Skip to content

Commit

Permalink
Merge branch 'QA_4_4'
Browse files Browse the repository at this point in the history
  • Loading branch information
@madhuracj
madhuracj committed May 29, 2015
2 parents 19f8048 + 0391bab commit 52a06ee
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 44 deletions.
1 change: 1 addition & 0 deletions ChangeLog
View file
Expand Up @@ -47,6 +47,7 @@ phpMyAdmin - ChangeLog
4.4.9.0 (not yet released)
- bug #4920 relation view doesn't list fields of table in other database
- bug #4905 Sorting by an alias
- bug #4931 False error before entering reCAPTCHA

4.4.8.0 (2015-05-28)
- bug Allow accessing visual query builder when pmadb is not configured
Expand Down
89 changes: 45 additions & 44 deletions libraries/plugins/auth/AuthenticationCookie.class.php
View file
Expand Up @@ -323,50 +323,6 @@ public function authCheck()
return false;
}

// We already have one correct captcha.
$skip = false;
if (isset($_SESSION['last_valid_captcha'])
&& $_SESSION['last_valid_captcha']
) {
$skip = true;
}

// Verify Captcha if it is required.
if (!empty($GLOBALS['cfg']['CaptchaLoginPrivateKey'])
&& !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])
&& !$skip
) {
if (! empty($_POST["g-recaptcha-response"])) {

include_once 'libraries/plugins/auth/recaptcha/recaptchalib.php';
$reCaptcha = new ReCaptcha(
$GLOBALS['cfg']['CaptchaLoginPrivateKey']
);

// verify captcha status.
$resp = $reCaptcha->verifyResponse(
$_SERVER["REMOTE_ADDR"],
$_POST["g-recaptcha-response"]
);

// Check if the captcha entered is valid, if not stop the login.
if ($resp == null || ! $resp->success) {
$conn_error = __('Entered captcha is wrong, try again!');
$_SESSION['last_valid_captcha'] = false;
return false;
} else {
$_SESSION['last_valid_captcha'] = true;
}
} else {
if (! isset($_SESSION['last_valid_captcha'])
|| ! $_SESSION['last_valid_captcha']
) {
$conn_error = __('Please enter correct captcha!');
return false;
}
}
}

if (! empty($_REQUEST['old_usr'])) {
// The user wants to be logged out
// -> delete his choices that were stored in session
Expand Down Expand Up @@ -398,6 +354,51 @@ public function authCheck()
}

if (! empty($_REQUEST['pma_username'])) {

// We already have one correct captcha.
$skip = false;
if (isset($_SESSION['last_valid_captcha'])
&& $_SESSION['last_valid_captcha']
) {
$skip = true;
}

// Verify Captcha if it is required.
if (! empty($GLOBALS['cfg']['CaptchaLoginPrivateKey'])
&& ! empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])
&& ! $skip
) {
if (! empty($_POST["g-recaptcha-response"])) {

include_once 'libraries/plugins/auth/recaptcha/recaptchalib.php';
$reCaptcha = new ReCaptcha(
$GLOBALS['cfg']['CaptchaLoginPrivateKey']
);

// verify captcha status.
$resp = $reCaptcha->verifyResponse(
$_SERVER["REMOTE_ADDR"],
$_POST["g-recaptcha-response"]
);

// Check if the captcha entered is valid, if not stop the login.
if ($resp == null || ! $resp->success) {
$conn_error = __('Entered captcha is wrong, try again!');
$_SESSION['last_valid_captcha'] = false;
return false;
} else {
$_SESSION['last_valid_captcha'] = true;
}
} else {
if (! isset($_SESSION['last_valid_captcha'])
|| ! $_SESSION['last_valid_captcha']
) {
$conn_error = __('Please enter correct captcha!');
return false;
}
}
}

// The user just logged in
$GLOBALS['PHP_AUTH_USER'] = $_REQUEST['pma_username'];
$GLOBALS['PHP_AUTH_PW'] = empty($_REQUEST['pma_password'])
Expand Down

0 comments on commit 52a06ee

Please sign in to comment.