* @return null
*/
function navigation($missing) {
- global $VERSION, $connection, $token, $driver;
+ global $VERSION, $connection, $token, $driver, $drivers;
?>
<h1>
<a href="http://www.adminer.org/" id="h1"><?php echo $this->name(); ?></a>
<a href="http://www.adminer.org/#download" id="version"><?php echo (version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? h($_COOKIE["adminer_version"]) : ""); ?></a>
</h1>
<?php
- if ($missing != "auth") {
+ if ($missing == "auth") {
+ $first = true;
+ foreach ((array) $_SESSION["passwords"] as $key => $servers) { // $driver is global variable
+ foreach ($servers as $server => $usernames) {
+ foreach ($usernames as $username => $password) {
+ if (isset($password)) {
+ if ($first) {
+ echo "<p>\n";
+ $first = false;
+ }
+ echo "<a href='" . h(auth_url($key, $server, $username)) . "'>($drivers[$key]) " . h($username . ($server != "" ? "@$server" : "")) . "</a><br>\n";
+ }
+ }
+ }
+ }
+ } else {
$databases = get_databases();
?>
<form action="" method="post">
|| SERVER != $_POST["server"]
|| $_GET["username"] !== $_POST["username"] // "0" == "00"
) {
- preg_match('~([^?]*)\\??(.*)~', remove_from_uri(implode("|", array_keys($drivers)) . "|username|" . session_name()), $match);
- redirect("$match[1]?"
- . (SID ? SID . "&" : "")
- . ($_POST["driver"] != "server" || $_POST["server"] != "" ? urlencode($_POST["driver"]) . "=" . urlencode($_POST["server"]) . "&" : "")
- . "username=" . urlencode($_POST["username"])
- . ($match[2] ? "&$match[2]" : "")
- );
+ redirect(auth_url($_POST["driver"], $_POST["server"], $_POST["username"]));
}
} elseif ($_POST["logout"]) {
if ($token && $_POST["token"] != $token) {
if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) {
$error = lang('Session expired, please login again.');
} else {
- $password = get_session("passwords");
+ $password = &get_session("passwords");
if (isset($password)) {
$error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
+ $password = null;
}
}
}
$_SESSION[$key][DRIVER][SERVER][$_GET["username"]] = $val; // used also in auth.inc.php
}
+/** Get authenticated URL
+* @param string
+* @param string
+* @param string
+* @return string
+*/
+function auth_url($driver, $server, $username) {
+ global $drivers;
+ preg_match('~([^?]*)\\??(.*)~', remove_from_uri(implode("|", array_keys($drivers)) . "|username|" . session_name()), $match);
+ return "$match[1]?"
+ . (SID ? SID . "&" : "")
+ . ($driver != "server" || $server != "" ? urlencode($driver) . "=" . urlencode($server) . "&" : "")
+ . "username=" . urlencode($username)
+ . ($match[2] ? "&$match[2]" : "")
+ ;
+}
+
/** Send Location header and exit
* @param string null to only set a message
* @param string
<a href="http://www.adminer.org/editor/#download" id="version"><?php echo (version_compare($VERSION, $_COOKIE["adminer_version"]) < 0 ? h($_COOKIE["adminer_version"]) : ""); ?></a>
</h1>
<?php
- if ($missing != "auth") {
+ if ($missing == "auth") {
+ $first = true;
+ foreach ((array) $_SESSION["passwords"]["server"][""] as $username => $password) {
+ if (isset($password)) {
+ if ($first) {
+ echo "<p>\n";
+ $first = false;
+ }
+ echo "<a href='" . h(auth_url("server", "", $username)) . "'>" . h($username) . "</a><br>\n";
+ }
+ }
+ } else {
?>
<form action="" method="post">
<p class="logout">
projects / adminer.git / commitdiff