search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translation update done using Pootle.
[phpmyadmin/sankalp_k.git] / libraries / auth / cookie.auth.lib.php
blob84bfa80ad93e32a2981449d660c5b0fbe48d055e
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Set of functions used to run cookie based authentication.
5 *
6 * @package phpMyAdmin-Auth-Cookie
7 */
8
9 if (! defined('PHPMYADMIN')) {
10 exit;
11 }
12
13 /**
14 * Swekey authentication functions.
15 */
16 require './libraries/auth/swekey/swekey.auth.lib.php';
17
18 if (function_exists('mcrypt_encrypt')) {
19 /**
20 * Uses faster mcrypt library if available
21 * (as this is not called from anywhere else, put the code in-line
22 * for faster execution)
23 */
24
25 /**
26 * Initialization
27 * Store the initialization vector because it will be needed for
28 * further decryption. I don't think necessary to have one iv
29 * per server so I don't put the server number in the cookie name.
30 */
31 if (empty($_COOKIE['pma_mcrypt_iv'])
32 || false === ($iv = base64_decode($_COOKIE['pma_mcrypt_iv'], true))) {
33 srand((double) microtime() * 1000000);
34 $td = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_CBC, '');
35 if ($td === false) {
36 PMA_warnMissingExtension('mcrypt');
37 }
38 $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
39 $GLOBALS['PMA_Config']->setCookie('pma_mcrypt_iv', base64_encode($iv));
40 }
41
42 /**
43 * Encryption using blowfish algorithm (mcrypt)
44 *
45 * @param string original data
46 * @param string the secret
47 *
48 * @return string the encrypted result
49 *
50 * @access public
51 *
52 */
53 function PMA_blowfish_encrypt($data, $secret)
54 {
55 global $iv;
56 return base64_encode(mcrypt_encrypt(MCRYPT_BLOWFISH, $secret, $data, MCRYPT_MODE_CBC, $iv));
57 }
58
59 /**
60 * Decryption using blowfish algorithm (mcrypt)
61 *
62 * @param string encrypted data
63 * @param string the secret
64 *
65 * @return string original data
66 *
67 * @access public
68 *
69 */
70 function PMA_blowfish_decrypt($encdata, $secret)
71 {
72 global $iv;
73 return trim(mcrypt_decrypt(MCRYPT_BLOWFISH, $secret, base64_decode($encdata), MCRYPT_MODE_CBC, $iv));
74 }
75
76 } else {
77 require_once './libraries/blowfish.php';
78 if (!$GLOBALS['cfg']['McryptDisableWarning']) {
79 PMA_warnMissingExtension('mcrypt');
80 }
81 }
82
83 /**
84 * Returns blowfish secret or generates one if needed.
85 * @uses $cfg['blowfish_secret']
86 * @uses $_SESSION['auto_blowfish_secret']
87 *
88 * @access public
89 */
90 function PMA_get_blowfish_secret() {
91 if (empty($GLOBALS['cfg']['blowfish_secret'])) {
92 if (empty($_SESSION['auto_blowfish_secret'])) {
93 // this returns 23 characters
94 $_SESSION['auto_blowfish_secret'] = uniqid('', true);
95 }
96 return $_SESSION['auto_blowfish_secret'];
97 } else {
98 // apply md5() to work around too long secrets (returns 32 characters)
99 return md5($GLOBALS['cfg']['blowfish_secret']);
100 }
101 }
102
103 /**
104 * Displays authentication form
105 *
106 * this function MUST exit/quit the application
107 *
108 * @uses $GLOBALS['server']
109 * @uses $GLOBALS['PHP_AUTH_USER']
110 * @uses $GLOBALS['pma_auth_server']
111 * @uses $GLOBALS['text_dir']
112 * @uses $GLOBALS['pmaThemeImage']
113 * @uses $GLOBALS['charset']
114 * @uses $GLOBALS['target']
115 * @uses $GLOBALS['db']
116 * @uses $GLOBALS['table']
117 * @uses $GLOBALS['pmaThemeImage']
118 * @uses $cfg['Servers']
119 * @uses $cfg['LoginCookieRecall']
120 * @uses $cfg['Lang']
121 * @uses $cfg['Server']
122 * @uses $cfg['ReplaceHelpImg']
123 * @uses $cfg['blowfish_secret']
124 * @uses $cfg['AllowArbitraryServer']
125 * @uses $_COOKIE
126 * @uses $_REQUEST['old_usr']
127 * @uses PMA_sendHeaderLocation()
128 * @uses PMA_select_language()
129 * @uses PMA_select_server()
130 * @uses file_exists()
131 * @uses sprintf()
132 * @uses count()
133 * @uses htmlspecialchars()
134 * @uses is_array()
135 * @global string the last connection error
136 *
137 * @access public
138 */
139 function PMA_auth()
140 {
141 global $conn_error;
142
143 /* Perform logout to custom URL */
144 if (! empty($_REQUEST['old_usr'])
145 && ! empty($GLOBALS['cfg']['Server']['LogoutURL'])) {
146 PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['LogoutURL']);
147 exit;
148 }
149
150 /* No recall if blowfish secret is not configured as it would produce garbage */
151 if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
152 $default_user = $GLOBALS['PHP_AUTH_USER'];
153 $default_server = $GLOBALS['pma_auth_server'];
154 $autocomplete = '';
155 } else {
156 $default_user = '';
157 $default_server = '';
158 // skip the IE autocomplete feature.
