1 | <?php |
||
2 | /** |
||
3 | * Single signon for phpMyAdmin |
||
4 | * |
||
5 | * This is just example how to use session based single signon with |
||
6 | * phpMyAdmin, it is not intended to be perfect code and look, only |
||
7 | * shows how you can integrate this functionality in your application. |
||
8 | */ |
||
9 | |||
10 | declare(strict_types=1); |
||
11 | |||
12 | /* Use cookies for session */ |
||
13 | ini_set('session.use_cookies', 'true'); |
||
14 | /* Change this to true if using phpMyAdmin over https */ |
||
15 | $secureCookie = false; |
||
16 | /* Need to have cookie visible from parent directory */ |
||
17 | session_set_cookie_params(0, '/', '', $secureCookie, true); |
||
18 | /* Create signon session */ |
||
19 | $sessionName = 'SignonSession'; |
||
20 | session_name($sessionName); |
||
21 | // Uncomment and change the following line to match your $cfg['SessionSavePath'] |
||
22 | //session_save_path('/foobar'); |
||
23 | @session_start(); |
||
24 | |||
25 | /* Was data posted? */ |
||
26 | if (isset($_POST['user'])) { |
||
27 | /* Store there credentials */ |
||
28 | $_SESSION['PMA_single_signon_user'] = $_POST['user']; |
||
29 | $_SESSION['PMA_single_signon_password'] = $_POST['password']; |
||
30 | $_SESSION['PMA_single_signon_host'] = $_POST['host']; |
||
31 | $_SESSION['PMA_single_signon_port'] = $_POST['port']; |
||
32 | /* Update another field of server configuration */ |
||
33 | $_SESSION['PMA_single_signon_cfgupdate'] = ['verbose' => 'Signon test']; |
||
34 | $_SESSION['PMA_single_signon_HMAC_secret'] = hash('sha1', uniqid(strval(random_int(0, mt_getrandmax())), true)); |
||
35 | $id = session_id(); |
||
36 | /* Close that session */ |
||
37 | @session_write_close(); |
||
0 ignored issues
–
show
|
|||
38 | /* Redirect to phpMyAdmin (should use absolute URL here!) */ |
||
39 | header('Location: ../index.php'); |
||
40 | } else { |
||
41 | /* Show simple form */ |
||
42 | header('Content-Type: text/html; charset=utf-8'); |
||
43 | |||
44 | echo '<?xml version="1.0" encoding="utf-8"?>' . "\n"; |
||
45 | echo '<!DOCTYPE HTML> |
||
46 | <html lang="en" dir="ltr"> |
||
47 | <head> |
||
48 | <link rel="icon" href="../favicon.ico" type="image/x-icon"> |
||
49 | <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon"> |
||
50 | <meta charset="utf-8"> |
||
51 | <title>phpMyAdmin single signon example</title> |
||
52 | </head> |
||
53 | <body>'; |
||
54 | |||
55 | if (isset($_SESSION['PMA_single_signon_error_message'])) { |
||
56 | echo '<p class="error">'; |
||
57 | echo $_SESSION['PMA_single_signon_error_message']; |
||
58 | echo '</p>'; |
||
59 | } |
||
60 | |||
61 | echo '<form action="signon.php" method="post"> |
||
62 | Username: <input type="text" name="user" autocomplete="username" spellcheck="false"><br> |
||
63 | Password: <input type="password" name="password" autocomplete="current-password" spellcheck="false"><br> |
||
64 | Host: (will use the one from config.inc.php by default) |
||
65 | <input type="text" name="host"><br> |
||
66 | Port: (will use the one from config.inc.php by default) |
||
67 | <input type="text" name="port"><br> |
||
68 | <input type="submit"> |
||
69 | </form> |
||
70 | </body> |
||
71 | </html>'; |
||
72 | } |
||
73 |
If you suppress an error, we recommend checking for the error condition explicitly: