mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-12 09:34:10 +02:00
Code Issues Releases Wiki Activity

Unset username in case of bad login

Browse Source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@200 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
2007-07-17 05:14:43 +00:00
parent 93c27c9515
commit ce12469b70
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
auth.inc.php
View File

@@ -30,12 +30,14 @@ if (isset($_POST["server"])) {
redirect(substr($SELF, 0, -1), lang('Logout successful.')); redirect(substr($SELF, 0, -1), lang('Logout successful.'));
} }
if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["server"], $_SESSION["usernames"][$_GET["server"]], $_SESSION["passwords"][$_GET["server"]])) { $username = $_SESSION["usernames"][$_GET["server"]];
if ($_POST["token"] && !isset($_SESSION["usernames"][$_GET["server"]])) { if (!isset($username) || !$mysql->connect($_GET["server"], $username, $_SESSION["passwords"][$_GET["server"]])) {
if ($_POST["token"] && !isset($username)) {
$_POST["token"] = token(); $_POST["token"] = token();
} }
unset($_SESSION["usernames"][$_GET["server"]]);
page_header(lang('Login')); page_header(lang('Login'));
if (isset($_SESSION["usernames"][$_GET["server"]])) { if (isset($username)) {
echo "<p class='error'>" . lang('Invalid credentials.') . "</p>\n"; echo "<p class='error'>" . lang('Invalid credentials.') . "</p>\n";
} elseif (isset($_POST["server"])) { } elseif (isset($_POST["server"])) {
echo "<p class='error'>" . lang('Sessions must be enabled.') . "</p>\n"; echo "<p class='error'>" . lang('Sessions must be enabled.') . "</p>\n";
@@ -46,7 +48,7 @@ if (!isset($_SESSION["usernames"][$_GET["server"]]) || !$mysql->connect($_GET["s
<form action="" method="post"> <form action="" method="post">
<table border="0" cellspacing="0" cellpadding="2"> <table border="0" cellspacing="0" cellpadding="2">
<tr><th><?php echo lang('Server'); ?>:</th><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>" maxlength="60" /></td></tr> <tr><th><?php echo lang('Server'); ?>:</th><td><input name="server" value="<?php echo htmlspecialchars($_GET["server"]); ?>" maxlength="60" /></td></tr>
<tr><th><?php echo lang('Username'); ?>:</th><td><input name="username" value="<?php echo htmlspecialchars($_SESSION["usernames"][$_GET["server"]]); ?>" maxlength="16" /></td></tr> <tr><th><?php echo lang('Username'); ?>:</th><td><input name="username" value="<?php echo htmlspecialchars($username); ?>" maxlength="16" /></td></tr>
<tr><th><?php echo lang('Password'); ?>:</th><td><input type="password" name="password" /></td></tr> <tr><th><?php echo lang('Password'); ?>:</th><td><input type="password" name="password" /></td></tr>
<tr><th><?php <tr><th><?php
foreach ($_POST as $key => $val) { // expired session foreach ($_POST as $key => $val) { // expired session