[auth] Fixed error handling for signon auth method.

The message is now stored in caller session data and properly displayed in example script.
2011-05-23 10:33:14 +02:00
parent e936257d44
commit adc6de0685
3 changed files with 38 additions and 19 deletions
--- a/libraries/auth/signon.auth.lib.php
+++ b/libraries/auth/signon.auth.lib.php
@@ -202,18 +202,35 @@ function PMA_auth_set_user()
 */
 function PMA_auth_fails()
 {
-    if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
-        $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
-    } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
-        $_SESSION['PMA_single_signon_error_message'] = __('Access denied');
-    } elseif (! empty($GLOBALS['no_activity'])) {
-        $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
-    } elseif (PMA_DBI_getError()) {
-        $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
-    } elseif (isset($php_errormsg)) {
-        $_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
-    } else {
-        $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
+    /* Session name */
+    $session_name = $GLOBALS['cfg']['Server']['SignonSession'];
+
+    /* Does session exist? */
+    if (isset($_COOKIE[$session_name])) {
+        /* End current session */
+        $old_session = session_name();
+        $old_id = session_id();
+        session_write_close();
+
+        /* Load single signon session */
+        session_name($session_name);
+        session_id($_COOKIE[$session_name]);
+        session_start();
+
+        /* Set error message */
+        if (! empty($GLOBALS['login_without_password_is_forbidden'])) {
+            $_SESSION['PMA_single_signon_error_message'] = __('Login without a password is forbidden by configuration (see AllowNoPassword)');
+        } elseif (! empty($GLOBALS['allowDeny_forbidden'])) {
+            $_SESSION['PMA_single_signon_error_message'] = __('Access denied');
+        } elseif (! empty($GLOBALS['no_activity'])) {
+            $_SESSION['PMA_single_signon_error_message'] = sprintf(__('No activity within %s seconds; please log in again'), $GLOBALS['cfg']['LoginCookieValidity']);
+        } elseif (PMA_DBI_getError()) {
+            $_SESSION['PMA_single_signon_error_message'] = PMA_sanitize(PMA_DBI_getError());
+        } elseif (isset($php_errormsg)) {
+            $_SESSION['PMA_single_signon_error_message'] = $php_errormsg;
+        } else {
+            $_SESSION['PMA_single_signon_error_message'] = __('Cannot log in to the MySQL server');
+        }
    }
    PMA_auth();
 } // end of the 'PMA_auth_fails()' function