diff options
| -rw-r--r-- | libraries/common.inc.php | 19 | ||||
| -rw-r--r-- | libraries/dbi/drizzle.dbi.lib.php | 3 | ||||
| -rw-r--r-- | libraries/dbi/mysql.dbi.lib.php | 3 | ||||
| -rw-r--r-- | libraries/dbi/mysqli.dbi.lib.php | 3 | ||||
| -rw-r--r-- | libraries/plugins/auth/AuthenticationHttp.class.php (renamed from libraries/plugins/auth/AuthenticationHTTP.class.php) | 2 | ||||
| -rw-r--r-- | libraries/plugins/auth/AuthenticationSignon.class.php (renamed from libraries/plugins/auth/AuthenticationSignOn.class.php) | 2 | ||||
| -rw-r--r-- | user_password.php | 27 |
7 files changed, 41 insertions, 18 deletions
diff --git a/libraries/common.inc.php b/libraries/common.inc.php index e0eb6e786c..dd79390e26 100644 --- a/libraries/common.inc.php +++ b/libraries/common.inc.php @@ -847,13 +847,18 @@ if (! defined('PMA_MINIMUM_COMMON')) { /** * the required auth type plugin */ - include_once './libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php'; - if (! PMA_auth_check()) { + $auth_class = "Authentication" + . strtoupper(substr($cfg['Server']['auth_type'], 0, 1)) + . strtolower(substr($cfg['Server']['auth_type'], 1)); + include_once './libraries/plugins/auth/' . $auth_class . '.class.php'; + $auth_plugin = new $auth_class; + + if (! $auth_plugin->authCheck()) { /* Force generating of new session on login */ PMA_secureSession(); - PMA_auth(); + $auth_plugin->auth(); } else { - PMA_auth_set_user(); + $auth_plugin->authSetUser(); } // Check IP-based Allow/Deny rules as soon as possible to reject the @@ -897,7 +902,7 @@ if (! defined('PMA_MINIMUM_COMMON')) { // Ejects the user if banished if ($allowDeny_forbidden) { PMA_log_user($cfg['Server']['user'], 'allow-denied'); - PMA_auth_fails(); + $auth_plugin->authFails(); } } // end if @@ -905,14 +910,14 @@ if (! defined('PMA_MINIMUM_COMMON')) { if (!$cfg['Server']['AllowRoot'] && $cfg['Server']['user'] == 'root') { $allowDeny_forbidden = true; PMA_log_user($cfg['Server']['user'], 'root-denied'); - PMA_auth_fails(); + $auth_plugin->authFails(); } // is a login without password allowed? if (!$cfg['Server']['AllowNoPassword'] && $cfg['Server']['password'] == '') { $login_without_password_is_forbidden = true; PMA_log_user($cfg['Server']['user'], 'empty-denied'); - PMA_auth_fails(); + $auth_plugin->authFails(); } // if using TCP socket is not needed diff --git a/libraries/dbi/drizzle.dbi.lib.php b/libraries/dbi/drizzle.dbi.lib.php index 817b7b057a..d0493d1cb5 100644 --- a/libraries/dbi/drizzle.dbi.lib.php +++ b/libraries/dbi/drizzle.dbi.lib.php @@ -122,7 +122,8 @@ function PMA_DBI_connect($user, $password, $is_controluser = false, $server = nu // go back to main login if it fails if (! $auxiliary_connection) { PMA_log_user($user, 'drizzle-denied'); - PMA_auth_fails(); + global $auth_plugin; + $auth_plugin->authFails(); } else { return false; } diff --git a/libraries/dbi/mysql.dbi.lib.php b/libraries/dbi/mysql.dbi.lib.php index 19c7f415da..0e4a5587a1 100644 --- a/libraries/dbi/mysql.dbi.lib.php +++ b/libraries/dbi/mysql.dbi.lib.php @@ -125,7 +125,8 @@ function PMA_DBI_connect($user, $password, $is_controluser = false, $server = nu // go back to main login if it fails if (! $auxiliary_connection) { PMA_log_user($user, 'mysql-denied'); - PMA_auth_fails(); + global $auth_plugin; + $auth_plugin->authFails(); } else { return false; } diff --git a/libraries/dbi/mysqli.dbi.lib.php b/libraries/dbi/mysqli.dbi.lib.php index 3e66f2752d..316796c36c 100644 --- a/libraries/dbi/mysqli.dbi.lib.php +++ b/libraries/dbi/mysqli.dbi.lib.php @@ -199,7 +199,8 @@ function PMA_DBI_connect($user, $password, $is_controluser = false, $server = nu // go back to main login if it fails if (! $auxiliary_connection) { PMA_log_user($user, 