Permalink
Browse files

Customize login and login form

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@860 7c3ca157-0c34-0410-bff1-cbf682f78f5c
  • Loading branch information...
1 parent 70b7207 commit 2faa08cd150fce9eab47b42db72872df0e86f495 jakubvrana committed Jul 21, 2009
@@ -21,6 +21,31 @@ function adminer_database() {
return call_adminer('database', $_GET["db"]);
}
+/** Print login form
+* @param string
+* @return bool whether to display default login form
+*/
+function adminer_login_form($username) {
+ if (call_adminer('login_form', true, $username)) {
+ ?>
+ <table cellspacing="0">
+ <tr><th><?php echo lang('Server'); ?><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>">
+ <tr><th><?php echo lang('Username'); ?><td><input name="username" value="<?php echo htmlspecialchars($username); ?>">
+ <tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
+ </table>
+<?php
+ }
+}
+
+/** Authorize the user
+* @param string
+* @param string
+* @return bool
+*/
+function adminer_login($login, $password) {
+ return call_adminer('login', true, $login, $password);
+}
+
/** Table caption used in navigation and headings
* @param array result of SHOW TABLE STATUS
* @return string
@@ -40,16 +40,10 @@ function auth_error($exception = null) {
global $ignore, $dbh;
$username = $_SESSION["usernames"][$_GET["server"]];
unset($_SESSION["usernames"][$_GET["server"]]);
- page_header(lang('Login'), (isset($username) ? htmlspecialchars($exception ? $exception->getMessage() : ($dbh ? $dbh : lang('Invalid credentials.'))) : (isset($_POST["server"]) ? lang('Sessions must be enabled.') : ($_POST ? lang('Session expired, please login again.') : ""))), null);
- ?>
- <form action="" method="post">
- <table cellspacing="0">
- <tr><th><?php echo lang('Server'); ?><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>">
- <tr><th><?php echo lang('Username'); ?><td><input name="username" value="<?php echo htmlspecialchars($username); ?>">
- <tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
- </table>
- <p>
-<?php
+ page_header(lang('Login'), (isset($username) ? htmlspecialchars($exception ? $exception->getMessage() : (is_string($dbh) ? $dbh : lang('Invalid credentials.'))) : (isset($_POST["server"]) ? lang('Sessions must be enabled.') : ($_POST ? lang('Session expired, please login again.') : ""))), null);
+ echo "<form action='' method='post'>\n";
+ adminer_login_form($login);
+ echo "<p>\n";
hidden_fields($_POST, $ignore); // expired session
foreach ($_FILES as $key => $val) {
echo '<input type="hidden" name="files[' . htmlspecialchars($key) . ']" value="' . ($val["error"] ? $val["error"] : base64_encode(file_get_contents($val["tmp_name"]))) . '">';
@@ -67,8 +61,8 @@ function auth_error($exception = null) {
$username = $_GET["username"]; // default username can be passed in URL
}
$dbh = (isset($username) ? connect() : '');
-unset($username);
-if (is_string($dbh)) {
+if (is_string($dbh) || !adminer_login($username, $_SESSION["passwords"][$_GET["server"]])) {
auth_error();
exit;
}
+unset($username);
@@ -91,7 +91,7 @@ function save_coverage() {
}
include "../adminer/include/pdo.inc.php";
include "../adminer/include/mysql.inc.php";
-include "./include/auth.inc.php";
+include "../adminer/include/auth.inc.php";
include "./include/connect.inc.php";
include "./include/editing.inc.php";
include "./include/export.inc.php";
@@ -12,6 +12,21 @@ function adminer_database() {
return call_adminer('database', (count($dbs) == 1 ? $dbs[0] : (count($dbs) == 2 && information_schema($dbs[0]) ? $dbs[1] : 'test')));
}
+function adminer_login_form($username) {
+ if (call_adminer('login_form', true, $username)) {
+ ?>
+ <table cellspacing="0">
+ <tr><th><?php echo lang('Username'); ?><td><input type="hidden" name="server" value="" /><input name="username" value="<?php echo htmlspecialchars($username); ?>">
+ <tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
+ </table>
+<?php
+ }
+}
+
+function adminer_login($login, $password) {
+ return call_adminer('login', true, $login, $password);
+}
+
function adminer_table_name($row) {
table_comment($row);
return call_adminer('table_name', htmlspecialchars(strlen($row["Comment"]) ? $row["Comment"] : $row["Name"]), $row);
@@ -1,12 +0,0 @@
-<?php
-function auth_error($exception = null) {
- page_header(lang('Login'), htmlspecialchars(lang('Invalid credentials.'), null));
- page_footer("auth");
-}
-
-$dbh = connect();
-if (is_string($dbh)) {
- auth_error();
- exit;
-}
-$_SESSION["tokens"][$_GET["server"]] = rand(1, 1e6); // defense against cross-site request forgery
@@ -19,6 +19,10 @@ function database() {
return 'cds';
}
+ function login($login, $password) {
+ return ($login == 'admin');
+ }
+
}
include "./editor.php";

0 comments on commit 2faa08c

Please sign in to comment.