~hexmode/+junk/main

header('WWW-Authenticate: Basic realm="phpMyAdmin ' . sprintf($GLOBALS['strRunning'], (empty($GLOBALS['cfg']['Server']['verbose']) ? str_replace('\'', '\\\'', $GLOBALS['cfg']['Server']['host']) : str_replace('\'', '\\\'', $GLOBALS['cfg']['Server']['verbose']))) . '"');

header('HTTP/1.0 401 Unauthorized');

header('status: 401 Unauthorized');

// Defines the charset to be used

header('Content-Type: text/html; charset=' . $GLOBALS['charset']);

/* HTML header */

$page_title = $GLOBALS['strAccessDenied'];

require './libraries/header_meta_style.inc.php';

</head>

<body>

<?php if (file_exists('./config.header.inc.php')) {

require('./config.header.inc.php');

}

</center>

<br />

<?php if (file_exists('./config.footer.inc.php')) {

require('./config.footer.inc.php');

}

</body>

</html>

<?php

exit();

} // end of the 'PMA_auth()' function

/**

* Gets advanced authentication settings

* @global string the username if register_globals is on

* @global string the password if register_globals is on

* @global array the array of server variables if register_globals is

* off

* @global array the array of environment variables if register_globals

* is off

* @global string the username for the ? server

* @global string the password for the ? server

* @global string the username for the WebSite Professional server

* @global string the password for the WebSite Professional server

* @global string the username of the user who logs out

* @return boolean whether we get authentication settings or not

* @access public

function PMA_auth_check()

{

global $PHP_AUTH_USER, $PHP_AUTH_PW;

global $old_usr;

// Grabs the $PHP_AUTH_USER variable whatever are the values of the

// 'register_globals' and the 'variables_order' directives

// loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+

if (empty($PHP_AUTH_USER)) {

if (PMA_getenv('PHP_AUTH_USER')) {

$PHP_AUTH_USER = PMA_getenv('PHP_AUTH_USER');

} elseif (PMA_getenv('REMOTE_USER')) {

// CGI, might be encoded, see bellow

$PHP_AUTH_USER = PMA_getenv('REMOTE_USER');

} elseif (PMA_getenv('AUTH_USER')) {

100

// WebSite Professional

101

$PHP_AUTH_USER = PMA_getenv('AUTH_USER');

102

} elseif (PMA_getenv('HTTP_AUTHORIZATION')) {

103

// IIS, might be encoded, see bellow

104

$PHP_AUTH_USER = PMA_getenv('HTTP_AUTHORIZATION');

105

} elseif (PMA_getenv('Authorization')) {

106

// FastCGI, might be encoded, see bellow

107

$PHP_AUTH_USER = PMA_getenv('Authorization');

108

}

109

}

110

// Grabs the $PHP_AUTH_PW variable whatever are the values of the

111

// 'register_globals' and the 'variables_order' directives

112

// loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+

113

if (empty($PHP_AUTH_PW)) {

114

if (PMA_getenv('PHP_AUTH_PW')) {

115

$PHP_AUTH_PW = PMA_getenv('PHP_AUTH_PW');

116

} elseif (PMA_getenv('REMOTE_PASSWORD')) {

117

// Apache/CGI

118

$PHP_AUTH_PW = PMA_getenv('REMOTE_PASSWORD');

119

} elseif (PMA_getenv('AUTH_PASSWORD')) {

120

// WebSite Professional

121

$PHP_AUTH_PW = PMA_getenv('AUTH_PASSWORD');

122

}

123

}

124

125

// Decode possibly encoded information (used by IIS/CGI/FastCGI)

126

if (strcmp(substr($PHP_AUTH_USER, 0, 6), 'Basic ') == 0) {

127

$usr_pass = base64_decode(substr($PHP_AUTH_USER, 6));

128

if (!empty($usr_pass) && strpos($usr_pass, ':') !== false) {

129

list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':', $usr_pass);

130

}

131

unset($usr_pass);

132

}

133

134

// User logged out -> ensure the new username is not the same

135

if (!empty($old_usr)

136

&& (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER)) {

137

$PHP_AUTH_USER = '';

138

}

139

140

// Returns whether we get authentication settings or not

141

if (empty($PHP_AUTH_USER)) {

142

return false;

143

} else {

144

return true;

145

}

146

} // end of the 'PMA_auth_check()' function

147

148

149

/**

150

* Set the user and password after last checkings if required

151

152

* @global array the valid servers settings

153

* @global integer the id of the current server

154

* @global array the current server settings

155

* @global string the current username

156

* @global string the current password

157

158

* @return boolean always true

159

160

* @access public

161

162

function PMA_auth_set_user()

163

{

164

global $cfg, $server;

165

global $PHP_AUTH_USER, $PHP_AUTH_PW;

166

167

// Ensures valid authentication mode, 'only_db', bookmark database and

168

// table names and relation table name are used

169

if ($cfg['Server']['user'] != $PHP_AUTH_USER) {

170

$servers_cnt = count($cfg['Servers']);

171

for ($i = 1; $i <= $servers_cnt; $i++) {

172

if (isset($cfg['Servers'][$i])

173

&& ($cfg['Servers'][$i]['host'] == $cfg['Server']['host'] && $cfg['Servers'][$i]['user'] == $PHP_AUTH_USER)) {

174

$server = $i;

175

$cfg['Server'] = $cfg['Servers'][$i];

176

break;

177

}

178

} // end for

179

} // end if

180

181

$cfg['Server']['user'] = $PHP_AUTH_USER;

182

$cfg['Server']['password'] = $PHP_AUTH_PW;

183

184

return true;

185

} // end of the 'PMA_auth_set_user()' function

186

187

188

/**

189

* User is not allowed to login to MySQL -> authentication failed

190

191

* @return boolean always true (no return indeed)

192

193

* @access public

194

195

function PMA_auth_fails()

196

{

197

$error = PMA_DBI_getError();

198

if ($error && $GLOBALS['errno'] != 1045) {

199

PMA_sendHeaderLocation('error.php?error=' . urlencode($error));

200

exit;

201

} else {

202

PMA_auth();

203

return true;

204

}

205

206

} // end of the 'PMA_auth_fails()' function

207

208

Older »