Ignore NULL charset
[phpmyadmin-regexreplace.git] / libraries / auth / http.auth.lib.php
blobb3d305a10d0e1831fa527239c18a54ad6d341344
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Set of functions used to run http authentication.
5 * NOTE: Requires PHP loaded as a Apache module.
7 * @package phpMyAdmin-Auth-HTTP
8 */
11 /**
12 * Displays authentication form
14 * @global string the font face to use in case of failure
15 * @global string the default font size to use in case of failure
16 * @global string the big font size to use in case of failure
18 * @return boolean always true (no return indeed)
20 * @access public
22 function PMA_auth()
24 /* Perform logout to custom URL */
25 if (!empty($_REQUEST['old_usr']) && !empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
26 PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
27 exit;
30 if (empty($GLOBALS['cfg']['Server']['auth_http_realm'])) {
31 if (empty($GLOBALS['cfg']['Server']['verbose'])) {
32 $server_message = $GLOBALS['cfg']['Server']['host'];
33 } else {
34 $server_message = $GLOBALS['cfg']['Server']['verbose'];
36 $realm_message = 'phpMyAdmin ' . $server_message;
37 } else {
38 $realm_message = $GLOBALS['cfg']['Server']['auth_http_realm'];
40 // remove non US-ASCII to respect RFC2616
41 $realm_message = preg_replace('/[^\x20-\x7e]/i', '', $realm_message);
42 header('WWW-Authenticate: Basic realm="' . $realm_message . '"');
43 header('HTTP/1.0 401 Unauthorized');
44 if (php_sapi_name() !== 'cgi-fcgi') {
45 header('status: 401 Unauthorized');
48 // Defines the charset to be used
49 header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
50 /* HTML header */
51 $page_title = __('Access denied');
52 require './libraries/header_meta_style.inc.php';
54 </head>
55 <body>
56 <?php
57 if (file_exists(CUSTOM_HEADER_FILE)) {
58 require CUSTOM_HEADER_FILE;
62 <br /><br />
63 <center>
64 <h1><?php echo sprintf(__('Welcome to %s'), ' phpMyAdmin'); ?></h1>
65 </center>
66 <br />
68 <?php
69 PMA_Message::error(__('Wrong username/password. Access denied.'))->display();
71 if (file_exists(CUSTOM_FOOTER_FILE)) {
72 require CUSTOM_FOOTER_FILE;
76 </body>
77 </html>
78 <?php
79 exit();
80 } // end of the 'PMA_auth()' function
83 /**
84 * Gets advanced authentication settings
86 * @global string the username if register_globals is on
87 * @global string the password if register_globals is on
88 * @global array the array of server variables if register_globals is
89 * off
90 * @global array the array of environment variables if register_globals
91 * is off
92 * @global string the username for the ? server
93 * @global string the password for the ? server
94 * @global string the username for the WebSite Professional server
95 * @global string the password for the WebSite Professional server
96 * @global string the username of the user who logs out
98 * @return boolean whether we get authentication settings or not
100 * @access public
102 function PMA_auth_check()
104 global $PHP_AUTH_USER, $PHP_AUTH_PW;
105 global $old_usr;
107 // Grabs the $PHP_AUTH_USER variable whatever are the values of the
108 // 'register_globals' and the 'variables_order' directives
109 if (empty($PHP_AUTH_USER)) {
110 if (PMA_getenv('PHP_AUTH_USER')) {
111 $PHP_AUTH_USER = PMA_getenv('PHP_AUTH_USER');
112 } elseif (PMA_getenv('REMOTE_USER')) {
113 // CGI, might be encoded, see below
114 $PHP_AUTH_USER = PMA_getenv('REMOTE_USER');
115 } elseif (PMA_getenv('REDIRECT_REMOTE_USER')) {
