername
459 if ($GLOBALS['cfg']['AllowArbitraryServer']
460 && ! empty($_COOKIE['pmaServer-' . $GLOBALS['server']])) {
461 $GLOBALS['pma_auth_server'] = $_COOKIE['pmaServer-' . $GLOBALS['server']];
462 }
463
464 // username
465 if (empty($_COOKIE['pmaUser-' . $GLOBALS['server']])) {
466 return false;
467 }
468
469 $GLOBALS['PHP_AUTH_USER'] = PMA_blowfish_decrypt(
470 $_COOKIE['pmaUser-' . $GLOBALS['server']],
471 PMA_get_blowfish_secret());
472
473 // user was never logged in since session start
474 if (empty($_SESSION['last_access_time'])) {
475 return false;
476 }
477
478 // User inactive too long
479 if ($_SESSION['last_access_time'] < time() - $GLOBALS['cfg']['LoginCookieValidity']) {
480 PMA_cacheUnset('is_create_db_priv', true);
481 PMA_cacheUnset('is_process_priv', true);
482 PMA_cacheUnset('is_reload_priv', true);
483 PMA_cacheUnset('db_to_create', true);
484 PMA_cacheUnset('dbs_where_create_table_allowed', true);
485 $GLOBALS['no_activity'] = true;
486 PMA_auth_fails();
487 exit;
488 }
489
490 // password
491 if (empty($_COOKIE['pmaPass-' . $GLOBALS['server']])) {
492 return false;
493 }
494
495 $GLOBALS['PHP_AUTH_PW'] = PMA_blowfish_decrypt(
496 $_COOKIE['pmaPass-' . $GLOBALS['server']],
497 PMA_get_blowfish_secret());
498
499 if ($GLOBALS['PHP_AUTH_PW'] == "\xff(blank)") {
500 $GLOBALS['PHP_AUTH_PW'] = '';
501 }
502
503 $GLOBALS['from_cookie'] = true;
504
505 return true;
506 } // end of the 'PMA_auth_check()' function
507
508
509 /**
510 * Set the user and password after last checkings if required
511 *
512 * @uses $GLOBALS['PHP_AUTH_USER']
513 * @uses $GLOBALS['PHP_AUTH_PW']
514 * @uses $GLOBALS['server']
515 * @uses $GLOBALS['from_cookie']
516 * @uses $GLOBALS['pma_auth_server']
517 * @uses $cfg['Server']
518 * @uses $cfg['AllowArbitraryServer']
519 * @uses $cfg['LoginCookieStore']
520 * @uses $cfg['PmaAbsoluteUri']
521 * @uses $_SESSION['last_access_time']
522 * @uses PMA_COMING_FROM_COOKIE_LOGIN
523 * @uses PMA_setCookie()
524 * @uses PMA_blowfish_encrypt()
525 * @uses PMA_removeCookie()
526 * @uses PMA_sendHeaderLocation()
527 * @uses time()
528 * @uses define()
529 * @return boolean always true
530 *
531 * @access public
532 */
533 function PMA_auth_set_user()
534 {
535 global $cfg;
536
537 // Ensures valid authentication mode, 'only_db', bookmark database and
538 // table names and relation table name are used
539 if ($cfg['Server']['user'] != $GLOBALS['PHP_AUTH_USER']) {
540 foreach ($cfg['Servers'] as $idx => $current) {
541 if ($current['host'] == $cfg['Server']['host']
542 && $current['port'] == $cfg['Server']['port']
543 && $current['socket'] == $cfg['Server']['socket']
544 && $current['ssl'] == $cfg['Server']['ssl']
545 && $current['connect_type'] == $cfg['Server']['connect_type']
546 && $current['user'] == $GLOBALS['PHP_AUTH_USER']) {
547 $GLOBALS['server'] = $idx;
548 $cfg['Server'] = $current;
549 break;
550 }
551 } // end foreach
552 } // end if
553
554 if ($GLOBALS['cfg']['AllowArbitraryServer']
555 && ! empty($GLOBALS['pma_auth_server'])) {
556 /* Allow to specify 'host port' */
557 $parts = explode(' ', $GLOBALS['pma_auth_server']);
558 if (count($parts) == 2) {
559 $tmp_host = $parts[0];
560 $tmp_port = $parts[1];
561 } else {
562 $tmp_host = $GLOBALS['pma_auth_server'];
563 $tmp_port = '';
564 }
565 if ($cfg['Server']['host'] != $GLOBALS['pma_auth_server']) {
566 $cfg['Server']['host'] = $tmp_host;
567 if (!empty($tmp_port)) {
568 $cfg['Server']['port'] = $tmp_port;
569 }
570 }
571 unset($tmp_host, $tmp_port, $parts);
572 }
573 $cfg['Server']['user'] = $GLOBALS['PHP_AUTH_USER'];
574 $cfg['Server']['password'] = $GLOBALS['PHP_AUTH_PW'];
575
576 $_SESSION['last_access_time'] = time();
577
578 // Name and password cookies need to be refreshed each time
579 // Duration = one month for username
580 PMA_setCookie('pmaUser-' . $GLOBALS['server'],
