* moved all the authentication work in libraries so it will be easier to add new authentication modes;

* started merging patch #463127 - Cookie based authentication, thanks to Piotr Roszatycki & Dan Wilson.

ChangeLog

@@ -12,6 +12,12 @@ $Source$
 	* Documentation.html, line 282: the suggested statement to create a new
 	  user and give him grants on a db was invalid.
 	* Documentation.txt: updated.
+	* config.inc.php3; main.php3; lang/*; libraris/common.lib.php3;
+	  libraries/auth/*:
+	  - moved all the authentication work in libraries so it will be easier to
+	    add new authentication modes;
+	  - started merging patch #463127 - Cookie based authentication, thanks to
+	    Piotr Roszatycki <d3xter at users.sourceforge.net> and Dan Wilson.
 
 2001-12-08  Lo<4C>c Chapeaux  <lolo@phpheaven.net>
 	* libraries/left.js, lines 234-240: fixed a js bug with empty databases.

config.inc.php3

@@ -44,7 +44,7 @@ $cfgServers[1]['socket']        = '';          // Path to the socket - leave bla
 $cfgServers[1]['connect_type']  = 'tcp';       // How to connect to MySQL server ('tcp' or 'socket')
 $cfgServers[1]['stduser']       = '';          // MySQL standard user settings (this user must have read-only
 $cfgServers[1]['stdpass']       = '';          //   access to the "mysql/user" and "mysql/db" tables)
-$cfgServers[1]['adv_auth']      = FALSE;       // Use advanced authentication?
+$cfgServers[1]['auth_type']     = 'basic';     // Authentication method (basic, http or cookie based)?
 $cfgServers[1]['user']          = 'root';      // MySQL user
 $cfgServers[1]['password']      = '';          // MySQL password (only needed with basic auth)
 $cfgServers[1]['only_db']       = '';          // If set to a db-name, only this db is displayed at left frame
@@ -59,7 +59,7 @@ $cfgServers[2]['socket']        = '';
 $cfgServers[2]['connect_type']  = 'tcp';
 $cfgServers[2]['stduser']       = '';
 $cfgServers[2]['stdpass']       = '';
-$cfgServers[2]['adv_auth']      = FALSE;
+$cfgServers[2]['auth_type']     = 'basic';
 $cfgServers[2]['user']          = 'root';
 $cfgServers[2]['password']      = '';
 $cfgServers[2]['only_db']       = '';
@@ -73,7 +73,7 @@ $cfgServers[3]['socket']        = '';
 $cfgServers[3]['connect_type']  = 'tcp';
 $cfgServers[3]['stduser']       = '';
 $cfgServers[3]['stdpass']       = '';
-$cfgServers[3]['adv_auth']      = FALSE;
+$cfgServers[3]['auth_type']     = 'basic';
 $cfgServers[3]['user']          = 'root';
 $cfgServers[3]['password']      = '';
 $cfgServers[3]['only_db']       = '';

lang/arabic.inc.php3

@@ -174,7 +174,6 @@ $strLineFeed = '
 $strLines = '<27><><EFBFBD><EFBFBD>';
 $strLinesTerminatedBy = '<27><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>';
 $strLocationTextfile = '<27><><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = '<27><><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>';
 
 $strModifications = '<27><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
@@ -342,4 +341,8 @@ $strZip = '"zipped" "
 
 // To translate
 $strCardinality = 'Cardinality';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/brazilian_portuguese.inc.php3

@@ -153,7 +153,6 @@ $strLineFeed = 'Caracter de Alimenta
 $strLines = 'Linhas';
 $strLinesTerminatedBy = 'Linhas terminadas por'; 
 $strLocationTextfile = 'Localiza<7A><61>o do arquivo texto';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Sair';
 
 $strModifications = 'Modifica<63><61>es foram salvas';
@@ -302,12 +301,16 @@ $strYes = 'Sim';
 $strAfterInsertBack = 'Return';
 $strAfterInsertNewInsert = 'Insert a new record';
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strFlushTable = 'Flush the table ("FLUSH")';
 $strIdxFulltext = 'Fulltext';  //to translate 
 $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/table/field name.'; //to translate
 $strKeepPass = 'Do not change the password';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/bulgarian-koi8.inc.php3

@@ -170,7 +170,7 @@ $strLineFeed = '
 $strLines = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 $strLinesTerminatedBy = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>';
 $strLocationTextfile = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>';
-$strLogin = '<27><><EFBFBD><EFBFBD>'; //keep it, even if its not in use ...
+$strLogin = '<27><><EFBFBD><EFBFBD>';
 $strLogout = '<27><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 
 $strModifications = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
@@ -338,5 +338,7 @@ $strYes = '
 $strZip = '"zip-<2D><><EFBFBD><EFBFBD>"';
 
 // To translate
-
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/bulgarian-win1251.inc.php3

@@ -170,7 +170,7 @@ $strLineFeed = '
 $strLines = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 $strLinesTerminatedBy = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>';
 $strLocationTextfile = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>';
-$strLogin = '<27><><EFBFBD><EFBFBD>'; //keep it, even if its not in use ...
+$strLogin = '<27><><EFBFBD><EFBFBD>';
 $strLogout = '<27><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 
 $strModifications = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
@@ -338,5 +338,7 @@ $strYes = '
 $strZip = '"zip-<2D><><EFBFBD><EFBFBD>"';
 
 // To translate
-
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/catala.inc.php3

@@ -133,7 +133,6 @@ $strLimitNumRows = 'registres per plana';
 $strLineFeed = 'Salt de l<>nia: \\n';
 $strLines = 'L<>nies';
 $strLocationTextfile = 'Ubicaci<63> del fitxer de text';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Sortir';
 
 $strModifications = 'Les modificacions han estat guardades';
@@ -270,6 +269,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAnIndex = 'An index has been added on %s';//to translate
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDatabasesStats = 'Databases statistics';//to translate
@@ -293,6 +293,9 @@ $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/tabl
 $strKeepPass = 'Do not change the password';//to translate
 $strLengthSet = 'Length/Values*'; //to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/chinese_big5.inc.php3

@@ -134,7 +134,6 @@ $strLimitNumRows = '
 $strLineFeed = '<27><><EFBFBD><EFBFBD>: \\n';
 $strLines = '<27><><EFBFBD><EFBFBD>';
 $strLocationTextfile = '<27><><EFBFBD>r<EFBFBD>ɮת<C9AE><D7AA><EFBFBD><EFBFBD>m';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = '<27>n<EFBFBD>X<EFBFBD>t<EFBFBD><74>';
 
 $strModifications = '<27>ק<EFBFBD><D7A7>w<EFBFBD>x<EFBFBD>s';
@@ -269,6 +268,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAnIndex = 'An index has been added on %s';//to translate
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDatabasesStats = 'Databases statistics';//to translate
@@ -292,6 +292,9 @@ $strInstructions = 'Instructions';//to translate
 $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/table/field name.'; //to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/chinese_gb.inc.php3

@@ -128,7 +128,6 @@ $strLimitNumRows = 'records per page'; //to translate
 $strLineFeed = '<27><><EFBFBD>У<EFBFBD>\\n';
 $strLines = '<27><><EFBFBD><EFBFBD> ';
 $strLocationTextfile = '<27>ı<EFBFBD><C4B1>ļ<EFBFBD><C4BC><EFBFBD>λ<EFBFBD><CEBB>';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = '<27>˳<EFBFBD>ϵͳ';
 
 $strModifications = '<27>޸ĺ<DEB8><C4BA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ѿ<EFBFBD><D1BE><EFBFBD><EFBFBD>̡<EFBFBD>';
@@ -271,6 +270,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAnIndex = 'An index has been added on %s';//to translate
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDatabasesStats = 'Databases statistics';//to translate
@@ -294,6 +294,9 @@ $strInstructions = 'Instructions';//to translate
 $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/table/field name.'; //to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/czech-iso.inc.php3