159 $autocomplete = ' autocomplete="off"';
160 }
161
162 $cell_align = ($GLOBALS['text_dir'] == 'ltr') ? 'left' : 'right';
163
164 // Defines the charset to be used
165 header('Content-Type: text/html; charset=' . $GLOBALS['charset']);
166 // Defines the "item" image depending on text direction
167 $item_img = $GLOBALS['pmaThemeImage'] . 'item_' . $GLOBALS['text_dir'] . '.png';
168
169 /* HTML header; do not show here the PMA version to improve security */
170 $page_title = 'phpMyAdmin ';
171 require './libraries/header_meta_style.inc.php';
172 require './libraries/header_scripts.inc.php';
173 ?>
174 <script type="text/javascript">
175 //<![CDATA[
176 // show login form in top frame
177 if (top != self) {
178 window.top.location.href=location;
179 }
180 //]]>
181 </script>
182 </head>
183
184 <body class="loginform">
185
186 <?php
187 if (file_exists(CUSTOM_HEADER_FILE)) {
188 require CUSTOM_HEADER_FILE;
189 }
190 ?>
191
192 <div class="container">
193 <a href="<?php echo PMA_linkURL('http://www.phpmyadmin.net/'); ?>" target="_blank" class="logo"><?php
194 $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
195 if (@file_exists($logo_image)) {
196 echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
197 } else {
198 echo '<img name="imLogo" id="imLogo" src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo.png' . '" '
199 . 'border="0" width="88" height="31" alt="phpMyAdmin" />';
200 }
201 ?></a>
202 <h1>
203 <?php
204 echo sprintf(__('Welcome to %s'),
205 '<bdo dir="ltr" xml:lang="en">' . $page_title . '</bdo>');
206 ?>
207 </h1>
208 <?php
209
210 // Show error message
211 if (! empty($conn_error)) {
212 PMA_Message::rawError($conn_error)->display();
213 }
214
215 // Displays the languages form
216 if (empty($GLOBALS['cfg']['Lang'])) {
217 require_once './libraries/display_select_lang.lib.php';
218 // use fieldset, don't show doc link
219 PMA_select_language(true, false);
220 }
221
222 ?>
223 <br />
224 <!-- Login form -->
225 <form method="post" action="index.php" name="login_form"<?php echo $autocomplete; ?> target="_top" class="login">
226 <fieldset>
227 <legend>
228 <?php
229 echo __('Log in');
230 echo '<a href="./Documentation.html" target="documentation" ' .
231 'title="' . __('phpMyAdmin documentation') . '">';
232 if ($GLOBALS['cfg']['ReplaceHelpImg']) {
233 echo '<img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_help.png" width="11" height="11" alt="' . __('phpMyAdmin documentation') . '" />';
234 } else {
235 echo '(*)';
236 }
237 echo '</a>';
238 ?>
239 </legend>
240
241 <?php if ($GLOBALS['cfg']['AllowArbitraryServer']) { ?>
242 <div class="item">
243 <label for="input_servername" title="<?php echo __('You can enter hostname/IP address and port separated by space.'); ?>"><?php echo __('Server:'); ?></label>
244 <input type="text" name="pma_servername" id="input_servername" value="<?php echo htmlspecialchars($default_server); ?>" size="24" class="textfield" title="<?php echo __('You can enter hostname/IP address and port separated by space.'); ?>" />
245 </div>
246 <?php } ?>
247 <div class="item">
248 <label for="input_username"><?php echo __('Username:'); ?></label>
249 <input type="text" name="pma_username" id="input_username" value="<?php echo htmlspecialchars($default_user); ?>" size="24" class="textfield"/>
250 </div>
251 <div class="item">
252 <label for="input_password"><?php echo __('Password:'); ?></label>
253 <input type="password" name="pma_password" id="input_password" value="" size="24" class="textfield" />
254 </div>
255 <?php
256 if (count($GLOBALS['cfg']['Servers']) > 1) {
257 ?>
258 <div class="item">
259 <label for="select_server"><?php echo __('Server Choice'); ?>:</label>
260 <select name="server" id="select_server"
261 <?php
262 if ($GLOBALS['cfg']['AllowArbitraryServer']) {
263 echo ' onchange="document.forms[\'login_form\'].elements[\'pma_servername\'].value = \'\'" ';
264 }
265 echo '>';
266
267 require_once './libraries/select_server.lib.php';
268 PMA_select_server(false, false);
269
270 echo '</select></div>';
271 } else {
272 echo ' <input type="hidden" name="server" value="' . $GLOBALS['server'] . '" />';
273 } // end if (server choice)
274 ?>
275 </fieldset>
276 <fieldset class="tblFooters">
277 <input value="<?php echo __('Go'); ?>" type="submit" id="input_go" />
278 <?php
279 $_form_params = array();
280 if (! empty($GLOBALS['target'])) {
281 $_form_params['target'] = $GLOBALS['target'];
282 }
283 if (! empty($GLOBALS['db'])) {
284 $_form_params['db'] = $GLOBALS['db'];
285 }
286 if (! empty($GLOBALS['table'])) {
287 $_form_params['table'] = $GLOBALS['table'];
288 }
289 // do not generate a "server" hidden field as we want the "server"
290 // drop-down to have priority
291 echo PMA_generate_common_hidden_inputs($_form_params, '', 0, 'server');
292 ?>
293 </fieldset>
294 </form>
295
296 <?php
297
298 // BEGIN Swekey Integration
299 Swekey_login('input_username', 'input_go');
300 // END Swekey Integration
301
302 // show the "Cookies required" message only if cookies are disabled
303 // (we previously tried to set some cookies)
304 if (empty($_COOKIE)) {
305 trigger_error(__('Cookies must be enabled past this point.'), E_USER_NOTICE);
306 }
307 if ($GLOBALS['error_handler']->hasDisplayErrors()) {
308 echo '<div>';
309 $GLOBALS['error_handler']->dispErrors();
310 echo '</div>';
311 }
312 ?>
313 </div>
314 <?php
315 if (file_exists(CUSTOM_FOOTER_FILE)) {
316 require CUSTOM_FOOTER_FILE;
317 }
318 ?>
319 </body>
320 </html>
321 <?php
322 exit;
323 } // end of the 'PMA_auth()' function
324
325
326
327 /**
328 * Gets advanced authentication settings
329 *
330 * this function DOES NOT check authentication - it just checks/provides
331 * authentication credentials required to connect to the MySQL server
332 * usually with PMA_DBI_connect()
333 *
334 * it returns false if something is missing - which usually leads to
335 * PMA_auth() which displays login form
