Do not attempt logging in without password (bug #676)
This commit is contained in:
parent
0e6f1972e9
commit
15900301ee
|
@ -160,7 +160,7 @@ if (isset($_GET["username"]) && !class_exists("Min_DB")) {
|
||||||
|
|
||||||
stop_session(true);
|
stop_session(true);
|
||||||
|
|
||||||
if (isset($_GET["username"])) {
|
if (isset($_GET["username"]) && is_string(get_password())) {
|
||||||
list($host, $port) = explode(":", SERVER, 2);
|
list($host, $port) = explode(":", SERVER, 2);
|
||||||
if (is_numeric($port) && $port < 1024) {
|
if (is_numeric($port) && $port < 1024) {
|
||||||
auth_error(lang('Connecting to privileged ports is not allowed.'));
|
auth_error(lang('Connecting to privileged ports is not allowed.'));
|
||||||
|
|
|
@ -351,7 +351,7 @@ function set_password($vendor, $server, $username, $password) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Get password from session
|
/** Get password from session
|
||||||
* @return string
|
* @return string or null for missing password or false for expired password
|
||||||
*/
|
*/
|
||||||
function get_password() {
|
function get_password() {
|
||||||
$return = get_session("pwds");
|
$return = get_session("pwds");
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
Adminer 4.7.2-dev:
|
Adminer 4.7.2-dev:
|
||||||
|
Do not attempt logging in without password (bug #676)
|
||||||
MySQL: Fix creating users and changing password in MySQL 8 (bug #663)
|
MySQL: Fix creating users and changing password in MySQL 8 (bug #663)
|
||||||
|
|
||||||
Adminer 4.7.1 (released 2019-01-24):
|
Adminer 4.7.1 (released 2019-01-24):
|
||||||
|
|
Loading…
Reference in a new issue