[2e32bf]: adminer / include / auth.inc.php Maximize Restore History

Download this file

auth.inc.php    151 lines (138 with data), 5.3 kB

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
<?php
$connection = '';
$token = $_SESSION["token"];
if (!$_SESSION["token"]) {
$_SESSION["token"] = rand(1, 1e6); // defense against cross-site request forgery
}
$permanent = array();
if ($_COOKIE["adminer_permanent"]) {
foreach (explode(" ", $_COOKIE["adminer_permanent"]) as $val) {
list($key) = explode(":", $val);
$permanent[$key] = $val;
}
}
$auth = $_POST["auth"];
if ($auth) {
session_regenerate_id(); // defense against session fixation
$_SESSION["pwds"][$auth["driver"]][$auth["server"]][$auth["username"]] = $auth["password"];
$_SESSION["db"][$auth["driver"]][$auth["server"]][$auth["username"]][$auth["db"]] = true;
if ($auth["permanent"]) {
$key = base64_encode($auth["driver"]) . "-" . base64_encode($auth["server"]) . "-" . base64_encode($auth["username"]) . "-" . base64_encode($auth["db"]);
$private = $adminer->permanentLogin(true);
$permanent[$key] = "$key:" . base64_encode($private ? encrypt_string($auth["password"], $private) : "");
cookie("adminer_permanent", implode(" ", $permanent));
}
if (count($_POST) == 1 // 1 - auth
|| DRIVER != $auth["driver"]
|| SERVER != $auth["server"]
|| $_GET["username"] !== $auth["username"] // "0" == "00"
|| DB != $auth["db"]
) {
redirect(auth_url($auth["driver"], $auth["server"], $auth["username"], $auth["db"]));
}
} elseif ($_POST["logout"]) {
if ($token && $_POST["token"] != $token) {
page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.'));
page_footer("db");
exit;
} else {
foreach (array("pwds", "db", "dbs", "queries") as $key) {
set_session($key, null);
}
unset_permanent();
redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
}
} elseif ($permanent && !$_SESSION["pwds"]) {
session_regenerate_id();
$private = $adminer->permanentLogin();
foreach ($permanent as $key => $val) {
list(, $cipher) = explode(":", $val);
list($driver, $server, $username, $db) = array_map('base64_decode', explode("-", $key));
$_SESSION["pwds"][$driver][$server][$username] = decrypt_string(base64_decode($cipher), $private);
$_SESSION["db"][$driver][$server][$username][$db] = true;
}
}
function unset_permanent() {
global $permanent;
foreach ($permanent as $key => $val) {
list($driver, $server, $username, $db) = array_map('base64_decode', explode("-", $key));
if ($driver == DRIVER && $server == SERVER && $username == $_GET["username"] && $db == DB) {
unset($permanent[$key]);
}
}
cookie("adminer_permanent", implode(" ", $permanent));
}
function auth_error($exception = null) {
global $connection, $adminer, $token;
$session_name = session_name();
$error = "";
if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) {
$error = lang('Session support must be enabled.');
} elseif (isset($_GET["username"])) {
if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) {
$error = lang('Session expired, please login again.');
} else {
$password = &get_session("pwds");
if ($password !== null) {
$error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
if ($password === false) {
$error .= '<br>' . lang('Master password expired. <a href="http://www.adminer.org/en/extension/" target="_blank">Implement</a> %s method to make it permanent.', '<code>permanentLogin()</code>');
}
$password = null;
}
unset_permanent();
}
}
page_header(lang('Login'), $error, null);
echo "<form action='' method='post'>\n";
$adminer->loginForm();
echo "<div>";
hidden_fields($_POST, array("auth")); // expired session
echo "</div>\n";
echo "</form>\n";
page_footer("auth");
}
if (isset($_GET["username"])) {
if (!class_exists("Min_DB")) {
unset($_SESSION["pwds"][DRIVER]);
unset_permanent();
page_header(lang('No extension'), lang('None of the supported PHP extensions (%s) are available.', implode(", ", $possible_drivers)), false);
page_footer("auth");
exit;
}
$connection = connect();
}
if (is_string($connection) || !$adminer->login($_GET["username"], get_session("pwds"))) {
auth_error();
exit;
}
$token = $_SESSION["token"]; ///< @var string CSRF protection
if ($auth && $_POST["token"]) {
$_POST["token"] = $token; // reset token after explicit login
}
$error = ''; ///< @var string
if ($_POST) {
if ($_POST["token"] != $token) {
$ini = "max_input_vars";
$max_vars = ini_get($ini);
if (extension_loaded("suhosin")) {
foreach (array("suhosin.request.max_vars", "suhosin.post.max_vars") as $key) {
$val = ini_get($key);
if ($val && (!$max_vars || $val < $max_vars)) {
$ini = $key;
$max_vars = $val;
}
}
}
$error = (!$_POST["token"] && $max_vars
? lang('Maximum number of allowed fields exceeded. Please increase %s.', "'$ini'")
: lang('Invalid CSRF token. Send the form again.')
);
}
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
// posted form with no data means that post_max_size exceeded because Adminer always sends token at least
$error = lang('Too big POST data. Reduce the data or increase the %s configuration directive.', "'post_max_size'");
if (isset($_GET["sql"])) {
$error .= ' ' . lang('You can upload a big SQL file via FTP and import it from server.');
}
}