581 PMA_blowfish_encrypt($cfg['Server']['user'],
582 PMA_get_blowfish_secret()));
583
584 // Duration = as configured
585 PMA_setCookie('pmaPass-' . $GLOBALS['server'],
586 PMA_blowfish_encrypt(!empty($cfg['Server']['password']) ? $cfg['Server']['password'] : "\xff(blank)",
587 PMA_get_blowfish_secret()),
588 null,
589 $GLOBALS['cfg']['LoginCookieStore']);
590
591 // Set server cookies if required (once per session) and, in this case, force
592 // reload to ensure the client accepts cookies
593 if (! $GLOBALS['from_cookie']) {
594 if ($GLOBALS['cfg']['AllowArbitraryServer']) {
595 if (! empty($GLOBALS['pma_auth_server'])) {
596 // Duration = one month for servername
597 PMA_setCookie('pmaServer-' . $GLOBALS['server'], $cfg['Server']['host']);
598 } else {
599 // Delete servername cookie
600 PMA_removeCookie('pmaServer-' . $GLOBALS['server']);
601 }
602 }
603
604 // URL where to go:
605 $redirect_url = $cfg['PmaAbsoluteUri'] . 'index.php';
606
607 // any parameters to pass?
608 $url_params = array();
609 if (strlen($GLOBALS['db'])) {
610 $url_params['db'] = $GLOBALS['db'];
611 }
612 if (strlen($GLOBALS['table'])) {
613 $url_params['table'] = $GLOBALS['table'];
614 }
615 // any target to pass?
616 if (! empty($GLOBALS['target']) && $GLOBALS['target'] != 'index.php') {
617 $url_params['target'] = $GLOBALS['target'];
618 }
619
620 /**
621 * whether we come from a fresh cookie login
622 */
623 define('PMA_COMING_FROM_COOKIE_LOGIN', true);
624 PMA_sendHeaderLocation($redirect_url . PMA_generate_common_url($url_params, '&'));
625 exit();
626 } // end if
627
628 return true;
629 } // end of the 'PMA_auth_set_user()' function
630
631
632 /**
633 * User is not allowed to login to MySQL -> authentication failed
634 *
635 * prepares error message and switches to PMA_auth() which display the error
636 * and the login form
637 *
638 * this function MUST exit/quit the application,
639 * currently doen by call to PMA_auth()
640 *
641 * @todo $php_errormsg is invalid here!? it will never be set in this scope
642 * @uses $GLOBALS['server']
643 * @uses $GLOBALS['allowDeny_forbidden']
644 * @uses $GLOBALS['strAccessDenied']
645 * @uses $GLOBALS['strNoActivity']
646 * @uses $GLOBALS['strCannotLogin']
647 * @uses $GLOBALS['no_activity']
648 * @uses $cfg['LoginCookieValidity']
649 * @uses PMA_removeCookie()
650 * @uses PMA_getenv()
651 * @uses PMA_DBI_getError()
652 * @uses PMA_sanitize()
653 * @uses PMA_auth()
654 * @uses sprintf()
655 * @uses basename()
656 * @access public
657 */
658 function PMA_auth_fails()
659 {
660 global $conn_error;
661
662 // Deletes password cookie and displays the login form
663 PMA_removeCookie('pmaPass-' . $GLOBALS['server']);
664
665 if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
666 $conn_error = $GLOBALS['strLoginWithoutPassword'];
667 } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
668 $conn_error = $GLOBALS['strAccessDenied'];
669 } elseif (! empty($GLOBALS['no_activity'])) {
670 $conn_error = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
671 // Remember where we got timeout to return on same place
672 if (PMA_getenv('SCRIPT_NAME')) {
673 $GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
674 // avoid "missing parameter: field" on re-entry
675 if ('tbl_alter.php' == $GLOBALS['target']) {
676 $GLOBALS['target'] = 'tbl_structure.php';
677 }
678 }
679 } elseif (PMA_DBI_getError()) {
680 $conn_error = PMA_sanitize(PMA_DBI_getError());
681 } elseif (isset($php_errormsg)) {
682 $conn_error = $php_errormsg;
683 } else {
684 $conn_error = $GLOBALS['strCannotLogin'];
685 }
686
687 // needed for PHP-CGI (not need for FastCGI or mod-php)
688 header('Cache-Control: no-store, no-cache, must-revalidate');
689 header('Pragma: no-cache');
690
691 PMA_auth();
692 } // end of the 'PMA_auth_fails()' function
693
694 ?>
Drizzle / GSOC 2011