116 // CGI, might be encoded, see below
117 $PHP_AUTH_USER = PMA_getenv('REDIRECT_REMOTE_USER');
118 } elseif (PMA_getenv('AUTH_USER')) {
119 // WebSite Professional
120 $PHP_AUTH_USER = PMA_getenv('AUTH_USER');
121 } elseif (PMA_getenv('HTTP_AUTHORIZATION')) {
122 // IIS, might be encoded, see below
123 $PHP_AUTH_USER = PMA_getenv('HTTP_AUTHORIZATION');
124 } elseif (PMA_getenv('Authorization')) {
125 // FastCGI, might be encoded, see below
126 $PHP_AUTH_USER = PMA_getenv('Authorization');
129 // Grabs the $PHP_AUTH_PW variable whatever are the values of the
130 // 'register_globals' and the 'variables_order' directives
131 if (empty($PHP_AUTH_PW)) {
132 if (PMA_getenv('PHP_AUTH_PW')) {
133 $PHP_AUTH_PW = PMA_getenv('PHP_AUTH_PW');
134 } elseif (PMA_getenv('REMOTE_PASSWORD')) {
135 // Apache/CGI
136 $PHP_AUTH_PW = PMA_getenv('REMOTE_PASSWORD');
137 } elseif (PMA_getenv('AUTH_PASSWORD')) {
138 // WebSite Professional
139 $PHP_AUTH_PW = PMA_getenv('AUTH_PASSWORD');
143 // Decode possibly encoded information (used by IIS/CGI/FastCGI)
144 // (do not use explode() because a user might have a colon in his password
145 if (strcmp(substr($PHP_AUTH_USER, 0, 6), 'Basic ') == 0) {
146 $usr_pass = base64_decode(substr($PHP_AUTH_USER, 6));
147 if (! empty($usr_pass)) {
148 $colon = strpos($usr_pass, ':');
149 if ($colon) {
150 $PHP_AUTH_USER = substr($usr_pass, 0, $colon);
151 $PHP_AUTH_PW = substr($usr_pass, $colon + 1);
153 unset($colon);
155 unset($usr_pass);
158 // User logged out -> ensure the new username is not the same
159 if (!empty($old_usr)
160 && (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER)) {
161 $PHP_AUTH_USER = '';
162 // -> delete user's choices that were stored in session
163 session_destroy();
166 // Returns whether we get authentication settings or not
167 if (empty($PHP_AUTH_USER)) {
168 return false;
169 } else {
170 return true;
172 } // end of the 'PMA_auth_check()' function
176 * Set the user and password after last checkings if required
178 * @global array the valid servers settings
179 * @global integer the id of the current server
180 * @global array the current server settings
181 * @global string the current username
182 * @global string the current password
184 * @return boolean always true
186 * @access public
188 function PMA_auth_set_user()
190 global $cfg, $server;
191 global $PHP_AUTH_USER, $PHP_AUTH_PW;
193 // Ensures valid authentication mode, 'only_db', bookmark database and
194 // table names and relation table name are used
195 if ($cfg['Server']['user'] != $PHP_AUTH_USER) {
196 $servers_cnt = count($cfg['Servers']);
197 for ($i = 1; $i <= $servers_cnt; $i++) {
198 if (isset($cfg['Servers'][$i])
199 && ($cfg['Servers'][$i]['host'] == $cfg['Server']['host'] && $cfg['Servers'][$i]['user'] == $PHP_AUTH_USER)) {
200 $server = $i;
201 $cfg['Server'] = $cfg['Servers'][$i];
202 break;
204 } // end for
205 } // end if
207 $cfg['Server']['user'] = $PHP_AUTH_USER;
208 $cfg['Server']['password'] = $PHP_AUTH_PW;
210 return true;
211 } // end of the 'PMA_auth_set_user()' function
215 * User is not allowed to login to MySQL -> authentication failed
217 * @return boolean always true (no return indeed)
219 * @access public
221 function PMA_auth_fails()
223 $error = PMA_DBI_getError();
224 if ($error && $GLOBALS['errno'] != 1045) {
225 PMA_fatalError($error);
226 } else {
227 PMA_auth();
228 return true;
231 } // end of the 'PMA_auth_fails()' function