diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php index f18fa4cc..c25dc33f 100644 --- a/adminer/include/auth.inc.php +++ b/adminer/include/auth.inc.php @@ -120,6 +120,7 @@ function auth_error($error) { if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$has_token) { $error = lang('Session expired, please login again.'); } else { + restart_session(); add_invalid_login(); $password = get_password(); if ($password !== null) { @@ -149,14 +150,19 @@ function auth_error($error) { exit; } +if (isset($_GET["username"]) && !class_exists("Min_DB")) { + unset($_SESSION["pwds"][DRIVER]); + unset_permanent(); + page_header(lang('No extension'), lang('None of the supported PHP extensions (%s) are available.', implode(", ", $possible_drivers)), false); + page_footer("auth"); + exit; +} + +if (!ini_bool("session.use_cookies") || @ini_set("session.use_cookies", false) !== false) { // @ - may be disabled + session_write_close(); // improves concurrency if a user opens several pages at once, may be restarted later +} + if (isset($_GET["username"])) { - if (!class_exists("Min_DB")) { - unset($_SESSION["pwds"][DRIVER]); - unset_permanent(); - page_header(lang('No extension'), lang('None of the supported PHP extensions (%s) are available.', implode(", ", $possible_drivers)), false); - page_footer("auth"); - exit; - } list($host, $port) = explode(":", SERVER, 2); if (is_numeric($port) && $port < 1024) { auth_error(lang('Connecting to privileged ports is not allowed.')); diff --git a/adminer/include/bootstrap.inc.php b/adminer/include/bootstrap.inc.php index 2ae17f9c..76c4543f 100644 --- a/adminer/include/bootstrap.inc.php +++ b/adminer/include/bootstrap.inc.php @@ -95,11 +95,6 @@ include "./include/adminer.inc.php"; include "../adminer/include/design.inc.php"; include "../adminer/include/xxtea.inc.php"; include "../adminer/include/auth.inc.php"; - -if (!ini_bool("session.use_cookies") || @ini_set("session.use_cookies", false) !== false) { // @ - may be disabled - session_write_close(); // improves concurrency if a user opens several pages at once, may be restarted later -} - include "./include/editing.inc.php"; include "./include/connect.inc.php"; diff --git a/changes.txt b/changes.txt index d62c16e4..3e83fd8c 100644 --- a/changes.txt +++ b/changes.txt @@ -1,4 +1,5 @@ Adminer 4.6.3-dev: +Stop session before connecting PDO: Support binary fields download Adminer 4.6.2 (released 2018-02-20):