| 250 |
kaklik |
1 |
<?php |
|
|
2 |
/* $Id: http.auth.lib.php,v 2.14.2.1 2006/04/11 16:33:33 cybot_tm Exp $ */ |
|
|
3 |
// vim: expandtab sw=4 ts=4 sts=4: |
|
|
4 |
|
|
|
5 |
// +--------------------------------------------------------------------------+ |
|
|
6 |
// | Set of functions used to run http authentication. | |
|
|
7 |
// | NOTE: Requires PHP loaded as a Apache module. | |
|
|
8 |
// +--------------------------------------------------------------------------+ |
|
|
9 |
|
|
|
10 |
|
|
|
11 |
/** |
|
|
12 |
* Displays authentication form |
|
|
13 |
* |
|
|
14 |
* @global string the font face to use in case of failure |
|
|
15 |
* @global string the default font size to use in case of failure |
|
|
16 |
* @global string the big font size to use in case of failure |
|
|
17 |
* |
|
|
18 |
* @return boolean always true (no return indeed) |
|
|
19 |
* |
|
|
20 |
* @access public |
|
|
21 |
*/ |
|
|
22 |
function PMA_auth() { |
|
|
23 |
|
|
|
24 |
header('WWW-Authenticate: Basic realm="phpMyAdmin ' . sprintf($GLOBALS['strRunning'], (empty($GLOBALS['cfg']['Server']['verbose']) ? str_replace('\'', '\\\'', $GLOBALS['cfg']['Server']['host']) : str_replace('\'', '\\\'', $GLOBALS['cfg']['Server']['verbose']))) . '"'); |
|
|
25 |
header('HTTP/1.0 401 Unauthorized'); |
|
|
26 |
header('status: 401 Unauthorized'); |
|
|
27 |
|
|
|
28 |
// Defines the charset to be used |
|
|
29 |
header('Content-Type: text/html; charset=' . $GLOBALS['charset']); |
|
|
30 |
/* HTML header */ |
|
|
31 |
$page_title = $GLOBALS['strAccessDenied']; |
|
|
32 |
require('./libraries/header_meta_style.inc.php'); |
|
|
33 |
?> |
|
|
34 |
</head> |
|
|
35 |
<body> |
|
|
36 |
<?php require('./libraries/header_custom.inc.php'); ?> |
|
|
37 |
|
|
|
38 |
<br /><br /> |
|
|
39 |
<center> |
|
|
40 |
<h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?></h1> |
|
|
41 |
</center> |
|
|
42 |
<br /> |
|
|
43 |
<div class="warning"><?php echo $GLOBALS['strWrongUser']; ?></div> |
|
|
44 |
|
|
|
45 |
<?php require('./libraries/footer_custom.inc.php'); ?> |
|
|
46 |
|
|
|
47 |
</body> |
|
|
48 |
</html> |
|
|
49 |
<?php |
|
|
50 |
exit(); |
|
|
51 |
} // end of the 'PMA_auth()' function |
|
|
52 |
|
|
|
53 |
|
|
|
54 |
/** |
|
|
55 |
* Gets advanced authentication settings |
|
|
56 |
* |
|
|
57 |
* @global string the username if register_globals is on |
|
|
58 |
* @global string the password if register_globals is on |
|
|
59 |
* @global array the array of server variables if register_globals is |
|
|
60 |
* off |
|
|
61 |
* @global array the array of environment variables if register_globals |
|
|
62 |
* is off |
|
|
63 |
* @global string the username for the ? server |
|
|
64 |
* @global string the password for the ? server |
|
|
65 |
* @global string the username for the WebSite Professional server |
|
|
66 |
* @global string the password for the WebSite Professional server |
|
|
67 |
* @global string the username of the user who logs out |
|
|
68 |
* |
|
|
69 |
* @return boolean whether we get authentication settings or not |
|
|
70 |
* |
|
|
71 |
* @access public |
|
|
72 |
*/ |
|
|
73 |
function PMA_auth_check() |
|
|
74 |
{ |
|
|
75 |
global $PHP_AUTH_USER, $PHP_AUTH_PW; |
|
|
76 |
global $old_usr; |
|
|
77 |
|
|
|
78 |
// Grabs the $PHP_AUTH_USER variable whatever are the values of the |
|
|
79 |
// 'register_globals' and the 'variables_order' directives |
|
|
80 |
// loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+ |
|
|
81 |
if (empty($PHP_AUTH_USER)) { |
|
|
82 |
if (PMA_getenv('PHP_AUTH_USER')) { |
|
|
83 |
$PHP_AUTH_USER = PMA_getenv('PHP_AUTH_USER'); |
|
|
84 |
} elseif (PMA_getenv('REMOTE_USER')) { |
|
|
85 |
// CGI, might be encoded, see bellow |
|
|
86 |
$PHP_AUTH_USER = PMA_getenv('REMOTE_USER'); |
|
|
87 |
} elseif (PMA_getenv('AUTH_USER')) { |
|
|
88 |
// WebSite Professional |
|
|
89 |
$PHP_AUTH_USER = PMA_getenv('AUTH_USER'); |
|
|
90 |
