170 lines
5.2 KiB
PHP
170 lines
5.2 KiB
PHP
|
<?php
|
||
|
/**
|
||
|
* Config Authentication plugin for phpMyAdmin
|
||
|
*/
|
||
|
|
||
|
declare(strict_types=1);
|
||
|
|
||
|
namespace PhpMyAdmin\Plugins\Auth;
|
||
|
|
||
|
use PhpMyAdmin\Html\Generator;
|
||
|
use PhpMyAdmin\Plugins\AuthenticationPlugin;
|
||
|
use PhpMyAdmin\ResponseRenderer;
|
||
|
use PhpMyAdmin\Server\Select;
|
||
|
use PhpMyAdmin\Util;
|
||
|
|
||
|
use function __;
|
||
|
use function count;
|
||
|
use function defined;
|
||
|
use function sprintf;
|
||
|
use function trigger_error;
|
||
|
|
||
|
use const E_USER_NOTICE;
|
||
|
use const E_USER_WARNING;
|
||
|
|
||
|
/**
|
||
|
* Handles the config authentication method
|
||
|
*/
|
||
|
class AuthenticationConfig extends AuthenticationPlugin
|
||
|
{
|
||
|
/**
|
||
|
* Displays authentication form
|
||
|
*
|
||
|
* @return bool always true
|
||
|
*/
|
||
|
public function showLoginForm(): bool
|
||
|
{
|
||
|
$response = ResponseRenderer::getInstance();
|
||
|
if ($response->isAjax()) {
|
||
|
$response->setRequestStatus(false);
|
||
|
// reload_flag removes the token parameter from the URL and reloads
|
||
|
$response->addJSON('reload_flag', '1');
|
||
|
if (defined('TESTSUITE')) {
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Gets authentication credentials
|
||
|
*
|
||
|
* @return bool always true
|
||
|
*/
|
||
|
public function readCredentials(): bool
|
||
|
{
|
||
|
if ($GLOBALS['token_provided'] && $GLOBALS['token_mismatch']) {
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
$this->user = $GLOBALS['cfg']['Server']['user'];
|
||
|
$this->password = $GLOBALS['cfg']['Server']['password'];
|
||
|
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* User is not allowed to login to MySQL -> authentication failed
|
||
|
*
|
||
|
* @param string $failure String describing why authentication has failed
|
||
|
*/
|
||
|
public function showFailure($failure): void
|
||
|
{
|
||
|
global $dbi;
|
||
|
|
||
|
parent::showFailure($failure);
|
||
|
$conn_error = $dbi->getError();
|
||
|
if (! $conn_error) {
|
||
|
$conn_error = __('Cannot connect: invalid settings.');
|
||
|
}
|
||
|
|
||
|
/* HTML header */
|
||
|
$response = ResponseRenderer::getInstance();
|
||
|
$response->getFooter()
|
||
|
->setMinimal();
|
||
|
$header = $response->getHeader();
|
||
|
$header->setBodyId('loginform');
|
||
|
$header->setTitle(__('Access denied!'));
|
||
|
$header->disableMenuAndConsole();
|
||
|
echo '<br><br>
|
||
|
<div class="text-center">
|
||
|
<h1>';
|
||
|
echo sprintf(__('Welcome to %s'), ' phpMyAdmin ');
|
||
|
echo '</h1>
|
||
|
</div>
|
||
|
<br>
|
||
|
<table class="table table-borderless text-start w-75 mx-auto">
|
||
|
<tr>
|
||
|
<td>';
|
||
|
if (isset($GLOBALS['allowDeny_forbidden']) && $GLOBALS['allowDeny_forbidden']) {
|
||
|
trigger_error(__('Access denied!'), E_USER_NOTICE);
|
||
|
} else {
|
||
|
// Check whether user has configured something
|
||
|
if ($GLOBALS['config']->sourceMtime == 0) {
|
||
|
echo '<p>' , sprintf(
|
||
|
__(
|
||
|
'You probably did not create a configuration file.'
|
||
|
. ' You might want to use the %1$ssetup script%2$s to'
|
||
|
. ' create one.'
|
||
|
),
|
||
|
'<a href="setup/">',
|
||
|
'</a>'
|
||
|
) , '</p>' , "\n";
|
||
|
} elseif (
|
||
|
! isset($GLOBALS['errno'])
|
||
|
|| (isset($GLOBALS['errno']) && $GLOBALS['errno'] != 2002)
|
||
|
&& $GLOBALS['errno'] != 2003
|
||
|
) {
|
||
|
// if we display the "Server not responding" error, do not confuse
|
||
|
// users by telling them they have a settings problem
|
||
|
// (note: it's true that they could have a badly typed host name,
|
||
|
// but anyway the current message tells that the server
|
||
|
// rejected the connection, which is not really what happened)
|
||
|
// 2002 is the error given by mysqli
|
||
|
// 2003 is the error given by mysql
|
||
|
trigger_error(
|
||
|
__(
|
||
|
'phpMyAdmin tried to connect to the MySQL server, and the'
|
||
|
. ' server rejected the connection. You should check the'
|
||
|
. ' host, username and password in your configuration and'
|
||
|
. ' make sure that they correspond to the information given'
|
||
|
. ' by the administrator of the MySQL server.'
|
||
|
),
|
||
|
E_USER_WARNING
|
||
|
);
|
||
|
}
|
||
|
|
||
|
echo Generator::mysqlDie($conn_error, '', true, '', false);
|
||
|
}
|
||
|
|
||
|
$GLOBALS['errorHandler']->dispUserErrors();
|
||
|
echo '</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>' , "\n";
|
||
|
echo '<a href="'
|
||
|
, Util::getScriptNameForOption($GLOBALS['cfg']['DefaultTabServer'], 'server')
|
||
|
, '" class="btn btn-primary mt-1 mb-1 disableAjax">'
|
||
|
, __('Retry to connect')
|
||
|
, '</a>' , "\n";
|
||
|
echo '</td>
|
||
|
</tr>' , "\n";
|
||
|
if (count($GLOBALS['cfg']['Servers']) > 1) {
|
||
|
// offer a chance to login to other servers if the current one failed
|
||
|
echo '<tr>' , "\n";
|
||
|
echo ' <td>' , "\n";
|
||
|
echo Select::render(true, true);
|
||
|
echo ' </td>' , "\n";
|
||
|
echo '</tr>' , "\n";
|
||
|
}
|
||
|
|
||
|
echo '</table>' , "\n";
|
||
|
if (! defined('TESTSUITE')) {
|
||
|
exit;
|
||
|
}
|
||
|
}
|
||
|
}
|