2
/* $Id: http.auth.lib.php 9352 2006-08-24 12:39:16Z nijel $ */
3
// vim: expandtab sw=4 ts=4 sts=4:
5
// +--------------------------------------------------------------------------+
6
// | Set of functions used to run http authentication. |
7
// | NOTE: Requires PHP loaded as a Apache module. |
8
// +--------------------------------------------------------------------------+
12
* Displays authentication form
14
* @global string the font face to use in case of failure
15
* @global string the default font size to use in case of failure
16
* @global string the big font size to use in case of failure
18
* @return boolean always true (no return indeed)
24
/* Perform logout to custom URL */
25
if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
26
PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
30
header('WWW-Authenticate: Basic realm="phpMyAdmin ' . sprintf($GLOBALS['strRunning'], (empty($GLOBALS['cfg']['Server']['verbose']) ? str_replace('\'', '\\\'', $GLOBALS['cfg']['Server']['host']) : str_replace('\'', '\\\'', $GLOBALS['cfg']['Server']['verbose']))) . '"');
31
header('HTTP/1.0 401 Unauthorized');
32
header('status: 401 Unauthorized');
34
// Defines the charset to be used
35
header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
37
$page_title = $GLOBALS['strAccessDenied'];
38
require './libraries/header_meta_style.inc.php';
42
<?php if (file_exists('./config.header.inc.php')) {
43
require('./config.header.inc.php');
49
<h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?></h1>
52
<div class="warning"><?php echo $GLOBALS['strWrongUser']; ?></div>
54
<?php if (file_exists('./config.footer.inc.php')) {
55
require('./config.footer.inc.php');
63
} // end of the 'PMA_auth()' function
67
* Gets advanced authentication settings
69
* @global string the username if register_globals is on
70
* @global string the password if register_globals is on
71
* @global array the array of server variables if register_globals is
73
* @global array the array of environment variables if register_globals
75
* @global string the username for the ? server
76
* @global string the password for the ? server
77
* @global string the username for the WebSite Professional server
78
* @global string the password for the WebSite Professional server
79
* @global string the username of the user who logs out
81
* @return boolean whether we get authentication settings or not
85
function PMA_auth_check()
87
global $PHP_AUTH_USER, $PHP_AUTH_PW;
90
// Grabs the $PHP_AUTH_USER variable whatever are the values of the
91
// 'register_globals' and the 'variables_order' directives
92
// loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
93
if (empty($PHP_AUTH_USER)) {
94
if (PMA_getenv('PHP_AUTH_USER')) {
95
$PHP_AUTH_USER = PMA_getenv('PHP_AUTH_USER');
96
} elseif (PMA_getenv('REMOTE_USER')) {
97
// CGI, might be encoded, see bellow
98
$PHP_AUTH_USER = PMA_getenv('REMOTE_USER');
99
} elseif (PMA_getenv('AUTH_USER')) {
100
// WebSite Professional
101
$PHP_AUTH_USER = PMA_getenv('AUTH_USER');
102
} elseif (PMA_getenv('HTTP_AUTHORIZATION')) {
103
// IIS, might be encoded, see bellow
104
$PHP_AUTH_USER = PMA_getenv('HTTP_AUTHORIZATION');
105
} elseif (PMA_getenv('Authorization')) {
106
// FastCGI, might be encoded, see bellow
107
$PHP_AUTH_USER = PMA_getenv('Authorization');
110
// Grabs the $PHP_AUTH_PW variable whatever are the values of the
111
// 'register_globals' and the 'variables_order' directives
112
// loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
113
if (empty($PHP_AUTH_PW)) {
114
if (PMA_getenv('PHP_AUTH_PW')) {
115
$PHP_AUTH_PW = PMA_getenv('PHP_AUTH_PW');
116
} elseif (PMA_getenv('REMOTE_PASSWORD')) {
118
$PHP_AUTH_PW = PMA_getenv('REMOTE_PASSWORD');
119
} elseif (PMA_getenv('AUTH_PASSWORD')) {
120
// WebSite Professional
121
$PHP_AUTH_PW = PMA_getenv('AUTH_PASSWORD');
125
// Decode possibly encoded information (used by IIS/CGI/FastCGI)
126
if (strcmp(substr($PHP_AUTH_USER, 0, 6), 'Basic ') == 0) {
127
$usr_pass = base64_decode(substr($PHP_AUTH_USER, 6));
128
if (!empty($usr_pass) && strpos($usr_pass, ':') !== false) {
129
list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', $usr_pass);
134
// User logged out -> ensure the new username is not the same
136
&& (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER)) {
140
// Returns whether we get authentication settings or not
141
if (empty($PHP_AUTH_USER)) {
146
} // end of the 'PMA_auth_check()' function
150
* Set the user and password after last checkings if required
152
* @global array the valid servers settings
153
* @global integer the id of the current server
154
* @global array the current server settings
155
* @global string the current username
156
* @global string the current password
158
* @return boolean always true
162
function PMA_auth_set_user()
164
global $cfg, $server;
165
global $PHP_AUTH_USER, $PHP_AUTH_PW;
167
// Ensures valid authentication mode, 'only_db', bookmark database and
168
// table names and relation table name are used
169
if ($cfg['Server']['user'] != $PHP_AUTH_USER) {
170
$servers_cnt = count($cfg['Servers']);
171
for ($i = 1; $i <= $servers_cnt; $i++) {
172
if (isset($cfg['Servers'][$i])
173
&& ($cfg['Servers'][$i]['host'] == $cfg['Server']['host'] && $cfg['Servers'][$i]['user'] == $PHP_AUTH_USER)) {
175
$cfg['Server'] = $cfg['Servers'][$i];
181
$cfg['Server']['user'] = $PHP_AUTH_USER;
182
$cfg['Server']['password'] = $PHP_AUTH_PW;
185
} // end of the 'PMA_auth_set_user()' function
189
* User is not allowed to login to MySQL -> authentication failed
191
* @return boolean always true (no return indeed)
195
function PMA_auth_fails()
197
$error = PMA_DBI_getError();
198
if ($error && $GLOBALS['errno'] != 1045) {
199
PMA_sendHeaderLocation('error.php?error=' . urlencode($error));
206
} // end of the 'PMA_auth_fails()' function