@@ -170,7 +170,6 @@ $strLineFeed = 'Ukon
 $strLines = '<27><>dek';
 $strLinesTerminatedBy = '<27><>dky ukon<6F>en<65>';
 $strLocationTextfile = 'Um<55>st<73>n<EFBFBD> textov<6F>ho souboru';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Odhl<68>sit se';
 
 $strModifications = 'Zm<5A>ny byly ulo<6C>eny';
@@ -336,4 +335,10 @@ $strYes = 'Ano';
 
 $strZip = '"zazipov<6F>no"';
 
+// To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
+
 ?>

lang/czech-win1250.inc.php3

@@ -171,7 +171,6 @@ $strLineFeed = 'Ukon
 $strLines = '<27><>dek';
 $strLinesTerminatedBy = '<27><>dky ukon<6F>en<65>';
 $strLocationTextfile = 'Um<55>st<73>n<EFBFBD> textov<6F>ho souboru';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Odhl<68>sit se';
 
 $strModifications = 'Zm<5A>ny byly ulo<6C>eny';
@@ -338,4 +337,9 @@ $strYes = 'Ano';
 
 $strZip = '"zazipov<6F>no"';
 
+// To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/danish.inc.php3

@@ -132,7 +132,8 @@ $strHomepageOfficial = 'Officiel phpMyAdmin hjemmeside ';
 $strHomepageSourceforge = 'Ny phpMyAdmin hjemmeside ';
 $strHost = 'V<>rt';
 $strHostEmpty = 'Der er intet v<>rtsnavn!'; 
-$strIdxFulltext = 'Fuldtekst'; 
+
+$strIdxFulltext = 'Fuldtekst';
 $strIfYouWish = 'Hvis du kun <20>nsker at importere nogle af tabellens kolonner, angives de med en kommasepareret felt liste.';
 $strIndex = 'Indeks';
 $strIndexes = 'Indekser';
@@ -157,7 +158,6 @@ $strLineFeed = 'Linefeed: \\n';
 $strLines = 'Linier';
 $strLinesTerminatedBy = 'Linier afsluttet med';
 $strLocationTextfile = 'Tekstfilens placering';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Log af';
 
 $strModifications = 'Rettelserne er gemt!';
@@ -319,7 +319,11 @@ $strZip = '"zipped"'; //to translate
 $strAfterInsertBack = 'Return';
 $strAfterInsertNewInsert = 'Insert a new record';
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strFlushTable = 'Flush the table ("FLUSH")';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strNoFrames = 'phpMyAdmin is more friendly with a <b>frames-capable</b> browser.';
 $strTableHasBeenFlushed = 'Table %s has been flushed';
 

lang/dutch.inc.php3

@@ -141,7 +141,7 @@ $strLimitNumRows = 'records per pagina';
 $strLineFeed = 'Linefeed: \\n';
 $strLines = 'Regels';
 $strLocationTextfile = 'Locatie van het tekstbestand';
-$strLogin = 'Inloggen'; //to translate, but its not in use ...
+$strLogin = 'Inloggen';
 $strLogout = 'Uitloggen';
 
 $strModifications = 'Wijzigingen opgeslagen.';
@@ -287,6 +287,7 @@ $strAnIndex = 'An index has been added on %s';//to translate
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
 $strBzip = '"bzipped"'; //to translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDeleteUserMessage = 'You have deleted the user %s.';//to translate
@@ -301,6 +302,8 @@ $strIdxFulltext = 'Fulltext';  //to translate
 $strIndexHasBeenDropped = 'Index %s has been dropped';//to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/english.inc.php3

@@ -71,6 +71,7 @@ $strColumn = 'Column';
 $strColumnNames = 'Column names';
 $strCompleteInserts = 'Complete inserts';
 $strConfirm = 'Do you really want to do it?';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strCopyTableOK = 'Table %s has been copied to %s.';
 $strCreate = 'Create';
@@ -170,8 +171,10 @@ $strLineFeed = 'Linefeed: \\n';
 $strLines = 'Lines';
 $strLinesTerminatedBy = 'Lines terminated by';
 $strLocationTextfile = 'Location of the textfile';
-$strLogin = ''; //to translate, but its not in use ...
+$strLogin = 'Login';
 $strLogout = 'Log out';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 
 $strModifications = 'Modifications have been saved';
 $strModify = 'Modify';

lang/finnish.inc.php3

@@ -174,7 +174,6 @@ $strLineFeed = 'LF-rivinvaihto: \\n';
 $strLines = 'Rivit';
 $strLinesTerminatedBy = 'Rivien erotinmerkki';
 $strLocationTextfile = 'Tiedoston sijainti';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Poistu';
 
 $strModifications = 'Muutokset tallennettu';
@@ -341,5 +340,9 @@ $strYes = 'Kyll
 $strZip = '"zip-pakattu"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 
 ?>

lang/french.inc.php3

@@ -71,6 +71,7 @@ $strColumn = 'Colonne';
 $strColumnNames = 'Nom des colonnes';
 $strCompleteInserts = 'Insertions compl<70>tes';
 $strConfirm = 'Veuillez confirmer';
+$strCookiesRequired = 'Vous devez accepter les cookies pour poursuivre.';
 $strCopyTable = '<b>Copier</b> la table vers (base<b>.</b>table)&nbsp;:';
 $strCopyTableOK = 'La table %s a <20>t<EFBFBD> copi<70>e vers %s.';
 $strCreate = 'Cr<43>er';
@@ -170,8 +171,10 @@ $strLineFeed = 'Saut de ligne : \\n';
 $strLines = 'Lignes';
 $strLinesTerminatedBy = 'Lignes termin<69>es par';
 $strLocationTextfile = 'Emplacement du fichier texte';
-$strLogin = ''; //to translate, but its not in use ...
+$strLogin = 'Entrer';
 $strLogout = 'Quitter';
+$strLogUsername = 'Nom d\'utilisateur&nbsp;:';
+$strLogPassword = 'Mot de passe&nbsp;:';
 
 $strModifications = 'Les modifications ont <20>t<EFBFBD> sauvegard<72>es.';
 $strModify = 'Modifier';

lang/galician.inc.php3

@@ -170,7 +170,6 @@ $strLineFeed = 'Car
 $strLines = 'Li<4C>as';
 $strLinesTerminatedBy = 'As li<6C>as rematan por';
 $strLocationTextfile = 'Localizaci<63>n do arquivo de texto';
-$strLogin = 'Login'; //to translate, but its not in use ...
 $strLogout = 'Sair';
 
 $strModifications = 'As modificaci<63>ns foron gardadas';
@@ -337,5 +336,9 @@ $strYes = 'Si';
 $strZip = 'comprimido no formato "zipped"';
 
 // To translate
+$strCardinality = 'Cardinality';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 
 ?>

lang/german.inc.php3

@@ -169,7 +169,6 @@ $strLineFeed = 'Zeilenvorschub: \\n';
 $strLines = 'Zeilen';
 $strLinesTerminatedBy = 'Zeilen getrennt mit';
 $strLocationTextfile = 'Datei';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Neu einloggen';
 
 $strModifications = '<27>nderungen gespeichert.';
@@ -334,9 +333,11 @@ $strYes = 'Ja';
 $strZip = '"Zip komprimiert"';
 
 // To translate
+$strCardinality = 'Cardinality';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strShowCols = 'Show columns';
 $strShowTables = 'Show tables';
-
-// Indexes
-$strCardinality = 'Cardinality';
 ?>

lang/greek.inc.php3

@@ -146,7 +146,6 @@ $strLimitNumRows = '
 $strLineFeed = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>: \\n';
 $strLines = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 $strLocationTextfile = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 
 $strModifications = '<27><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
@@ -295,6 +294,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strAnIndex = 'An index has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDeleteUserMessage = 'You have deleted the user %s.';//to translate
@@ -306,6 +306,9 @@ $strFlushTable = 'Flush the table ("FLUSH")';
 $strIndexHasBeenDropped = 'Index %s has been dropped';//to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/italian.inc.php3

