Allow to use external authentication and use empty MySQL passwords (path #1388210, thanks to Patrick MONNERAT - monnerat).

ChangeLog

@@ -35,6 +35,10 @@ $Source$
       #1415975).
     * contrib/packaging/Fedora: Add spec file for Fedora (patch #1388224,
       thanks to Patrick MONNERAT - monnerat).
+    * Documentation.html, libraries/config.default.php,
+      libraries/dbi/mysql.dbi.lib.php, libraries/dbi/mysqli.dbi.lib.php: Allow
+      to use external authentication and use empty MySQL passwords (path
+      #1388210, thanks to Patrick MONNERAT - monnerat).
 
 2006-02-22 Sebastian Mendel <cybot_tm@users.sourceforge.net>
     * libraries/footer.inc.php:

Documentation.html

@@ -631,6 +631,17 @@ GRANT ALL PRIVILEGES ON user_base.* TO 'real_user'@localhost IDENTIFIED BY 'real
         which phpMyAdmin will use to connect to the
         MySQL server. This user/password pair is not needed when <abbr title="HyperText Transfer Protocol">HTTP</abbr> or
         cookie authentication is used and should be empty.</dd>
+    <dt id="servers_nopassword">
+        <span
+        id="cfg_Servers_nopassword">$cfg['Servers'][$i]['nopassword']</span> boolean
+    </dt>
+    <dd>
+        Allow attempt to login without password when login with password
+        fails. This can be used together with http authentication, when
+        authentication is done some other way and phpMyAdmin gets user name
+        from auth and uses empty password for connecting to MySQL. Password
+        login is still tried first, but as fallback, no password method is
+        tried.</dd>
     <dt id="servers_only_db">
         <span id="cfg_Servers_only_db">$cfg['Servers'][$i]['only_db']</span> string or array
     </dt>

libraries/config.default.php

@@ -72,6 +72,7 @@ $cfg['Servers'][$i]['auth_type']     = 'config';    // Authentication method (co
 $cfg['Servers'][$i]['user']          = 'root';      // MySQL user
 $cfg['Servers'][$i]['password']      = '';          // MySQL password (only needed
                                                     // with 'config' auth_type)
+$cfg['Servers'][$i]['nopassword']    = FALSE;       // Whether to try to connect without password
 $cfg['Servers'][$i]['only_db']       = '';          // If set to a db-name, only
                                                     // this db is displayed in left frame
                                                     // It may also be an array of db-names, where sorting order is relevant.

libraries/dbi/mysql.dbi.lib.php

@@ -17,6 +17,26 @@ if (!defined('PMA_MYSQL_CLIENT_API')) {
     }
 }
 
+function PMA_DBI_real_connect($server, $user, $password, $client_flags) {
+    global $cfg;
+
+    if (empty($client_flags)) {
+        if ($cfg['PersistentConnections']) {
+            $link = @mysql_pconnect($cfg['Server']['host'] . $server_port . $server_socket, $user, $password);
+        } else {
+            $link = @mysql_connect($cfg['Server']['host'] . $server_port . $server_socket, $user, $password);
+        }
+    } else {
+        if ($cfg['PersistentConnections']) {
+            $link = @mysql_pconnect($cfg['Server']['host'] . $server_port . $server_socket, $user, $password, $client_flags);
+        } else {
+            $link = @mysql_connect($cfg['Server']['host'] . $server_port . $server_socket, $user, $password, FALSE, $client_flags);
+        }
+    }
+
+    return $link;
+}
+
 function PMA_DBI_connect($user, $password, $is_controluser = FALSE) {
     global $cfg, $php_errormsg;
 
@@ -40,17 +60,13 @@ function PMA_DBI_connect($user, $password, $is_controluser = FALSE) {
         $client_flags |= 128;
     }
 
-    if (empty($client_flags)) {
-        $connect_func = 'mysql_' . ($cfg['PersistentConnections'] ? 'p' : '') . 'connect';
-        $link = @$connect_func($cfg['Server']['host'] . $server_port . $server_socket, $user, $password);
-    } else {
-        if ($cfg['PersistentConnections']) {
-            $link = @mysql_pconnect($cfg['Server']['host'] . $server_port . $server_socket, $user, $password, $client_flags);
-        } else {
-            $link = @mysql_connect($cfg['Server']['host'] . $server_port . $server_socket, $user, $password, FALSE, $client_flags);
-        }
+    $link = PMA_DBI_real_connect($cfg['Server']['host'] . $server_port . $server_socket, $user, $password, empty($client_flags) ? NULL : $client_flags);
+    
+    // Retry with empty password if we're allowed to
+    if (empty($link) && $cfg['Server']['nopassword'] && !$is_controluser) {
+        $link = PMA_DBI_real_connect($cfg['Server']['host'] . $server_port . $server_socket, $user, '', empty($client_flags) ? NULL : $client_flags);
     }
-
+    
     if (empty($link)) {
         PMA_auth_fails();
     } // end if

libraries/dbi/mysqli.dbi.lib.php

@@ -91,6 +91,11 @@ function PMA_DBI_connect($user, $password, $is_controluser = false)
 
     $return_value = @mysqli_real_connect($link, $GLOBALS['cfg']['Server']['host'], $user, $password, false, $server_port, $server_socket, $client_flags);
 
+    // Retry with empty password if we're allowed to
+    if ($return_value == false && $cfg['Server']['nopassword'] && !$is_controluser) {
+        $return_value = @mysqli_real_connect($link, $GLOBALS['cfg']['Server']['host'], $user, '', false, $server_port, $server_socket, $client_flags);
+    }
+
     if ($return_value == false) {
         PMA_auth_fails();
     } // end if