} elseif (PMA_getenv('HTTP_AUTHORIZATION')) { |
|
|
91 |
// IIS, might be encoded, see bellow |
|
|
92 |
$PHP_AUTH_USER = PMA_getenv('HTTP_AUTHORIZATION'); |
|
|
93 |
} elseif (PMA_getenv('Authorization')) { |
|
|
94 |
// FastCGI, might be encoded, see bellow |
|
|
95 |
$PHP_AUTH_USER = PMA_getenv('Authorization'); |
|
|
96 |
} |
|
|
97 |
} |
|
|
98 |
// Grabs the $PHP_AUTH_PW variable whatever are the values of the |
|
|
99 |
// 'register_globals' and the 'variables_order' directives |
|
|
100 |
// loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+ |
|
|
101 |
if (empty($PHP_AUTH_PW)) { |
|
|
102 |
if (PMA_getenv('PHP_AUTH_PW')) { |
|
|
103 |
$PHP_AUTH_PW = PMA_getenv('PHP_AUTH_PW'); |
|
|
104 |
} elseif (PMA_getenv('REMOTE_PASSWORD')) { |
|
|
105 |
// Apache/CGI |
|
|
106 |
$PHP_AUTH_PW = PMA_getenv('REMOTE_PASSWORD'); |
|
|
107 |
} elseif (PMA_getenv('AUTH_PASSWORD')) { |
|
|
108 |
// WebSite Professional |
|
|
109 |
$PHP_AUTH_PW = PMA_getenv('AUTH_PASSWORD'); |
|
|
110 |
} |
|
|
111 |
} |
|
|
112 |
|
|
|
113 |
// Decode possibly encoded information (used by IIS/CGI/FastCGI) |
|
|
114 |
if (strcmp(substr($PHP_AUTH_USER, 0, 6), 'Basic ') == 0) { |
|
|
115 |
$usr_pass = base64_decode(substr($PHP_AUTH_USER, 6)); |
|
|
116 |
if (!empty($usr_pass) && strpos($usr_pass, ':') !== FALSE) { |
|
|
117 |
list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', $usr_pass); |
|
|
118 |
} |
|
|
119 |
unset($usr_pass); |
|
|
120 |
} |
|
|
121 |
|
|
|
122 |
// User logged out -> ensure the new username is not the same |
|
|
123 |
if (!empty($old_usr) |
|
|
124 |
&& (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER)) { |
|
|
125 |
$PHP_AUTH_USER = ''; |
|
|
126 |
} |
|
|
127 |
|
|
|
128 |
// Returns whether we get authentication settings or not |
|
|
129 |
if (empty($PHP_AUTH_USER)) { |
|
|
130 |
return FALSE; |
|
|
131 |
} else { |
|
|
132 |
return TRUE; |
|
|
133 |
} |
|
|
134 |
} // end of the 'PMA_auth_check()' function |
|
|
135 |
|
|
|
136 |
|
|
|
137 |
/** |
|
|
138 |
* Set the user and password after last checkings if required |
|
|
139 |
* |
|
|
140 |
* @global array the valid servers settings |
|
|
141 |
* @global integer the id of the current server |
|
|
142 |
* @global array the current server settings |
|
|
143 |
* @global string the current username |
|
|
144 |
* @global string the current password |
|
|
145 |
* |
|
|
146 |
* @return boolean always true |
|
|
147 |
* |
|
|
148 |
* @access public |
|
|
149 |
*/ |
|
|
150 |
function PMA_auth_set_user() |
|
|
151 |
{ |
|
|
152 |
global $cfg, $server; |
|
|
153 |
global $PHP_AUTH_USER, $PHP_AUTH_PW; |
|
|
154 |
|
|
|
155 |
// Ensures valid authentication mode, 'only_db', bookmark database and |
|
|
156 |
// table names and relation table name are used |
|
|
157 |
if ($cfg['Server']['user'] != $PHP_AUTH_USER) { |
|
|
158 |
$servers_cnt = count($cfg['Servers']); |
|
|
159 |
for ($i = 1; $i <= $servers_cnt; $i++) { |
|
|
160 |
if (isset($cfg['Servers'][$i]) |
|
|
161 |
&& ($cfg['Servers'][$i]['host'] == $cfg['Server']['host'] && $cfg['Servers'][$i]['user'] == $PHP_AUTH_USER)) { |
|
|
162 |
$server = $i; |
|
|
163 |
$cfg['Server'] = $cfg['Servers'][$i]; |
|
|
164 |
break; |
|
|
165 |
} |
|
|
166 |
} // end for |
|
|
167 |
} // end if |
|
|
168 |
|
|
|
169 |
$cfg['Server']['user'] = $PHP_AUTH_USER; |
|
|
170 |
$cfg['Server']['password'] = $PHP_AUTH_PW; |
|
|
171 |
|
|
|
172 |
return TRUE; |
|
|
173 |
} // end of the 'PMA_auth_set_user()' function |
|
|
174 |
|
|
|
175 |
|
|
|
176 |
/** |
|
|
177 |
* User is not allowed to login to MySQL -> authentication failed |
|
|
178 |
* |
|
|
179 |
* @return boolean always true (no return indeed) |
|
|
180 |
* |
|
|
181 |
* @access public |
|
|
182 |
*/ |
|
|
183 |
function PMA_auth_fails() |
|
|
184 |
{ |
|
|
185 |
PMA_auth(); |
|
|
186 |
|
|
|
187 |
return TRUE; |
|
|
188 |
} // end of the 'PMA_auth_fails()' function |
|
|
189 |
|
|
|
190 |
?> |