@@ -172,7 +172,6 @@ $strLineFeed = 'Fine riga: \\n';
 $strLines = 'Record';
 $strLinesTerminatedBy = 'Linee terminate da';
 $strLocationTextfile = 'Percorso del file';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Disconnetti';
 
 $strModifications = 'Le modifiche sono state salvate';
@@ -339,4 +338,8 @@ $strYes = ' Si ';
 $strZip = '"compresso con zip"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/japanese.inc.php3

@@ -337,5 +337,8 @@ $strYes = '
 $strZip = '"zip<69><70><EFBFBD><EFBFBD><EFBFBD><EFBFBD>"';
 
 // To translate
+$strCardinality = 'Cardinality';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 
 ?>

lang/korean.inc.php3

@@ -128,7 +128,6 @@ $strLimitNumRows = '
 $strLineFeed = '<27><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>: \\n';
 $strLines = '<27><>(<28><>)';
 $strLocationTextfile = 'SQL <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>ؽ<EFBFBD>Ʈ <20><><EFBFBD><EFBFBD>';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = '<27>α<EFBFBD> <20>ƿ<EFBFBD>';
 
 $strModifications = '<27><> <20>ٸ<EFBFBD><D9B8><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>Ͽ<EFBFBD><CFBF><EFBFBD><EFBFBD>ϴ<EFBFBD>.';
@@ -271,6 +270,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAnIndex = 'An index has been added on %s';//to translate
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDatabasesStats = 'Databases statistics';//to translate
@@ -293,6 +293,9 @@ $strInstructions = 'Instructions';//to translate
 $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/table/field name.'; //to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password&nbsp;:';
+$strLogUsername = 'Username&nbsp;:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/norwegian.inc.php3

@@ -169,7 +169,6 @@ $strLineFeed = 'Linjeskift: \\n';
 $strLines = 'Linjer';
 $strLinesTerminatedBy = 'Linker avsluttet med';
 $strLocationTextfile = 'Plassering av filen';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Logg ut';
 
 $strModifications = 'Endringene er lagret';
@@ -336,4 +335,8 @@ $strYes = 'Ja';
 $strZip = '"komprimert (zip)"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/polish.inc.php3

@@ -337,5 +337,8 @@ $strYes = 'Tak';
 $strZip = '".zip"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogPassword = 'Password :';
+$strLogUsername = 'Username :';
 
 ?>

lang/portuguese.inc.php3

@@ -128,7 +128,6 @@ $strLimitNumRows = 'records per page'; //to translate
 $strLineFeed = 'Linefeed: \\n';
 $strLines = 'Linhas';
 $strLocationTextfile = 'Localiza<7A><61>o do arquivo textos';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Log out';
 
 $strModifications = 'Modifica<63><61>es foram salvas';
@@ -271,6 +270,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAnIndex = 'An index has been added on %s';//to translate
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDatabasesStats = 'Databases statistics';//to translate
@@ -293,6 +293,9 @@ $strInstructions = 'Instructions';//to translate
 $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/table/field name.'; //to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password&nbsp;:';
+$strLogUsername = 'Username&nbsp;:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/romanian.inc.php3

@@ -170,7 +170,6 @@ $strLineFeed = 'Dezvoltare linie: \\n';
 $strLines = 'Linii';
 $strLinesTerminatedBy = 'Linii terminate de';
 $strLocationTextfile = 'Locatia fisierului text';
-$strLogin = '';
 $strLogout = 'Deconectare';
 
 $strModifications = 'Modificarile au fost salvate';
@@ -337,5 +336,9 @@ $strYes = 'Da';
 $strZip = '"zipped"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password :';
+$strLogUsername = 'Username :';
 
 ?>

lang/russian-koi8.inc.php3

@@ -170,7 +170,7 @@ $strLineFeed = '
 $strLines = '<27><><EFBFBD><EFBFBD><EFBFBD>';
 $strLinesTerminatedBy = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 $strLocationTextfile = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>';
-$strLogin = '<27><><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';  // To translate, but its not in use ...
+$strLogin = '<27><><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 $strLogout = '<27><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 
 $strModifications = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
@@ -337,4 +337,7 @@ $strYes = '
 $strZip = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> "zip"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/russian-win1251.inc.php3

@@ -170,7 +170,7 @@ $strLineFeed = '
 $strLines = '<27><><EFBFBD><EFBFBD><EFBFBD>';
 $strLinesTerminatedBy = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 $strLocationTextfile = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD>';
-$strLogin = '<27><><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';  // To translate, but its not in use ...
+$strLogin = '<27><><EFBFBD><EFBFBD> <20> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 $strLogout = '<27><><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
 
 $strModifications = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
@@ -337,4 +337,7 @@ $strYes = '
 $strZip = '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20> "zip"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/slovak-iso.inc.php3

@@ -172,7 +172,6 @@ $strLineFeed = 'Ukon
 $strLines = 'Riadky';
 $strLinesTerminatedBy = 'Riadky ukon<6F>en<65>';
 $strLocationTextfile = 'Lok<6F>cia textov<6F>ho s<>boru';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Odhl<68>si<73> sa';
 
 $strModifications = 'Zmeny boli ulo<6C>en<65>';
@@ -340,5 +339,9 @@ $strZip = '"zo zipovan
 
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 
 ?>

lang/spanish.inc.php3

@@ -142,7 +142,6 @@ $strLimitNumRows = 'registros por pagina';
 $strLineFeed = 'Retorno de carro: \\n';
 $strLines = 'Lineas';
 $strLocationTextfile = 'Localización del archivo de texto';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Salir';
 
 $strModifications = 'Se han guardado las modificaciones';
@@ -288,6 +287,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
 $strBzip = '"bzipped"';  //to translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strFieldHasBeenDropped = 'Field %s has been dropped';//to translate
@@ -302,6 +302,9 @@ $strIndexHasBeenDropped = 'Index %s has been dropped';//to translate
 $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/table/field name.'; //to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/swedish.inc.php3

@@ -170,7 +170,7 @@ $strLineFeed = 'Radframmatning: \\n';
 $strLines = 'Rader';
 $strLinesTerminatedBy = 'Raderna avslutas med';
 $strLocationTextfile = 'Textfilens plats';
-$strLogin = 'Logga in'; //to translate, but its not in use ...
+$strLogin = 'Logga in';
 $strLogout = 'Logga ut';
 
 $strModifications = '<27>ndringarna har sparats';
@@ -336,4 +336,8 @@ $strYes = 'Ja';
 
 $strZip = '"zippad"';
 
+// To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

lang/thai.inc.php3

@@ -128,7 +128,6 @@ $strLimitNumRows = '
 $strLineFeed = 'Linefeed: \\n'; //to translate
 $strLines = '<27><>÷Ѵ';
 $strLocationTextfile = '<27><><EFBFBD>˹觢ͧ text file';
-$strLogin = ''; //to translate, but its not in use ...
 $strLogout = 'Log out'; //to translate
 
 $strModifications = '<27>ѹ<EFBFBD>֡<EFBFBD><D6A1><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>º<EFBFBD><C2BA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>';
@@ -271,6 +270,7 @@ $strAfterInsertNewInsert = 'Insert a new record';
 $strAnIndex = 'An index has been added on %s';//to translate
 $strAPrimaryKey = 'A primary key has been added on %s';//to translate
 $strBookmarkDeleted = 'The bookmark has been deleted.';
+$strCookiesRequired = 'Cookies must be enabled past this point.';
 $strCopyTable = 'Copy table to (database<b>.</b>table):';
 $strDatabaseHasBeenDropped = 'Database %s has been dropped.';  //to translate
 $strDatabasesStats = 'Databases statistics';//to translate
@@ -294,6 +294,9 @@ $strInstructions = 'Instructions';//to translate
 $strInvalidName = '"%s" is a reserved word, you can\'t use it as a database/table/field name.'; //to translate
 $strKeepPass = 'Do not change the password';//to translate
 $strLinesTerminatedBy = 'Lines terminated by';//to translate
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 $strMoveTable = 'Move table to (database<b>.</b>table):';
 $strMoveTableOK = 'Table %s has been moved to %s.';
 $strMySQLServerProcess = 'MySQL %pma_s1% running on %pma_s2% as %pma_s3%';

lang/turkish.inc.php3

@@ -170,7 +170,6 @@ $strLineFeed = 'Sat
 $strLines = 'Sat<61>rlar';
 $strLinesTerminatedBy = 'Sat<61>r sonu';
 $strLocationTextfile = 'Dosyadan y<>kle';
-$strLogin = ''; //to translate, but its not in use ... (so why here  :P )
 $strLogout = '<27><>k<EFBFBD><6B>';
 