336 *
337 * it returns true if all seems ok which usually leads to PMA_auth_set_user()
338 *
339 * it directly switches to PMA_auth_fails() if user inactivity timout is reached
340 *
341 * @todo AllowArbitraryServer on does not imply that the user wants an
342 * arbitrary server, or? so we should also check if this is filled and
343 * not only if allowed
344 * @uses $GLOBALS['PHP_AUTH_USER']
345 * @uses $GLOBALS['PHP_AUTH_PW']
346 * @uses $GLOBALS['no_activity']
347 * @uses $GLOBALS['server']
348 * @uses $GLOBALS['from_cookie']
349 * @uses $GLOBALS['pma_auth_server']
350 * @uses $cfg['AllowArbitraryServer']
351 * @uses $cfg['LoginCookieValidity']
352 * @uses $cfg['Servers']
353 * @uses $_REQUEST['old_usr'] from logout link
354 * @uses $_REQUEST['pma_username'] from login form
355 * @uses $_REQUEST['pma_password'] from login form
356 * @uses $_REQUEST['pma_servername'] from login form
357 * @uses $_COOKIE
358 * @uses $_SESSION['last_access_time']
359 * @uses $GLOBALS['PMA_Config']->removeCookie()
360 * @uses PMA_blowfish_decrypt()
361 * @uses PMA_auth_fails()
362 * @uses time()
363 *
364 * @return boolean whether we get authentication settings or not
365 *
366 * @access public
367 */
368 function PMA_auth_check()
369 {
370 // Initialization
371 /**
372 * @global $GLOBALS['pma_auth_server'] the user provided server to connect to
373 */
374 $GLOBALS['pma_auth_server'] = '';
375
376 $GLOBALS['PHP_AUTH_USER'] = $GLOBALS['PHP_AUTH_PW'] = '';
377 $GLOBALS['from_cookie'] = false;
378
379 // BEGIN Swekey Integration
380 if (! Swekey_auth_check()) {
381 return false;
382 }
383 // END Swekey Integration
384
385 if (defined('PMA_CLEAR_COOKIES')) {
386 foreach($GLOBALS['cfg']['Servers'] as $key => $val) {
387 $GLOBALS['PMA_Config']->removeCookie('pmaPass-' . $key);
388 $GLOBALS['PMA_Config']->removeCookie('pmaServer-' . $key);
389 $GLOBALS['PMA_Config']->removeCookie('pmaUser-' . $key);
390 }
391 return false;
392 }
393
394 if (! empty($_REQUEST['old_usr'])) {
395 // The user wants to be logged out
396 // -> delete his choices that were stored in session
397
398 // according to the PHP manual we should do this before the destroy:
399 //$_SESSION = array();
400 // but we still need some parts of the session information
401 // in libraries/header_meta_style.inc.php
402
403 session_destroy();
404 // -> delete password cookie(s)
405 if ($GLOBALS['cfg']['LoginCookieDeleteAll']) {
406 foreach($GLOBALS['cfg']['Servers'] as $key => $val) {
407 $GLOBALS['PMA_Config']->removeCookie('pmaPass-' . $key);
408 if (isset($_COOKIE['pmaPass-' . $key])) {
409 unset($_COOKIE['pmaPass-' . $key]);
410 }
411 }
412 } else {
413 $GLOBALS['PMA_Config']->removeCookie('pmaPass-' . $GLOBALS['server']);
414 if (isset($_COOKIE['pmaPass-' . $GLOBALS['server']])) {
415 unset($_COOKIE['pmaPass-' . $GLOBALS['server']]);
416 }
417 }
418 }
419
420 if (! empty($_REQUEST['pma_username'])) {
421 // The user just logged in
422 $GLOBALS['PHP_AUTH_USER'] = $_REQUEST['pma_username'];
423 $GLOBALS['PHP_AUTH_PW'] = empty($_REQUEST['pma_password']) ? '' : $_REQUEST['pma_password'];
424 if ($GLOBALS['cfg']['AllowArbitraryServer'] && isset($_REQUEST['pma_servername'])) {
425 $GLOBALS['pma_auth_server'] = $_REQUEST['pma_servername'];
426 }
427 return true;
428 }
429
430 // At the end, try to set the $GLOBALS['PHP_AUTH_USER']
431 // and $GLOBALS['PHP_AUTH_PW'] variables from cookies
432
433 // servername
434 if ($GLOBALS['cfg']['AllowArbitraryServer']
435 && ! empty($_COOKIE['pmaServer-' . $GLOBALS['server']])) {
436 $GLOBALS['pma_auth_server'] = $_COOKIE['pmaServer-' . $GLOBALS['server']];
437 }
438
439 // username
440 if (empty($_COOKIE['pmaUser-' . $GLOBALS['server']])) {
