Use namespace in login form

diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php
index 75c71c4a159ca37dc652b59aaa8d9b4005a80ab7..81fd02be2525d88664e38244b838f6bfdd7ee4fb 100644 (file)
--- a/adminer/include/adminer.inc.php
+++ b/adminer/include/adminer.inc.php
@@ -63,19 +63,19 @@ class Adminer {
                global $drivers;
                ?>
 <table cellspacing="0">
-<tr><th><?php echo lang('System'); ?><td><?php echo html_select("driver", $drivers, DRIVER, "loginDriver(this);"); ?>
-<tr><th><?php echo lang('Server'); ?><td><input name="server" value="<?php echo h(SERVER); ?>" title="hostname[:port]">
-<tr><th><?php echo lang('Username'); ?><td><input id="username" name="username" value="<?php echo h($_GET["username"]); ?>">
-<tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
+<tr><th><?php echo lang('System'); ?><td><?php echo html_select("auth[driver]", $drivers, DRIVER, "loginDriver(this);"); ?>
+<tr><th><?php echo lang('Server'); ?><td><input name="auth[server]" value="<?php echo h(SERVER); ?>" title="hostname[:port]">
+<tr><th><?php echo lang('Username'); ?><td><input id="username" name="auth[username]" value="<?php echo h($_GET["username"]); ?>">
+<tr><th><?php echo lang('Password'); ?><td><input type="password" name="auth[password]">
 </table>
 <script type="text/javascript">
 var username = document.getElementById('username');
 username.focus();
-username.form['driver'].onchange();
+username.form['auth[driver]'].onchange();
 </script>
 <?php
                echo "<p><input type='submit' value='" . lang('Login') . "'>\n";
-               echo checkbox("permanent", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
+               echo checkbox("auth[permanent]", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
        }
        
        /** Authorize the user

diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php
index 4b1fd0f734ebf2134cf26238ed8dfd6a10fb606b..a8f04d9db5403932930d12a2f31658a866533a6d 100644 (file)
--- a/adminer/include/auth.inc.php
+++ b/adminer/include/auth.inc.php
@@ -14,21 +14,22 @@ if ($_COOKIE["adminer_permanent"]) {
        }
 }
 
-if (isset($_POST["server"])) {
+$auth = $_POST["auth"];
+if ($auth) {
        session_regenerate_id(); // defense against session fixation
-       $_SESSION["pwds"][$_POST["driver"]][$_POST["server"]][$_POST["username"]] = $_POST["password"];
-       if ($_POST["permanent"]) {
-               $key = base64_encode($_POST["driver"]) . "-" . base64_encode($_POST["server"]) . "-" . base64_encode($_POST["username"]);
+       $_SESSION["pwds"][$auth["driver"]][$auth["server"]][$auth["username"]] = $auth["password"];
+       if ($auth["permanent"]) {
+               $key = base64_encode($auth["driver"]) . "-" . base64_encode($auth["server"]) . "-" . base64_encode($auth["username"]);
                $private = $adminer->permanentLogin();
-               $permanent[$key] = "$key:" . base64_encode($private ? encrypt_string($_POST["password"], $private) : "");
+               $permanent[$key] = "$key:" . base64_encode($private ? encrypt_string($auth["password"], $private) : "");
                cookie("adminer_permanent", implode(" ", $permanent));
        }
-       if (count($_POST) == ($_POST["permanent"] ? 5 : 4) // 4 - driver, server, username, password
-               || DRIVER != $_POST["driver"]
-               || SERVER != $_POST["server"]
-               || $_GET["username"] !== $_POST["username"] // "0" == "00"
+       if (count($_POST) == 1 // 1 - auth
+               || DRIVER != $auth["driver"]
+               || SERVER != $auth["server"]
+               || $_GET["username"] !== $auth["username"] // "0" == "00"
        ) {
-               redirect(auth_url($_POST["driver"], $_POST["server"], $_POST["username"]));
+               redirect(auth_url($auth["driver"], $auth["server"], $auth["username"]));
        }
 } elseif ($_POST["logout"]) {
        if ($token && $_POST["token"] != $token) {
@@ -77,7 +78,7 @@ function auth_error($exception = null) {
        echo "<form action='' method='post' onclick='eventStop(event);'>\n";
        $adminer->loginForm();
        echo "<div>";
-       hidden_fields($_POST, array("driver", "server", "username", "password", "permanent")); // expired session
+       hidden_fields($_POST, array("auth")); // expired session
        echo "</div>\n";
        echo "</form>\n";
        page_footer("auth");
@@ -98,7 +99,7 @@ if (is_string($connection) || !$adminer->login($_GET["username"], get_session("p
 }
 
