From ac9d23f535d7af706eb668473a6488e702349658 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <michal@cihar.com>
Date: Thu, 21 Jan 2010 15:22:34 +0000
Subject: [PATCH] rfe #2936156 [auth] Signon authentication forwards error
 message through session data.

---
 ChangeLog                          |  1 +
 libraries/auth/signon.auth.lib.php | 18 ++++++++++++------
 scripts/signon.php                 |  5 +++++
 3 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 8b7ea57c9..f4b01a872 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -24,6 +24,7 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
 + rfe #1435032 [interface] Move SSL status to the end, it is usually empty.
 + rfe #1340812 [interface] Show numbers of columns in table structure.
 + rfe #1186511 [inrerface] Add link to reload navigation frame.
++ rfe #2936156 [auth] Signon authentication forwards error message through session data.
 
 3.3.0.0 (not yet released)
 + rfe #2308632 [edit] Use hex for (var)binary fields,
diff --git a/libraries/auth/signon.auth.lib.php b/libraries/auth/signon.auth.lib.php
index c4b25a46f..0884a6c7b 100644
--- a/libraries/auth/signon.auth.lib.php
+++ b/libraries/auth/signon.auth.lib.php
@@ -173,14 +173,20 @@ function PMA_auth_set_user()
  */
 function PMA_auth_fails()
 {
-    $error = PMA_DBI_getError();
-    if ($error && $GLOBALS['errno'] != 1045) {
-        PMA_fatalError($error);
+    if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
+        $_SESSION['PMA_single_signon_error_message'] = $GLOBALS['strLoginWithoutPassword'];
+    } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
+        $_SESSION['PMA_single_signon_error_message'] = $GLOBALS['strAccessDenied'];
+    } elseif (! empty($GLOBALS['no_activity'])) {
+        $_SESSION['PMA_single_signon_error_message'] = sprintf($GLOBALS['strNoActivity'], $GLOBALS['cfg']['LoginCookieValidity']);
+    } elseif (PMA_DBI_getError()) {
+        $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
+    } elseif (isset($php_errormsg)) {
+        $_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
     } else {
-        PMA_auth();
-        return true;
+        $_SESSION['PMA_single_signon_error_message'] = $GLOBALS['strCannotLogin'];
     }
-
+    PMA_auth();
 } // end of the 'PMA_auth_fails()' function
 
 ?>
diff --git a/scripts/signon.php b/scripts/signon.php
index b538cb56f..a289fce9a 100644
--- a/scripts/signon.php
+++ b/scripts/signon.php
@@ -44,6 +44,11 @@ if (isset($_POST['user'])) {
     <title>phpMyAdmin single signon example</title>
 </head>
 <body>
+<?php
+if (isset($_SESSION['PMA_single_signon_error_message'])) {
+    echo '<p class="error">' . $_SESSION['PMA_single_signon_port'] . '</p>';
+}
+?>
 <form action="signon.php" method="post">
 Username: <input type="text" name="user" /><br />
 Password: <input type="password" name="password" /><br />