From 4ba2d85623507aaaa0765be8fa8c224ead0ea0e6 Mon Sep 17 00:00:00 2001 From: Jakub Vrana Date: Thu, 6 May 2010 15:45:34 +0200 Subject: [PATCH] Allow permanent login without customization --- adminer/include/adminer.inc.php | 6 ++---- adminer/include/functions.inc.php | 31 +++++++++++++++++++++++++++++++ adminer/include/xxtea.inc.php | 2 +- changes.txt | 1 + editor/include/adminer.inc.php | 8 +++----- 5 files changed, 38 insertions(+), 10 deletions(-) diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php index 9bed3601..c8d23cc4 100644 --- a/adminer/include/adminer.inc.php +++ b/adminer/include/adminer.inc.php @@ -21,7 +21,7 @@ class Adminer { * @return string cryptic string which gets combined with password */ function permanentLogin() { - return ""; + return password_file(); } /** Identifier of selected database @@ -49,9 +49,7 @@ document.getElementById('username').focus(); \n"; - if ($this->permanentLogin()) { - echo checkbox("permanent", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n"; - } + echo checkbox("permanent", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n"; } /** Authorize the user diff --git a/adminer/include/functions.inc.php b/adminer/include/functions.inc.php index 37a4d6be..818121a0 100644 --- a/adminer/include/functions.inc.php +++ b/adminer/include/functions.inc.php @@ -644,6 +644,37 @@ function apply_sql_function($function, $column) { return ($function ? ($function == "unixepoch" ? "DATETIME($column, '$function')" : ($function == "count distinct" ? "COUNT(DISTINCT " : strtoupper("$function(")) . "$column)") : $column); } +/** Read password from file adminer.key in temporary directory or create one +* @return string or false if the file can not be created +*/ +function password_file() { + $dir = ini_get("upload_tmp_dir"); // session_save_path() may contain other storage path + if (!$dir) { + if (function_exists('sys_get_temp_dir')) { + $dir = sys_get_temp_dir(); + } else { + $filename = @tempnam("", ""); // @ - temp directory can be disabled by open_basedir + if (!$filename) { + return false; + } + $dir = dirname($filename); + unlink($filename); + } + } + $filename = "$dir/adminer.key"; + $return = @file_get_contents($filename); // @ - can not exist + if ($return) { + return $return; + } + $fp = @fopen($filename, "w"); // @ - can have insufficient rights //! is not atomic + if ($fp) { + $return = md5(uniqid(mt_rand(), true)); + fwrite($fp, $return); + fclose($fp); + } + return $return; +} + /** Check whether the string is e-mail address * @param string * @return bool diff --git a/adminer/include/xxtea.inc.php b/adminer/include/xxtea.inc.php index 774c8198..7467a0da 100644 --- a/adminer/include/xxtea.inc.php +++ b/adminer/include/xxtea.inc.php @@ -1,5 +1,5 @@ * @link http://www.coolcode.cn/?action=show&id=128 */ diff --git a/changes.txt b/changes.txt index 0df572fd..4cbd5665 100644 --- a/changes.txt +++ b/changes.txt @@ -1,6 +1,7 @@ Adminer 3.0.0-dev: Drivers for MS SQL, SQLite, PostgreSQL Allow concurrent logins on the same server +Allow permanent login without customization In-place editation in select Show number of tables in server overview Operator LIKE %% diff --git a/editor/include/adminer.inc.php b/editor/include/adminer.inc.php index 3c18971c..dc8a9324 100644 --- a/editor/include/adminer.inc.php +++ b/editor/include/adminer.inc.php @@ -7,14 +7,14 @@ class Adminer { return lang('Editor'); } - //! driver + //! driver, ns function credentials() { return array(); // default INI settings } function permanentLogin() { - return ""; + return password_file(); } function database() { @@ -37,9 +37,7 @@ document.getElementById('username').focus(); \n"; - if ($this->permanentLogin()) { - echo checkbox("permanent", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n"; - } + echo checkbox("permanent", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n"; } function login($login, $password) {