 $token = $_SESSION["token"]; ///< @var string CSRF protection
-if (isset($_POST["server"]) && $_POST["token"]) {
+if ($auth && $_POST["token"]) {
        $_POST["token"] = $token; // reset token after explicit login
 }
 $error = ($_POST ///< @var string

diff --git a/changes.txt b/changes.txt
index cecc5176850126c179972b9648c08a674e6c1efb..4462ad91d8186830f05ae9ae1e5e7b906bc3b31d 100644 (file)
--- a/changes.txt
+++ b/changes.txt
@@ -9,6 +9,7 @@ PostgreSQL: approximate row count in table overview
 PostgreSQL: improve PDO support in SQL command
 Oracle: schema, processlist, table overview numbers
 Simplify work with NULL values (customization)
+Use namespace in login form (customization)
 Replace JSMin by better JavaScript minifier
 Don't use AJAX links and forms
 Ukrainian translation

diff --git a/editor/include/adminer.inc.php b/editor/include/adminer.inc.php
index fdfbdf169f9e8dba9cec07fe17c5f383fcb94025..9c69c98d7cf87f933aa4216e13e74244ff6cbe02 100644 (file)
--- a/editor/include/adminer.inc.php
+++ b/editor/include/adminer.inc.php
@@ -41,15 +41,15 @@ class Adminer {
        function loginForm() {
                ?>
 <table cellspacing="0">
-<tr><th><?php echo lang('Username'); ?><td><input type="hidden" name="driver" value="server"><input type="hidden" name="server" value=""><input id="username" name="username" value="<?php echo h($_GET["username"]);  ?>">
-<tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
+<tr><th><?php echo lang('Username'); ?><td><input type="hidden" name="auth[driver]" value="server"><input id="username" name="auth[username]" value="<?php echo h($_GET["username"]);  ?>">
+<tr><th><?php echo lang('Password'); ?><td><input type="password" name="auth[password]">
 </table>
 <script type="text/javascript">
 document.getElementById('username').focus();
 </script>
 <?php
                echo "<p><input type='submit' value='" . lang('Login') . "'>\n";
-               echo checkbox("permanent", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
+               echo checkbox("auth[permanent]", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
        }
        
        function login($login, $password) {

diff --git a/plugins/login-servers.php b/plugins/login-servers.php
index 872836cd3170551830eaa1db88eddc9022afca9c..b5fa573bc216f3fd3086017a69fcadcf726c8b5c 100644 (file)
--- a/plugins/login-servers.php
+++ b/plugins/login-servers.php
@@ -37,13 +37,13 @@ class AdminerLoginServers {
        function loginForm() {
                ?>
 <table cellspacing="0">
-<tr><th><?php echo lang('Server'); ?><td><input type="hidden" name="driver" value="<?php echo $this->driver; ?>"><select name="server"><?php echo optionlist($this->servers, SERVER); ?></select>
-<tr><th><?php echo lang('Username'); ?><td><input id="username" name="username" value="<?php echo h($_GET["username"]);  ?>">
-<tr><th><?php echo lang('Password'); ?><td><input type="password" name="password">
+<tr><th><?php echo lang('Server'); ?><td><input type="hidden" name="auth[driver]" value="<?php echo $this->driver; ?>"><select name="auth[server]"><?php echo optionlist($this->servers, SERVER); ?></select>
+<tr><th><?php echo lang('Username'); ?><td><input id="username" name="auth[username]" value="<?php echo h($_GET["username"]);  ?>">
+<tr><th><?php echo lang('Password'); ?><td><input type="password" name="auth[password]">
 </table>
 <p><input type="submit" value="<?php echo lang('Login'); ?>">
 <?php
-               echo checkbox("permanent", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
+               echo checkbox("auth[permanent]", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
                return true;
        }
        

diff --git a/plugins/password-sha1.php b/plugins/password-sha1.php
index c2e3eda7c48c8073dc5d75d6ae3ade90205cbea8..4590189f4d5cb3d7b7bb35ce2e72f112fc597190 100644 (file)
--- a/plugins/password-sha1.php
+++ b/plugins/password-sha1.php
@@ -18,8 +18,8 @@ class AdminerPasswordSha1 {
                $this->login = $login;
                $this->passwordSha1 = $passwordSha1;
                $this->credentials = $credentials;
-               if (isset($_POST["password"])) {
-                       $_POST["password"] = sha1($_POST["password"]);
+               if (isset($_POST["auth"])) {
+                       $_POST["auth"]["password"] = sha1($_POST["auth"]["password"]);
                }
        }
        
@@ -32,7 +32,7 @@ class AdminerPasswordSha1 {
        }
        
        function permanentLogin() {
-               //! should save original $_POST["password"] and hash after load
+               //! should save original $_POST["auth"]["password"] and hash after load
        }
        
 }