 $strModifications = 'De<44>i<EFBFBD>iklikler kaydedildi';
@@ -337,4 +336,8 @@ $strYes = 'Evet';
 $strZip = '"ziplenmi<6D>"';
 
 // To translate
+$strCookiesRequired = 'Cookies must be enabled past this point.';
+$strLogin = 'Login';
+$strLogPassword = 'Password:';
+$strLogUsername = 'Username:';
 ?>

libraries/auth/basic.auth.lib.php3

@@ -0,0 +1,115 @@
+<?php
+/* $Id$ */
+
+// +--------------------------------------------------------------------------+
+// | Set of functions used to run basic authentication (ie no                 |
+// | authentication).                                                         |
+// +--------------------------------------------------------------------------+
+
+
+if (!defined('PMA_BASIC_AUTH_INCLUDED')) {
+    define('PMA_BASIC_AUTH_INCLUDED', 1);
+
+    /**
+     * Displays authentication form
+     *
+     * @return  boolean   always true
+     *
+     * @access  public
+     */
+    function PMA_auth()
+    {
+        return TRUE;
+    } // end of the 'PMA_auth()' function
+
+
+    /**
+     * Gets advanced authentication settings
+     *
+     * @return  boolean   always true
+     *
+     * @access  public
+     */
+    function PMA_auth_check()
+    {
+        return TRUE;
+    } // end of the 'PMA_auth_check()' function
+
+
+    /**
+     * Set the user and password after last checkings if required
+     *
+     * @return  boolean   always true
+     *
+     * @access  public
+     */
+    function PMA_auth_set_user()
+    {
+        return TRUE;
+    } // end of the 'PMA_auth_set_user()' function
+
+
+    /**
+     * User is not allowed to login to MySQL -> authentication failed
+     *
+     * @global  string    the MySQL error message PHP returns
+     * @global  string    the connection type (persitent or not)
+     * @global  string    the MySQL server port to use
+     * @global  string    the MySQL socket port to use
+     * @global  array     the current server settings
+     * @global  string    the font face to use in case of failure
+     * @global  string    the default font size to use in case of failure
+     * @global  string    the big font size to use in case of failure
+     *
+     * @return  boolean   always true (no return indeed)
+     *
+     * @access  public
+     */
+    function PMA_auth_fails()
+    {
+        global $php_errormsg;
+        global $connect_func, $server_port, $server_socket, $cfgServer;
+        global $right_font_family, $font_size, $font_bigger;
+
+        if (mysql_error()) {
+            $conn_error = mysql_error();
+        } else if (isset($php_errormsg)) {
+            $conn_error = $php_errormsg;
+        } else {
+            $conn_error = 'Cannot connect: invalid settings.';
+        }
+        $local_query    = $connect_func . '('
+                        . $cfgServer['host'] . $server_port . $server_socket . ', '
+                        . $cfgServer['user'] . ', '
+                        . $cfgServer['password'] . ')';
+        ?>
+<!DOCTYPE html
+    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" dir="<?php echo $GLOBALS['text_dir']; ?>">
+
+<head>
+<title><?php echo $GLOBALS['strAccessDenied']; ?></title>
+<style type="text/css">
+<!--
+body     {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_size; ?>; color: #000000}
+h1       {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_bigger; ?>; font-weight: bold}
+//-->
+</style>
+</head>
+
+<body bgcolor="<?php echo $GLOBALS['cfgRightBgColor']; ?>">
+<br /><br />
+<center>
+    <h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?></h1>
+</center>
+<br />
+        ?>
+        echo "\n";
+        PMA_mysqlDie($conn_error, $local_query, FALSE);
+
+        return TRUE;
+    } // end of the 'PMA_auth()' function
+
+} // $__PMA_BASIC_AUTH_LIB__
+?>

