Unset wrong login from permanent logins

diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index c683fb97140a9b1ffa8fa35f137849a188f05c52..6a07e26ed4c3853560533eb3e45be9e86949d556 100644 (file)
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -41,11 +41,7 @@ if ($auth) {
                foreach (array("pwds", "dbs", "queries") as $key) {
                        set_session($key, null);
                }
-               $key = base64_encode(DRIVER) . "-" . base64_encode(SERVER) . "-" . base64_encode($_GET["username"]);
-               if ($permanent[$key]) {
-                       unset($permanent[$key]);
-                       cookie("adminer_permanent", implode(" ", $permanent));
-               }
+               unset_permanent();
                redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
        }
 } elseif ($permanent && !$_SESSION["pwds"]) {
@@ -58,6 +54,15 @@ if ($auth) {
        }
 }
 
+function unset_permanent() {
+       global $permanent;
+       $key = base64_encode(DRIVER) . "-" . base64_encode(SERVER) . "-" . base64_encode($_GET["username"]);
+       if ($permanent[$key]) {
+               unset($permanent[$key]);
+               cookie("adminer_permanent", implode(" ", $permanent));
+       }
+}
+
 function auth_error($exception = null) {
        global $connection, $adminer, $token;
        $session_name = session_name();
@@ -73,6 +78,7 @@ function auth_error($exception = null) {
                                $error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
                                $password = null;
                        }
+                       unset_permanent();
                }
        }
        page_header(lang('Login'), $error, null);
@@ -87,7 +93,8 @@ function auth_error($exception = null) {
 
 if (isset($_GET["username"])) {
        if (!class_exists("Min_DB")) {
-               unset($_SESSION["pwds"][DRIVER]); //! remove also from adminer_permanent
+               unset($_SESSION["pwds"][DRIVER]);
+               unset_permanent();
                page_header(lang('No extension'), lang('None of the supported PHP extensions (%s) are available.', implode(", ", $possible_drivers)), false);
                page_footer("auth");
                exit;

diff --git a/adminer/include/bootstrap.inc.php b/adminer/include/bootstrap.inc.php
index 85cb90380009c3838f5c85cdc63122a70ded62bf..e8de1332878aa85894b795019f2a778c540d682f 100644 (file)
--- a/adminer/include/bootstrap.inc.php
+++ b/adminer/include/bootstrap.inc.php
@@ -21,7 +21,7 @@ if (isset($_GET["file"])) {
 
 include "../adminer/include/functions.inc.php";
 
-global $adminer, $connection, $drivers, $edit_functions, $enum_length, $error, $functions, $grouping, $HTTPS, $inout, $jush, $LANG, $langs, $on_actions, $structured_types, $token, $translations, $types, $unsigned, $VERSION; // allows including Adminer inside a function
+global $adminer, $connection, $drivers, $edit_functions, $enum_length, $error, $functions, $grouping, $HTTPS, $inout, $jush, $LANG, $langs, $on_actions, $permanent, $structured_types, $token, $translations, $types, $unsigned, $VERSION; // allows including Adminer inside a function
 
 if (!$_SERVER["REQUEST_URI"]) { // IIS 5 compatibility
        $_SERVER["REQUEST_URI"] = $_SERVER["ORIG_PATH_INFO"];