'mysql-denied'); - PMA_auth_fails(); + global $auth_plugin; + $auth_plugin->authFails(); } else { return false; } diff --git a/libraries/plugins/auth/AuthenticationHTTP.class.php b/libraries/plugins/auth/AuthenticationHttp.class.php index 3cfe3fe335..89eeab9a5f 100644 --- a/libraries/plugins/auth/AuthenticationHTTP.class.php +++ b/libraries/plugins/auth/AuthenticationHttp.class.php @@ -19,7 +19,7 @@ require_once "libraries/plugins/AuthenticationPlugin.class.php"; * * @package PhpMyAdmin-Authentication */ -class AuthenticationHTTP extends AuthenticationPlugin +class AuthenticationHttp extends AuthenticationPlugin { /** * Displays authentication form diff --git a/libraries/plugins/auth/AuthenticationSignOn.class.php b/libraries/plugins/auth/AuthenticationSignon.class.php index 463da00086..ba109d1850 100644 --- a/libraries/plugins/auth/AuthenticationSignOn.class.php +++ b/libraries/plugins/auth/AuthenticationSignon.class.php @@ -18,7 +18,7 @@ require_once "libraries/plugins/AuthenticationPlugin.class.php"; * * @package PhpMyAdmin-Authentication */ -class AuthenticationSignOn extends AuthenticationPlugin +class AuthenticationSignon extends AuthenticationPlugin { /** * Displays authentication form diff --git a/user_password.php b/user_password.php index 69086d7e5b..1dc9145a07 100644 --- a/user_password.php +++ b/user_password.php @@ -25,7 +25,9 @@ if (! $cfg['ShowChgPassword']) { $cfg['ShowChgPassword'] = PMA_DBI_select_db('mysql'); } if ($cfg['Server']['auth_type'] == 'config' || ! $cfg['ShowChgPassword']) { - PMA_Message::error(__('You don\'t have sufficient privileges to be here right now!'))->display(); + PMA_Message::error( + __('You don\'t have sufficient privileges to be here right now!') + )->display(); exit; } // end if @@ -164,7 +166,9 @@ function PMA_changePassHashingFunction() function PMA_ChangePassUrlParamsAndSubmitQuery($password, $_url_params, $sql_query, $hashing_function) { $err_url = 'user_password.php' . PMA_generate_common_url($_url_params); - $local_query = 'SET password = ' . (($password == '') ? '\'\'' : $hashing_function . '(\'' . PMA_sqlAddSlashes($password) . '\')'); + $local_query = 'SET password = ' . (($password == '') + ? '\'\'' + : $hashing_function . '(\'' . PMA_sqlAddSlashes($password) . '\')'); $result = @PMA_DBI_try_query($local_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, false, $err_url); } @@ -181,12 +185,22 @@ function PMA_changePassAuthType($_url_params, $password) { /** * Changes password cookie if required - * Duration = till the browser is closed for password (we don't want this to be saved) + * Duration = till the browser is closed for password + * (we don't want this to be saved) */ + + // include_once "libraries/plugins/auth/AuthenticationCookie.class.php"; + // $auth_plugin = new AuthenticationCookie(); + // the $auth_plugin is already defined in common.lib.php when this is used + global $auth_plugin; + if ($GLOBALS['cfg']['Server']['auth_type'] == 'cookie') { $GLOBALS['PMA_Config']->setCookie( 'pmaPass-' . $GLOBALS['server'], - PMA_blowfish_encrypt($password, $GLOBALS['cfg']['blowfish_secret']) + $auth_plugin->blowfishEncrypt( + $password, + $GLOBALS['cfg']['blowfish_secret'] + ) ); } /** @@ -212,8 +226,9 @@ function PMA_changePassDisplayPage($message, $sql_query, $_url_params) { echo '<h1>' . __('Change password') . '</h1>' . "\n\n"; echo PMA_getMessage($message, $sql_query, 'success'); - echo '<a href="index.php'.PMA_generate_common_url($_url_params).' target="_parent">'. "\n" - .'<strong>'.__('Back').'</strong></a>'; + echo '<a href="index.php'.PMA_generate_common_url($_url_params) + .' target="_parent">'. "\n" + .'<strong>'.__('Back').'</strong></a>'; exit; } ?> |