libraries/auth/cookie.auth.lib.php3

@@ -0,0 +1,354 @@
+<?php
+/* $Id$ */
+
+// +--------------------------------------------------------------------------+
+// | Set of functions used to run cookie based authentication.                |
+// | Thanks to Piotr Roszatycki <d3xter at users.sourceforge.net> and         |
+// | Dan Wilson who builds this patch for the Debian package.                 |
+// +--------------------------------------------------------------------------+
+
+
+if (!defined('PMA_COOKIE_AUTH_INCLUDED')) {
+    define('PMA_COOKIE_AUTH_INCLUDED', 1);
+
+    /**
+     * Sorts available languages by their true names
+     *
+     * @param   array   the array to be sorted
+     * @param   mixed   a required parameter
+     *
+     * @return  the sorted array
+     *
+     * @access  private
+     */
+    function PMA_cookie_cmp(&$a, $b)
+    {
+        return (strcmp($a[1], $b[1]));
+    } // end of the 'PMA_cmp()' function
+
+
+    /**
+     * Displays authentication form
+     *
+     * @global  string    the font face to use
+     * @global  string    the default font size to use
+     * @global  string    the big font size to use
+     * @global  array     the list of servers settings
+     * @global  array     the list of available translations
+     * @global  string    the current language
+     * @global  integer   the current server id
+     * @global  array     the array of cookie variables if register_globals is
+     *                    off
+     *
+     * @return  boolean   always true (no return indeed)
+     *
+     * @access  public
+     */
+    function PMA_auth()
+    {
+        global $right_font_family, $font_size, $font_bigger;
+        global $cfgServers, $available_languages;
+        global $lang, $server;
+        global $HTTP_COOKIE_VARS;
+
+        // Tries to get the username from cookie whatever are the values of the
+        // 'register_globals' and the 'variables_order' directives
+        if (!empty($GLOBALS['pma_cookie_username'])) {
+            $default_user = $GLOBALS['pma_cookie_username'];
+        }
+        else if (!empty($_COOKIE) && isset($_COOKIE['pma_cookie_username'])) {
+            $default_user = $_COOKIE['pma_cookie_username'];
+        }
+        else if (!empty($HTTP_COOKIE_VARS) && isset($HTTP_COOKIE_VARS['pma_cookie_username'])) {
+            $default_user = $HTTP_COOKIE_VARS['pma_cookie_username'];
+        }
+
+        $cell_align = ($GLOBALS['text_dir'] == 'ltr') ? 'left' : 'right';
+        // Title
+        ?>
+<!DOCTYPE html
+    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" dir="<?php echo $GLOBALS['text_dir']; ?>">
+
+<head>
+<title><?php echo 'phpMyAdmin ' . PMA_VERSION . ' - ' . $GLOBALS['strLogin']; ?></title>
+<style type="text/css">
+<!--
+body     {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_size; ?>; color: #000000}
+form     {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_size; ?>; font-weight: bold}
+h1       {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_bigger; ?>; font-weight: bold}
+.warning {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_size; ?>; font-weight: bold; color: #FF0000}
+//-->
+</style>
+</head>
+
+<body bgcolor="<?php echo $GLOBALS['cfgRightBgColor']; ?>">
+<center>
+<h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?></h1>
+<br />
+
+        <?php
+        // Displays the languages form
+        if (empty($cfgLang)) {
+            echo "\n";
+            ?>
+<!-- Language selection -->
+<form method="post" action="index.php3">
+    <input type="hidden" name="server" value="<?php echo $server; ?>" />
+    Language:
+    <select name="lang" dir="ltr" onchange="this.form.submit();">
+            <?php
+            echo "\n";
+
+            uasort($available_languages, 'PMA_cookie_cmp');
+            reset($available_languages);
+            while (list($id, $tmplang) = each($available_languages)) {
+                $lang_name = ucfirst(substr(strstr($tmplang[0], '|'), 1));
+                if ($lang == $id) {
+                    $selected = ' selected="selected"';
+                } else {
+                    $selected = '';
+                }
+                echo '        ';
+                echo '<option value="' . $id . '"' . $selected . '>' . $lang_name . ' (' . $id . ')</option>' . "\n";
+            } // end while
+            ?> 
+    </select>
+    <input type="submit" value="Go" />
+</form>
+<br />
+            <?php
+        }
+        echo "\n\n";
+
+        // Displays the warning message and the login form
+        ?>
+<p class="warning"><?php echo $GLOBALS['strCookiesRequired']; ?></p>
+<br />
+
+
+<!-- Login form -->
+<form method="post" action="index.php3">
+    <table cellpadding="5">
+    <tr>
+        <td align="<?php echo $cell_align; ?>"><?php echo $GLOBALS['strLogUsername']; ?>&nbsp;</td>
+        <td align="<?php echo $cell_align; ?>">
+            <input type="text" name="pma_username" value="<?php echo (isset($default_user) ? $default_user : ''); ?>" size="24" />
+        </td>
+    </tr>
+    <tr>
+        <td align="<?php echo $cell_align; ?>"><?php echo $GLOBALS['strLogPassword']; ?>&nbsp;</td>
+        <td align="<?php echo $cell_align; ?>">
+            <input type="text" name="pma_password" value="" size="24" />
+        </td>
+    </tr>
+    <tr>
+        <td align="<?php echo $cell_align; ?>"><?php echo $GLOBALS['strServerChoice']; ?>&nbsp;:&nbsp;</td>
+        <td align="<?php echo $cell_align; ?>">
+            <select name="server">
+        <?php
+        echo "\n";
+        // Displays the MySQL servers choice
+        reset($cfgServers);
+        while (list($key, $val) = each($cfgServers)) {
+            if (!empty($val['host'])) {
+                echo '                <option value="' . $key . '"';
+                if (!empty($server) && ($server == $key)) {
+                    echo ' selected="selected"';
+                }
+                echo '>';
+                if ($val['verbose'] != '') {
+                    echo $val['verbose'];
+                } else {
+                    echo $val['host'];
+                    if (!empty($val['port'])) {
+                        echo ':' . $val['port'];
+                    }
+                    // loic1: skip this because it's not a so good idea to
+                    //        display sockets used to everybody
+                    // if (!empty($val['socket']) && PMA_PHP_INT_VERSION >= 30010) {
+                    //     echo ':' . $val['socket'];
+                    // }
+                }
+                // loic1: if 'only_db' is an array and there is more than one
+                //        value, displaying such informations may not be a so
+                //        good idea
+                if (!empty($val['only_db'])) {
+                    echo ' - ' . (is_array($val['only_db']) ? implode(', ', $val['only_db']) : $val['only_db']);
+                }
+                if (!empty($val['user']) && ($val['auth_type'] == 'basic')) {
+                    echo '  (' . $val['user'] . ')';
+                }
+                echo '&nbsp;</option>' . "\n";
+            } // end if (!empty($val['host']))
+        } // end while
+        ?>
+            </select>
+        </td>
+    </tr>
+    <tr>
+        <td colspan="2" align="center">
+            <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
+            <input type="submit" value="<?php echo $GLOBALS['strLogin']; ?>" />
+        </td>
+    </tr>
+    </table>
+</form>
+</center>
+</body>
+
+</html>
+        <?php
+        exit();
+
+        return TRUE;
+    } // end of the 'PMA_auth()' function
+
+
+    /**
+     * Gets advanced authentication settings
+     *
+     * @global  string    the username if register_globals is on
+     * @global  string    the password if register_globals is on
+     * @global  array     the array of cookie variables if register_globals is
+     *                    off
+     * @global  string    the username sent by the login form
+     * @global  string    the password sent by the login form
+     * @global  string    the username of the user who logs out
+     * @global  boolean   whether the login/password pair is grabbed from a
+     *                    cookie or not
+     *
+     * @return  boolean   whether we get authentication settings or not
+     *
+     * @access  public
+     */
+    function PMA_auth_check()
+    {
+        global $PHP_AUTH_USER, $PHP_AUTH_PW;
+        global $HTTP_COOKIE_VARS;
+        global $pma_username, $pma_password, $old_usr;
+        global $from_cookie;
+
+        // Initialization
+        $PHP_AUTH_USER = $PHP_AUTH_PW = '';
+        $from_cookie   = FALSE;
+
+        // The user wants to be logged out -> delete password cookie
+        if (!empty($old_usr)) {
+            setcookie('pma_cookie_password', '');
+        }
+
+        // The user just logged in
+        else if (!empty($pma_username)) {
+            $PHP_AUTH_USER = $pma_username;
+            $PHP_AUTH_PW   = (empty($pma_password)) ? '' : $pma_password;
+        }
+
+        // At the end, try to set the $PHP_AUTH_USER & $PHP_AUTH_PW variables
+        // from cookies whatever are the values of the 'register_globals' and
+        // the 'variables_order' directives
+        else {
+            if (!empty($pma_cookie_username)) {
+                $PHP_AUTH_USER = $pma_cookie_username;
+            }
+            else if (!empty($_COOKIE) && isset($_COOKIE['pma_cookie_username'])) {
+                $PHP_AUTH_USER = $_COOKIE['pma_cookie_username'];
+            }
+            else if (!empty($HTTP_COOKIE_VARS) && isset($HTTP_COOKIE_VARS['pma_cookie_username'])) {
+                $PHP_AUTH_USER = $HTTP_COOKIE_VARS['pma_cookie_username'];
+            }
+            if (!empty($pma_cookie_password)) {
+                $PHP_AUTH_PW   = $pma_cookie_password;
+                $from_cookie   = TRUE;
+            }
+            else if (!empty($_COOKIE) && isset($_COOKIE['pma_cookie_password'])) {
+                $PHP_AUTH_PW   = $_COOKIE['pma_cookie_password'];
+                $from_cookie   = TRUE;
+            }
+            else if (!empty($HTTP_COOKIE_VARS) && isset($HTTP_COOKIE_VARS['pma_cookie_password'])) {
+                $PHP_AUTH_PW   = $HTTP_COOKIE_VARS['pma_cookie_password'];
+                $from_cookie   = TRUE;
+            }
+        }
+
+        // Returns whether we get authentication settings or not
+        if (empty($PHP_AUTH_USER)) {
+            return FALSE;
+        } else {
+            if (get_magic_quotes_gpc()) {
+                $PHP_AUTH_USER = stripslashes($PHP_AUTH_USER);
+                $PHP_AUTH_PW   = stripslashes($PHP_AUTH_PW);
+            }
+            return TRUE;
+        }
+    } // end of the 'PMA_auth_check()' function
+
+
+    /**
+     * Set the user and password after last checkings if required
+     *
+     * @global  array     the valid servers settings
+     * @global  integer   the id of the current server
+     * @global  array     the current server settings
+     * @global  string    the current username
+     * @global  string    the current password
+     * @global  boolean   whether the login/password pair has been grabbed from
+     *                    a cookie or not
+     *
+     * @return  boolean   always true
+     *
+     * @access  public
+     */
+    function PMA_auth_set_user()
+    {
+        global $cfgServers, $server, $cfgServer;
+        global $PHP_AUTH_USER, $PHP_AUTH_PW;
+        global $from_cookie;
+
+        // Ensures the valid 'only_db' setting is used
+        if ($cfgServer['user'] != $PHP_AUTH_USER) {
+            $servers_cnt = count($cfgServers);
+            for ($i = 1; $i <= $servers_cnt; $i++) {
+                if (isset($cfgServers[$i])
+                    && ($cfgServers[$i]['host'] == $cfgServer['host'] && $cfgServers[$i]['user'] == $PHP_AUTH_USER)) {
+                    $server    = $i;
+                    $cfgServer = $cfgServers[$i];
+                    break;
+                }
+            } // end for
+        } // end if
+
+        $cfgServer['user']     = $PHP_AUTH_USER;
+        $cfgServer['password'] = $PHP_AUTH_PW;
+
+        // Set cookies if required (once per session)
+        if (!$from_cookie) {
+            // Duration = one month for username
+            setcookie('pma_cookie_username', $cfgServer['user'], time() + (60 * 60 * 24 * 30));
+            // Duration = till the browser is closed for password
+            setcookie('pma_cookie_password', $cfgServer['password']);
+        }
+
+        return TRUE;
+    } // end of the 'PMA_auth_set_user()' function
+
+
+    /**
+     * User is not allowed to login to MySQL -> authentication failed
+     *
+     * @return  boolean   always true (no return indeed)
+     *
+     * @access  public
+     */
+    function PMA_auth_fails()
+    {
+        // Deletes password cookie and displays the login form
+        setcookie('pma_cookie_password', '');
+        PMA_auth();
+
+        return TRUE;
+    } // end of the 'PMA_auth()' function
+
+} // $__PMA_COOKIE_AUTH_LIB__
+?>