441 return false;
442 }
443
444 $GLOBALS['PHP_AUTH_USER'] = PMA_blowfish_decrypt(
445 $_COOKIE['pmaUser-' . $GLOBALS['server']],
446 PMA_get_blowfish_secret());
447
448 // user was never logged in since session start
449 if (empty($_SESSION['last_access_time'])) {
450 return false;
451 }
452
453 // User inactive too long
454 if ($_SESSION['last_access_time'] < time() - $GLOBALS['cfg']['LoginCookieValidity']) {
455 PMA_cacheUnset('is_create_db_priv', true);
456 PMA_cacheUnset('is_process_priv', true);
457 PMA_cacheUnset('is_reload_priv', true);
458 PMA_cacheUnset('db_to_create', true);
459 PMA_cacheUnset('dbs_where_create_table_allowed', true);
460 $GLOBALS['no_activity'] = true;
461 PMA_auth_fails();
462 exit;
463 }
464
465 // password
466 if (empty($_COOKIE['pmaPass-' . $GLOBALS['server']])) {
467 return false;
468 }
469
470 $GLOBALS['PHP_AUTH_PW'] = PMA_blowfish_decrypt(
471 $_COOKIE['pmaPass-' . $GLOBALS['server']],
472 PMA_get_blowfish_secret());
473
474 if ($GLOBALS['PHP_AUTH_PW'] == "\xff(blank)") {
475 $GLOBALS['PHP_AUTH_PW'] = '';
476 }
477
478 $GLOBALS['from_cookie'] = true;
479
480 return true;
481 } // end of the 'PMA_auth_check()' function
482
483
484 /**
485 * Set the user and password after last checkings if required
486 *
487 * @uses $GLOBALS['PHP_AUTH_USER']
488 * @uses $GLOBALS['PHP_AUTH_PW']
489 * @uses $GLOBALS['server']
490 * @uses $GLOBALS['from_cookie']
491 * @uses $GLOBALS['pma_auth_server']
492 * @uses $cfg['Server']
493 * @uses $cfg['AllowArbitraryServer']
494 * @uses $cfg['LoginCookieStore']
495 * @uses $cfg['PmaAbsoluteUri']
496 * @uses $_SESSION['last_access_time']
497 * @uses PMA_COMING_FROM_COOKIE_LOGIN
498 * @uses $GLOBALS['PMA_Config']->setCookie()
499 * @uses PMA_blowfish_encrypt()
500 * @uses $GLOBALS['PMA_Config']->removeCookie()
501 * @uses PMA_sendHeaderLocation()
502 * @uses time()
503 * @uses define()
504 * @return boolean always true
505 *
506 * @access public
507 */
508 function PMA_auth_set_user()
509 {
510 global $cfg;
511
512 // Ensures valid authentication mode, 'only_db', bookmark database and
513 // table names and relation table name are used
514 if ($cfg['Server']['user'] != $GLOBALS['PHP_AUTH_USER']) {
515 foreach ($cfg['Servers'] as $idx => $current) {
516 if ($current['host'] == $cfg['Server']['host']
517 && $current['port'] == $cfg['Server']['port']
518 && $current['socket'] == $cfg['Server']['socket']
519 && $current['ssl'] == $cfg['Server']['ssl']
520 && $current['connect_type'] == $cfg['Server']['connect_type']
521 && $current['user'] == $GLOBALS['PHP_AUTH_USER']) {
522 $GLOBALS['server'] = $idx;
523 $cfg['Server'] = $current;
524 break;
525 }
526 } // end foreach
527 } // end if
528
529 if ($GLOBALS['cfg']['AllowArbitraryServer']
530 && ! empty($GLOBALS['pma_auth_server'])) {
531 /* Allow to specify 'host port' */
532 $parts = explode(' ', $GLOBALS['pma_auth_server']);
533 if (count($parts) == 2) {
534 $tmp_host = $parts[0];
535 $tmp_port = $parts[1];
536 } else {
537 $tmp_host = $GLOBALS['pma_auth_server'];
538 $tmp_port = '';
539 }
540 if ($cfg['Server']['host'] != $GLOBALS['pma_auth_server']) {
541 $cfg['Server']['host'] = $tmp_host;
542 if (!empty($tmp_port)) {
543 $cfg['Server']['port'] = $tmp_port;
544 }
545 }
546 unset($tmp_host, $tmp_port, $parts);
547 }
548 $cfg['Server']['user'] = $GLOBALS['PHP_AUTH_USER'];
549 $cfg['Server']['password'] = $GLOBALS['PHP_AUTH_PW'];
550
551 $_SESSION['last_access_time'] = time();
552
553 // Name and password cookies need to be refreshed each time
554 // Duration = one month for username
555 $GLOBALS['PMA_Config']->setCookie('pmaUser-' . $GLOBALS['server'],
556 PMA_blowfish_encrypt($cfg['Server']['user'],
557 PMA_get_blowfish_secret()));
558
