Customize login and login form
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@860 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
parent
70b72075ca
commit
2faa08cd15
|
|
@ -21,6 +21,31 @@ function adminer_database() {
|
|||
return call_adminer('database', $_GET["db"]);
|
||||
}
|
||||
|
||||
/** Print login form
|
||||
* @param string
|
||||
* @return bool whether to display default login form
|
||||
*/
|
||||
function adminer_login_form($username) {
|
||||
if (call_adminer('login_form', true, $username)) {
|
||||
?>
|
||||
<table cellspacing="0">
|
||||
<tr><th><?php echo lang('Server'); ?><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>">
|
||||
<tr><th><?php echo lang('Username'); ?><td><input name="username" value="<?php echo htmlspecialchars($username); ?>">
|
||||
<tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
|
||||
</table>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
|
||||
/** Authorize the user
|
||||
* @param string
|
||||
* @param string
|
||||
* @return bool
|
||||
*/
|
||||
function adminer_login($login, $password) {
|
||||
return call_adminer('login', true, $login, $password);
|
||||
}
|
||||
|
||||
/** Table caption used in navigation and headings
|
||||
* @param array result of SHOW TABLE STATUS
|
||||
* @return string
|
||||
|
|
|
|||
|
|
@ -40,16 +40,10 @@ function auth_error($exception = null) {
|
|||
global $ignore, $dbh;
|
||||
$username = $_SESSION["usernames"][$_GET["server"]];
|
||||
unset($_SESSION["usernames"][$_GET["server"]]);
|
||||
page_header(lang('Login'), (isset($username) ? htmlspecialchars($exception ? $exception->getMessage() : ($dbh ? $dbh : lang('Invalid credentials.'))) : (isset($_POST["server"]) ? lang('Sessions must be enabled.') : ($_POST ? lang('Session expired, please login again.') : ""))), null);
|
||||
?>
|
||||
<form action="" method="post">
|
||||
<table cellspacing="0">
|
||||
<tr><th><?php echo lang('Server'); ?><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>">
|
||||
<tr><th><?php echo lang('Username'); ?><td><input name="username" value="<?php echo htmlspecialchars($username); ?>">
|
||||
<tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
|
||||
</table>
|
||||
<p>
|
||||
<?php
|
||||
page_header(lang('Login'), (isset($username) ? htmlspecialchars($exception ? $exception->getMessage() : (is_string($dbh) ? $dbh : lang('Invalid credentials.'))) : (isset($_POST["server"]) ? lang('Sessions must be enabled.') : ($_POST ? lang('Session expired, please login again.') : ""))), null);
|
||||
echo "<form action='' method='post'>\n";
|
||||
adminer_login_form($login);
|
||||
echo "<p>\n";
|
||||
hidden_fields($_POST, $ignore); // expired session
|
||||
foreach ($_FILES as $key => $val) {
|
||||
echo '<input type="hidden" name="files[' . htmlspecialchars($key) . ']" value="' . ($val["error"] ? $val["error"] : base64_encode(file_get_contents($val["tmp_name"]))) . '">';
|
||||
|
|
@ -67,8 +61,8 @@ if (!isset($username)) {
|
|||
$username = $_GET["username"]; // default username can be passed in URL
|
||||
}
|
||||
$dbh = (isset($username) ? connect() : '');
|
||||
unset($username);
|
||||
if (is_string($dbh)) {
|
||||
if (is_string($dbh) || !adminer_login($username, $_SESSION["passwords"][$_GET["server"]])) {
|
||||
auth_error();
|
||||
exit;
|
||||
}
|
||||
unset($username);
|
||||
|
|
|
|||
|
|
@ -91,7 +91,7 @@ if (isset($_GET["coverage"])) {
|
|||
}
|
||||
include "../adminer/include/pdo.inc.php";
|
||||
include "../adminer/include/mysql.inc.php";
|
||||
include "./include/auth.inc.php";
|
||||
include "../adminer/include/auth.inc.php";
|
||||
include "./include/connect.inc.php";
|
||||
include "./include/editing.inc.php";
|
||||
include "./include/export.inc.php";
|
||||
|
|
|
|||
|
|
@ -12,6 +12,21 @@ function adminer_database() {
|
|||
return call_adminer('database', (count($dbs) == 1 ? $dbs[0] : (count($dbs) == 2 && information_schema($dbs[0]) ? $dbs[1] : 'test')));
|
||||
}
|
||||
|
||||
function adminer_login_form($username) {
|
||||
if (call_adminer('login_form', true, $username)) {
|
||||
?>
|
||||
<table cellspacing="0">
|
||||
<tr><th><?php echo lang('Username'); ?><td><input type="hidden" name="server" value="" /><input name="username" value="<?php echo htmlspecialchars($username); ?>">
|
||||
<tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
|
||||
</table>
|
||||
<?php
|
||||
}
|
||||
}
|
||||
|
||||
function adminer_login($login, $password) {
|
||||
return call_adminer('login', true, $login, $password);
|
||||
}
|
||||
|
||||
function adminer_table_name($row) {
|
||||
table_comment($row);
|
||||
return call_adminer('table_name', htmlspecialchars(strlen($row["Comment"]) ? $row["Comment"] : $row["Name"]), $row);
|
||||
|
|
|
|||
|
|
@ -1,12 +0,0 @@
|
|||
<?php
|
||||
function auth_error($exception = null) {
|
||||
page_header(lang('Login'), htmlspecialchars(lang('Invalid credentials.'), null));
|
||||
page_footer("auth");
|
||||
}
|
||||
|
||||
$dbh = connect();
|
||||
if (is_string($dbh)) {
|
||||
auth_error();
|
||||
exit;
|
||||
}
|
||||
$_SESSION["tokens"][$_GET["server"]] = rand(1, 1e6); // defense against cross-site request forgery
|
||||
|
|
@ -19,6 +19,10 @@ class Adminer {
|
|||
return 'cds';
|
||||
}
|
||||
|
||||
function login($login, $password) {
|
||||
return ($login == 'admin');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
include "./editor.php";
|
||||
|
|
|
|||
Loading…
Reference in a new issue