libraries/auth/http.auth.lib.php3

@@ -0,0 +1,236 @@
+<?php
+/* $Id$ */
+
+// +--------------------------------------------------------------------------+
+// | Set of functions used to run http authentication.                        |
+// | NOTE: Requires Apache loaded as a php module.                            |
+// +--------------------------------------------------------------------------+
+
+
+if (!defined('PMA_HTTP_AUTH_INCLUDED')) {
+    define('PMA_HTTP_AUTH_INCLUDED', 1);
+
+    /**
+     * Displays authentication form
+     *
+     * @global  string    the font face to use in case of failure
+     * @global  string    the default font size to use in case of failure
+     * @global  string    the big font size to use in case of failure
+     *
+     * @return  boolean   always true (no return indeed)
+     *
+     * @access  public
+     */
+    function PMA_auth()
+    {
+        global $right_font_family, $font_size, $font_bigger;
+
+        header('WWW-Authenticate: Basic realm="phpMyAdmin ' . sprintf($GLOBALS['strRunning'], (empty($GLOBALS['cfgServer']['verbose']) ? str_replace('\'', '\\\'',$GLOBALS['cfgServer']['host']) : str_replace('\'', '\\\'', $GLOBALS['cfgServer']['verbose']))) .  '"');
+        header('HTTP/1.0 401 Unauthorized');
+        header('status: 401 Unauthorized');
+        ?>
+<!DOCTYPE html
+    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" dir="<?php echo $GLOBALS['text_dir']; ?>">
+
+<head>
+<title><?php echo $GLOBALS['strAccessDenied']; ?></title>
+<style type="text/css">
+<!--
+body     {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_size; ?>; color: #000000}
+h1       {font-family: <?php echo $right_font_family; ?>; font-size: <?php echo $font_bigger; ?>; font-weight: bold}
+//-->
+</style>
+</head>
+
+<body bgcolor="<?php echo $GLOBALS['cfgRightBgColor']; ?>">
+<br /><br />
+<center>
+    <h1><?php echo sprintf($GLOBALS['strWelcome'], ' phpMyAdmin ' . PMA_VERSION); ?></h1>
+</center>
+<br />
+<p><?php echo $GLOBALS['strWrongUser']; ?></p>
+</body>
+
+</html>
+        <?php
+        echo "\n";
+        exit();
+
+        return TRUE;
+    } // end of the 'PMA_auth()' function
+
+
+    /**
+     * Gets advanced authentication settings
+     *
+     * @global  string    the username if register_globals is on
+     * @global  string    the password if register_globals is on
+     * @global  array     the array of server variables if register_globals is
+     *                    off
+     * @global  array     the array of environment variables if register_globals
+     *                    is off
+     * @global  string    the username for the ? server
+     * @global  string    the password for the ? server
+     * @global  string    the username for the WebSite Professional server
+     * @global  string    the password for the WebSite Professional server
+     * @global  string    the username of the user who logs out
+     *
+     * @return  boolean   whether we get authentication settings or not
+     *
+     * @access  public
+     */
+    function PMA_auth_check()
+    {
+        global $PHP_AUTH_USER, $PHP_AUTH_PW;
+        global $HTTP_SERVER_VARS, $HTTP_ENV_VARS;
+        global $REMOTE_USER, $AUTH_USER, $REMOTE_PASSWORD, $AUTH_PASSWORD;
+        global $old_usr;
+
+        // Grabs the $PHP_AUTH_USER variable whatever are the values of the
+        // 'register_globals' and the 'variables_order' directives
+        // loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
+        if (empty($PHP_AUTH_USER)) {
+            if (!empty($_SERVER) && isset($_SERVER['PHP_AUTH_USER'])) {
+                $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
+            }
+            else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_USER'])) {
+                $PHP_AUTH_USER = $HTTP_SERVER_VARS['PHP_AUTH_USER'];
+            }
+            else if (isset($REMOTE_USER)) {
+                $PHP_AUTH_USER = $REMOTE_USER;
+            }
+            else if (!empty($_ENV) && isset($_ENV['REMOTE_USER'])) {
+                $PHP_AUTH_USER = $_ENV['REMOTE_USER'];
+            }
+            else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_USER'])) {
+                $PHP_AUTH_USER = $HTTP_ENV_VARS['REMOTE_USER'];
+            }
+            else if (@getenv('REMOTE_USER')) {
+                $PHP_AUTH_USER = getenv('REMOTE_USER');
+            }
+            // Fix from Matthias Fichtner for WebSite Professional - Part 1
+            else if (isset($AUTH_USER)) {
+                $PHP_AUTH_USER = $AUTH_USER;
+            }
+            else if (!empty($_ENV) && isset($_ENV['AUTH_USER'])) {
+                $PHP_AUTH_USER = $_ENV['AUTH_USER'];
+            }
+            else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['AUTH_USER'])) {
+                $PHP_AUTH_USER = $HTTP_ENV_VARS['AUTH_USER'];
+            }
+            else if (@getenv('AUTH_USER')) {
+                $PHP_AUTH_USER = getenv('AUTH_USER');
+            }
+        }
+        // Grabs the $PHP_AUTH_PW variable whatever are the values of the
+        // 'register_globals' and the 'variables_order' directives
+        // loic1 - 2001/25/11: use the new globals arrays defined with php 4.1+
+        if (empty($PHP_AUTH_PW)) {
+            if (!empty($_SERVER) && isset($_SERVER['PHP_AUTH_PW'])) {
+                $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
+            }
+            else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
+                $PHP_AUTH_PW = $HTTP_SERVER_VARS['PHP_AUTH_PW'];
+            }
+            else if (isset($REMOTE_PASSWORD)) {
+                $PHP_AUTH_PW = $REMOTE_PASSWORD;
+            }
+            else if (!empty($_ENV) && isset($_ENV['REMOTE_PASSWORD'])) {
+                $PHP_AUTH_PW = $_ENV['REMOTE_PASSWORD'];
+            }
+            else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_PASSWORD'])) {
+                $PHP_AUTH_PW = $HTTP_ENV_VARS['REMOTE_PASSWORD'];
+            }
+            else if (@getenv('REMOTE_PASSWORD')) {
+                $PHP_AUTH_PW = getenv('REMOTE_PASSWORD');
+            }
+            // Fix from Matthias Fichtner for WebSite Professional - Part 2
+            else if (isset($AUTH_PASSWORD)) {
+                $PHP_AUTH_PW = $AUTH_PASSWORD;
+            }
+            else if (!empty($_ENV) && isset($_ENV['AUTH_PASSWORD'])) {
+                $PHP_AUTH_PW = $_ENV['AUTH_PASSWORD'];
+            }
+            else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['AUTH_PASSWORD'])) {
+                $PHP_AUTH_PW = $HTTP_ENV_VARS['AUTH_PASSWORD'];
+            }
+            else if (@getenv('AUTH_PASSWORD')) {
+                $PHP_AUTH_PW = getenv('AUTH_PASSWORD');
+            }
+        }
+
+        // User logged out -> ensure the new username is not the same
+        if (!empty($old_usr)
+            && (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER)) {
+            $PHP_AUTH_USER = '';
+        }
+
+        // Returns whether we get authentication settings or not
+        if (empty($PHP_AUTH_USER)) {
+            return FALSE;
+        } else {
+            if (get_magic_quotes_gpc()) {
+                $PHP_AUTH_USER = stripslashes($PHP_AUTH_USER);
+                $PHP_AUTH_PW   = stripslashes($PHP_AUTH_PW);
+            }
+            return TRUE;
+        }
+    } // end of the 'PMA_auth_check()' function
+
+
+    /**
+     * Set the user and password after last checkings if required
+     *
+     * @global  array     the valid servers settings
+     * @global  integer   the id of the current server
+     * @global  array     the current server settings
+     * @global  string    the current username
+     * @global  string    the current password
+     *
+     * @return  boolean   always true
+     *
+     * @access  public
+     */
+    function PMA_auth_set_user()
+    {
+        global $cfgServers, $server, $cfgServer;
+        global $PHP_AUTH_USER, $PHP_AUTH_PW;
+
+        // Ensures the valid 'only_db' setting is used
+        if ($cfgServer['user'] != $PHP_AUTH_USER) {
+            $servers_cnt = count($cfgServers);
+            for ($i = 1; $i <= $servers_cnt; $i++) {
+                if (isset($cfgServers[$i])
+                    && ($cfgServers[$i]['host'] == $cfgServer['host'] && $cfgServers[$i]['user'] == $PHP_AUTH_USER)) {
+                    $server    = $i;
+                    $cfgServer = $cfgServers[$i];
+                    break;
+                }
+            } // end for
+        } // end if
+
+        $cfgServer['user']     = $PHP_AUTH_USER;
+        $cfgServer['password'] = $PHP_AUTH_PW;
+
+        return TRUE;
+    } // end of the 'PMA_auth_set_user()' function
+
+
+    /**
+     * User is not allowed to login to MySQL -> authentication failed
+     *
+     * @return  boolean   always true (no return indeed)
+     *
+     * @access  public
+     */
+    function PMA_auth_fails()
+    {
+        PMA_auth();
+
+        return TRUE;
+    } // end of the 'PMA_auth()' function
+
+} // $__PMA_HTTP_AUTH_LIB__
+?>