559 // Duration = as configured
560 $GLOBALS['PMA_Config']->setCookie('pmaPass-' . $GLOBALS['server'],
561 PMA_blowfish_encrypt(!empty($cfg['Server']['password']) ? $cfg['Server']['password'] : "\xff(blank)",
562 PMA_get_blowfish_secret()),
563 null,
564 $GLOBALS['cfg']['LoginCookieStore']);
565
566 // Set server cookies if required (once per session) and, in this case, force
567 // reload to ensure the client accepts cookies
568 if (! $GLOBALS['from_cookie']) {
569 if ($GLOBALS['cfg']['AllowArbitraryServer']) {
570 if (! empty($GLOBALS['pma_auth_server'])) {
571 // Duration = one month for servername
572 $GLOBALS['PMA_Config']->setCookie('pmaServer-' . $GLOBALS['server'], $cfg['Server']['host']);
573 } else {
574 // Delete servername cookie
575 $GLOBALS['PMA_Config']->removeCookie('pmaServer-' . $GLOBALS['server']);
576 }
577 }
578
579 // URL where to go:
580 $redirect_url = $cfg['PmaAbsoluteUri'] . 'index.php';
581
582 // any parameters to pass?
583 $url_params = array();
584 if (strlen($GLOBALS['db'])) {
585 $url_params['db'] = $GLOBALS['db'];
586 }
587 if (strlen($GLOBALS['table'])) {
588 $url_params['table'] = $GLOBALS['table'];
589 }
590 // any target to pass?
591 if (! empty($GLOBALS['target']) && $GLOBALS['target'] != 'index.php') {
592 $url_params['target'] = $GLOBALS['target'];
593 }
594
595 /**
596 * whether we come from a fresh cookie login
597 */
598 define('PMA_COMING_FROM_COOKIE_LOGIN', true);
599
600 /**
601 * Clear user cache.
602 */
603 PMA_clearUserCache();
604
605 PMA_sendHeaderLocation($redirect_url . PMA_generate_common_url($url_params, '&'));
606 exit();
607 } // end if
608
609 return true;
610 } // end of the 'PMA_auth_set_user()' function
611
612
613 /**
614 * User is not allowed to login to MySQL -> authentication failed
615 *
616 * prepares error message and switches to PMA_auth() which display the error
617 * and the login form
618 *
619 * this function MUST exit/quit the application,
620 * currently doen by call to PMA_auth()
621 *
622 * @uses $GLOBALS['server']
623 * @uses $GLOBALS['allowDeny_forbidden']
624 * @uses $GLOBALS['no_activity']
625 * @uses $cfg['LoginCookieValidity']
626 * @uses $GLOBALS['PMA_Config']->removeCookie()
627 * @uses PMA_getenv()
628 * @uses PMA_DBI_getError()
629 * @uses PMA_sanitize()
630 * @uses PMA_auth()
631 * @uses sprintf()
632 * @uses basename()
633 * @access public
634 */
635 function PMA_auth_fails()
636 {
637 global $conn_error;
638
639 // Deletes password cookie and displays the login form
640 $GLOBALS['PMA_Config']->removeCookie('pmaPass-' . $GLOBALS['server']);
641
642 if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
643 $conn_error = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
644 } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
645 $conn_error = __('Access denied');
646 } elseif (! empty($GLOBALS['no_activity'])) {
647 $conn_error = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
648 // Remember where we got timeout to return on same place
649 if (PMA_getenv('SCRIPT_NAME')) {
650 $GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME'));
651 // avoid "missing parameter: field" on re-entry
652 if ('tbl_alter.php' == $GLOBALS['target']) {
653 $GLOBALS['target'] = 'tbl_structure.php';
654 }
655 }
656 } elseif (PMA_DBI_getError()) {
657 $conn_error = '#' . $GLOBALS['errno'] . ' ' . __('Cannot log in to the MySQL server');
658 } else {
659 $conn_error = __('Cannot log in to the MySQL server');
660 }
661
662 // needed for PHP-CGI (not need for FastCGI or mod-php)
663 header('Cache-Control: no-store, no-cache, must-revalidate');
664 header('Pragma: no-cache');
665
666 PMA_auth();
667 } // end of the 'PMA_auth_fails()' function
668
669 ?>