mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-08 07:36:44 +02:00
Code Issues Releases Wiki Activity

Permanent login only with valid key

Browse Source
This commit is contained in:
Jakub Vrana
2010-05-07 15:34:59 +02:00
parent 4c47d354e7
commit 6217dcf717
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
adminer/include/auth.inc.php
View File

@@ -15,11 +15,11 @@ if (!$_SESSION["token"]) {
if (isset($_POST["server"])) {
session_regenerate_id(); // defense against session fixation
$_SESSION["passwords"][$_POST["driver"]][$_POST["server"]][$_POST["username"]] = $_POST["password"];
if ($_POST["permanent"]) {
if ($_POST["permanent"] && ($key = $adminer->permanentLogin())) {
cookie("adminer_permanent", //! store separately for each driver, server and username to allow several permanent logins
base64_encode($_POST["server"])
. ":" . base64_encode($_POST["username"])
. ":" . base64_encode(encrypt_string($_POST["password"], $adminer->permanentLogin()))
. ":" . base64_encode(encrypt_string($_POST["password"], $key))
. ":" . base64_encode($_POST["driver"])
);
}
@@ -48,7 +48,6 @@ if (isset($_POST["server"])) {
session_regenerate_id(); // defense against session fixation
set_session("passwords", decrypt_string($cipher, $adminer->permanentLogin()));
}
//! redirect ?select=tab
}
function auth_error($exception = null) {