libraries/common.lib.php3

@@ -25,15 +25,14 @@ if (!defined('PMA_COMMON_LIB_INCLUDED')){
      *
      * the PMA_sqlAddslashes() function must be before the connection to db
      *
-     * the PMA_auth() function must be before the connection to db but after
+     * the authentication libraries must be before the connection to db but
-     * the PMA_isInto() function
+     * after the PMA_isInto() function
      *
      * the PMA_mysqlDie() function must be before the connection to db but after
      * mysql extension has been loaded
      *
      * ... so the required order is:
      *
-     * - definition of PMA_auth()
      * - parsing of the configuration file
      * - first load of the libraries/define.lib.php3 library (won't get the
      *   MySQL release number)
@@ -41,8 +40,9 @@ if (!defined('PMA_COMMON_LIB_INCLUDED')){
      * - definition of PMA_sqlAddslashes()
      * - definition of PMA_mysqlDie()
      * - definition of PMA_isInto()
+     * - loading of an authentication library
      * - db connection
-     * - advanced authentication work if required
+     * - authentication work
      * - second load of the libraries/define.lib.php3 library to get the MySQL
      *   release number)
      * - other functions, respecting dependencies 
@@ -60,43 +60,6 @@ if (!defined('PMA_COMMON_LIB_INCLUDED')){
     }
 
 
-    /**
-     * Advanced authentication work
-     *
-     * Requires Apache loaded as a php module.
-     *
-     * @access  public
-     */
-    function PMA_auth()
-    {
-//        header('WWW-Authenticate: Basic realm="phpMyAdmin ' . trim($GLOBALS['strRunning']) . ' ' . $GLOBALS['cfgServer']['host'] . '"');
-        header('WWW-Authenticate: Basic realm="phpMyAdmin ' . sprintf($GLOBALS['strRunning'], (empty($GLOBALS['cfgServer']['verbose']) ? str_replace('\'', '\\\'',$GLOBALS['cfgServer']['host']) : str_replace('\'', '\\\'', $GLOBALS['cfgServer']['verbose']))) .  '"');
-        header('HTTP/1.0 401 Unauthorized');
-        header('status: 401 Unauthorized');
-        ?>
-<!DOCTYPE html
-    PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" lang="<?php echo $GLOBALS['available_languages'][$GLOBALS['lang']][2]; ?>" dir="<?php echo $GLOBALS['text_dir']; ?>">
-
-<head>
-<title><?php echo $GLOBALS['strAccessDenied']; ?></title>
-</head>
-
-<body bgcolor="#FFFFFF">
-<br /><br />
-<center>
-    <h1><?php echo $GLOBALS['strWrongUser']; ?></h1>
-</center>
-</body>
-
-</html>
-        <?php
-        echo "\n";
-        exit();
-    } // end of the 'PMA_auth()' function
-
-
     /**
      * Parses the configuration file and gets some constants used to define
      * versions of phpMyAdmin/php/mysql...
@@ -175,7 +138,6 @@ if (!defined('PMA_COMMON_LIB_INCLUDED')){
     }
 
 
-
     /**
      * Loads the mysql extensions if it is not loaded yet
      * staybyte - 26. June 2001
@@ -357,137 +319,14 @@ if (!defined('PMA_COMMON_LIB_INCLUDED')){
                        ? ''
                        : ':' . $cfgServer['socket'];
 
-        // Advanced authentication is required
+        // Gets the authentication library that fits the cfgServer settings
-        if ($cfgServer['adv_auth']) {
+        // and run authentication
-            // Grabs the $PHP_AUTH_USER variable whatever are the values of the
+        include('./libraries/auth/' . $cfgServer['auth_type'] . '.auth.lib.php3');
-            // 'register_globals' and the 'variables_order' directives
+        if (!PMA_auth_check()) {
-            // loic1 - 2001/25/11: use the new globals arrays defined with
+            PMA_auth();
-            //                     php 4.1+
+        } else {
-            if (empty($PHP_AUTH_USER)) {
+            PMA_auth_set_user();
-                if (!empty($_SERVER) && isset($_SERVER['PHP_AUTH_USER'])) {
+        }
-                    $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER'];
-                }
-                else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_USER'])) {
-                    $PHP_AUTH_USER = $HTTP_SERVER_VARS['PHP_AUTH_USER'];
-                }
-                else if (isset($REMOTE_USER)) {
-                    $PHP_AUTH_USER = $REMOTE_USER;
-                }
-                else if (!empty($_ENV) && isset($_ENV['REMOTE_USER'])) {
-                    $PHP_AUTH_USER = $_ENV['REMOTE_USER'];
-                }
-                else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_USER'])) {
-                    $PHP_AUTH_USER = $HTTP_ENV_VARS['REMOTE_USER'];
-                }
-                else if (@getenv('REMOTE_USER')) {
-                    $PHP_AUTH_USER = getenv('REMOTE_USER');
-                }
-                // Fix from Matthias Fichtner for WebSite Professional - Part 1
-                else if (isset($AUTH_USER)) {
-                    $PHP_AUTH_USER = $AUTH_USER;
-                }
-                else if (!empty($_ENV) && isset($_ENV['AUTH_USER'])) {
-                    $PHP_AUTH_USER = $_ENV['AUTH_USER'];
-                }
-                else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['AUTH_USER'])) {
-                    $PHP_AUTH_USER = $HTTP_ENV_VARS['AUTH_USER'];
-                }
-                else if (@getenv('AUTH_USER')) {
-                    $PHP_AUTH_USER = getenv('AUTH_USER');
-                }
-            }
-            // Grabs the $PHP_AUTH_PW variable whatever are the values of the
-            // 'register_globals' and the 'variables_order' directives
-            // loic1 - 2001/25/11: use the new globals arrays defined with
-            //                     php 4.1+
-            if (empty($PHP_AUTH_PW)) {
-                if (!empty($_SERVER) && isset($_SERVER['PHP_AUTH_PW'])) {
-                    $PHP_AUTH_PW = $_SERVER['PHP_AUTH_PW'];
-                }
-                else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW'])) {
-                    $PHP_AUTH_PW = $HTTP_SERVER_VARS['PHP_AUTH_PW'];
-                }
-                else if (isset($REMOTE_PASSWORD)) {
-                    $PHP_AUTH_PW = $REMOTE_PASSWORD;
-                }
-                else if (!empty($_ENV) && isset($_ENV['REMOTE_PASSWORD'])) {
-                    $PHP_AUTH_PW = $_ENV['REMOTE_PASSWORD'];
-                }
-                else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_PASSWORD'])) {
-                    $PHP_AUTH_PW = $HTTP_ENV_VARS['REMOTE_PASSWORD'];
-                }
-                else if (@getenv('REMOTE_PASSWORD')) {
-                    $PHP_AUTH_PW = getenv('REMOTE_PASSWORD');
-                }
-                // Fix from Matthias Fichtner for WebSite Professional - Part 2
-                else if (isset($AUTH_PASSWORD)) {
-                    $PHP_AUTH_PW = $AUTH_PASSWORD;
-                }
-                else if (!empty($_ENV) && isset($_ENV['AUTH_PASSWORD'])) {
-                    $PHP_AUTH_PW = $_ENV['AUTH_PASSWORD'];
-                }
-                else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['AUTH_PASSWORD'])) {
-                    $PHP_AUTH_PW = $HTTP_ENV_VARS['AUTH_PASSWORD'];
-                }
-                else if (@getenv('AUTH_PASSWORD')) {
-                    $PHP_AUTH_PW = getenv('AUTH_PASSWORD');
-                }
-            }
-            // Grabs the $old_usr variable whatever are the values of the
-            // 'register_globals' and the 'variables_order' directives
-            // loic1 - 2001/25/11: use the new globals arrays defined with
-            //                     php 4.1+
-            if (empty($old_usr)) {
-                if (!empty($_GET) && isset($_GET['old_usr'])) {
-                    $old_usr = $_GET['old_usr'];
-                }
-                else if (!empty($HTTP_GET_VARS) && isset($HTTP_GET_VARS['old_usr'])) {
-                    $old_usr = $HTTP_GET_VARS['old_usr'];
-                }
-            }
-
-            // First load -> checks if authentication is required
-            if (!isset($old_usr)) {
-                if (empty($PHP_AUTH_USER)) {
-                    $do_auth = TRUE;
-                } else {
-                    $do_auth = FALSE;
-                }
-            }
-            // Else ensure the username is not the same
-            else {
-                // force user to enter a different username
-                if (isset($PHP_AUTH_USER) && $old_usr == $PHP_AUTH_USER) {
-                    $do_auth = TRUE;
-                } else {
-                    $do_auth = FALSE;
-                }
-            }
-
-            // Calls the authentication window or store user's login/password
-            if ($do_auth) {
-                PMA_auth();
-            } else {
-                if (get_magic_quotes_gpc()) {
-                    $PHP_AUTH_USER = stripslashes($PHP_AUTH_USER);
-                    $PHP_AUTH_PW   = stripslashes($PHP_AUTH_PW);
-                }
-                // Ensures the valid 'only_db' setting is used
-                if ($cfgServer['user'] != $PHP_AUTH_USER) {
-                    $servers_cnt = count($cfgServers);
-                    for ($i = 1; $i <= $servers_cnt; $i++) {
-                        if (isset($cfgServers[$i])
-                            && ($cfgServers[$i]['host'] == $cfgServer['host'] && $cfgServers[$i]['user'] == $PHP_AUTH_USER)) {
-                            $server    = $i;
-                            $cfgServer = $cfgServers[$i];
-                            break;
-                        }
-                    } // end for
-                 } // end if
-                $cfgServer['user']     = $PHP_AUTH_USER;
-                $cfgServer['password'] = $PHP_AUTH_PW;
-            } // end else
-        } // end advanced authentication
 
         // The user can work with only some databases
         if (isset($cfgServer['only_db']) && $cfgServer['only_db'] != '') {
@@ -535,23 +374,7 @@ if (!defined('PMA_COMMON_LIB_INCLUDED')){
                              $cfgServer['password']
                          );
         if ($userlink == FALSE) {
-            // Advanced authentication case
+            PMA_auth_fails();
-            if ($cfgServer['adv_auth']) {
-                PMA_auth();
-            }
-            // Standard authentication case
-            else if (mysql_error()) {
-                $conn_error = mysql_error();
-            } else if (isset($php_errormsg)) {
-                $conn_error = $php_errormsg;
-            } else {
-                $conn_error = 'Cannot connect: invalid settings.';
-            }
-            $local_query    = $connect_func . '('
-                            . $cfgServer['host'] . $server_port . $server_socket . ', '
-                            . $cfgServer['user'] . ', '
-                            . $cfgServer['password'] . ')';
-            PMA_mysqlDie($conn_error, $local_query, FALSE);
         } // end if
 
         if (PMA_PHP_INT_VERSION >= 40000) {

main.php3

@@ -94,15 +94,13 @@ if ($server == 0 || count($cfgServers) > 1) {
 </tr>
 <tr>
     <td>
-        <form action="index.php3" target="_parent">
+        <form method="post" action="index.php3" target="_parent">
             <select name="server">
     <?php
     echo "\n";
     reset($cfgServers);
-    while (list($key, $val) = each($cfgServers))
+    while (list($key, $val) = each($cfgServers)) {
-    {
+        if (!empty($val['host'])) {
-        if (!empty($val['host']))
-        {
             echo '                <option value="' . $key . '"';
             if (!empty($server) && ($server == $key)) {
                 echo ' selected="selected"';
@@ -127,7 +125,7 @@ if ($server == 0 || count($cfgServers) > 1) {
             if (!empty($val['only_db'])) {
                 echo ' - ' . (is_array($val['only_db']) ? implode(', ', $val['only_db']) : $val['only_db']);
             }
-            if (!empty($val['user']) && !($val['adv_auth'])) {
+            if (!empty($val['user']) && ($val['auth_type'] == 'basic')) {
                 echo '  (' . $val['user'] . ')';
             }
             echo '&nbsp;</option>' . "\n";
@@ -211,7 +209,7 @@ if ($server > 0) {
     // loic1: Displays the MySQL column only if at least one feature has to be
     //        displayed
     if ($is_superuser || $is_create_priv || $is_process_priv || $is_reload_priv
-        || $cfgShowMysqlInfo || $cfgShowMysqlVars || $cfgServer['adv_auth']) {
+        || $cfgShowMysqlInfo || $cfgShowMysqlVars || $cfgServer['auth_type'] != 'basic') {
         ?>
     <!-- MySQL server related links -->
     <td valign="top" align="<?php echo $cell_align_left; ?>">
@@ -328,7 +326,7 @@ if ($server > 0) {
         }
 
         // Logout for advanced authentication
-        if ($cfgServer['adv_auth']) {
+        if ($cfgServer['auth_type'] != 'basic') {
             echo "\n";
             ?>
         <tr>
@@ -413,7 +411,7 @@ if (empty($cfgLang)) {
                 </form>
             </td>
         </tr>
-   <?php
+    <?php
 }
 echo "\n";
 ?>