当前位置: 首页>>代码示例>>PHP>>正文


PHP PMA_secureSession函数代码示例

本文整理汇总了PHP中PMA_secureSession函数的典型用法代码示例。如果您正苦于以下问题:PHP PMA_secureSession函数的具体用法?PHP PMA_secureSession怎么用?PHP PMA_secureSession使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了PMA_secureSession函数的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: ucfirst

 $auth_class = "Authentication" . ucfirst($cfg['Server']['auth_type']);
 if (!file_exists('./libraries/plugins/auth/' . $auth_class . '.class.php')) {
     PMA_fatalError(__('Invalid authentication method set in configuration:') . ' ' . $cfg['Server']['auth_type']);
 }
 if (isset($_REQUEST['pma_password'])) {
     $_REQUEST['pma_password'] = substr($_REQUEST['pma_password'], 0, 256);
 }
 include_once './libraries/plugins/auth/' . $auth_class . '.class.php';
 // todo: add plugin manager
 $plugin_manager = null;
 /** @var AuthenticationPlugin $auth_plugin */
 $auth_plugin = new $auth_class($plugin_manager);
 if (!$auth_plugin->authCheck()) {
     /* Force generating of new session on login */
     if ($token_provided) {
         PMA_secureSession();
     }
     $auth_plugin->auth();
 } else {
     $auth_plugin->authSetUser();
 }
 // Check IP-based Allow/Deny rules as soon as possible to reject the
 // user based on mod_access in Apache
 if (isset($cfg['Server']['AllowDeny']) && isset($cfg['Server']['AllowDeny']['order'])) {
     /**
      * ip based access library
      */
     include_once './libraries/ip_allow_deny.lib.php';
     $allowDeny_forbidden = false;
     // default
     if ($cfg['Server']['AllowDeny']['order'] == 'allow,deny') {
开发者ID:mi-squared,项目名称:openemr,代码行数:31,代码来源:common.inc.php

示例2: authCheck

 /**
  * Gets advanced authentication settings
  *
  * this function DOES NOT check authentication - it just checks/provides
  * authentication credentials required to connect to the MySQL server
  * usually with $GLOBALS['dbi']->connect()
  *
  * it returns false if something is missing - which usually leads to
  * auth() which displays login form
  *
  * it returns true if all seems ok which usually leads to auth_set_user()
  *
  * it directly switches to authFails() if user inactivity timeout is reached
  *
  * @return boolean   whether we get authentication settings or not
  */
 public function authCheck()
 {
     global $conn_error;
     // Initialization
     /**
      * @global $GLOBALS['pma_auth_server'] the user provided server to
      * connect to
      */
     $GLOBALS['pma_auth_server'] = '';
     $GLOBALS['PHP_AUTH_USER'] = $GLOBALS['PHP_AUTH_PW'] = '';
     $GLOBALS['from_cookie'] = false;
     if (!empty($_REQUEST['pma_username'])) {
         // Verify Captcha if it is required.
         if (!empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) && !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])) {
             if (!empty($_POST["g-recaptcha-response"])) {
                 include_once 'libraries/plugins/auth/recaptcha/autoload.php';
                 $reCaptcha = new ReCaptcha($GLOBALS['cfg']['CaptchaLoginPrivateKey']);
                 // verify captcha status.
                 $resp = $reCaptcha->verify($_POST["g-recaptcha-response"], $_SERVER["REMOTE_ADDR"]);
                 // Check if the captcha entered is valid, if not stop the login.
                 if ($resp == null || !$resp->isSuccess()) {
                     $conn_error = __('Entered captcha is wrong, try again!');
                     return false;
                 }
             } else {
                 $conn_error = __('Please enter correct captcha!');
                 return false;
             }
         }
         // The user just logged in
         $GLOBALS['PHP_AUTH_USER'] = PMA_sanitizeMySQLUser($_REQUEST['pma_username']);
         $GLOBALS['PHP_AUTH_PW'] = empty($_REQUEST['pma_password']) ? '' : $_REQUEST['pma_password'];
         if ($GLOBALS['cfg']['AllowArbitraryServer'] && isset($_REQUEST['pma_servername'])) {
             if ($GLOBALS['cfg']['ArbitraryServerRegexp']) {
                 $parts = explode(' ', $_REQUEST['pma_servername']);
                 if (count($parts) == 2) {
                     $tmp_host = $parts[0];
                 } else {
                     $tmp_host = $_REQUEST['pma_servername'];
                 }
                 $match = preg_match($GLOBALS['cfg']['ArbitraryServerRegexp'], $tmp_host);
                 if (!$match) {
                     $conn_error = __('You are not allowed to log in to this MySQL server!');
                     return false;
                 }
             }
             $GLOBALS['pma_auth_server'] = PMA_sanitizeMySQLHost($_REQUEST['pma_servername']);
         }
         PMA_secureSession();
         return true;
     }
     // At the end, try to set the $GLOBALS['PHP_AUTH_USER']
     // and $GLOBALS['PHP_AUTH_PW'] variables from cookies
     // check cookies
     if (empty($_COOKIE['pmaUser-' . $GLOBALS['server']])) {
         return false;
     }
     $GLOBALS['PHP_AUTH_USER'] = $this->cookieDecrypt($_COOKIE['pmaUser-' . $GLOBALS['server']], $this->_getEncryptionSecret());
     // user was never logged in since session start
     if (empty($_SESSION['last_access_time'])) {
         return false;
     }
     // User inactive too long
     $last_access_time = time() - $GLOBALS['cfg']['LoginCookieValidity'];
     if ($_SESSION['last_access_time'] < $last_access_time) {
         Util::cacheUnset('is_create_db_priv');
         Util::cacheUnset('is_reload_priv');
         Util::cacheUnset('db_to_create');
         Util::cacheUnset('dbs_where_create_table_allowed');
         Util::cacheUnset('dbs_to_test');
         Util::cacheUnset('db_priv');
         Util::cacheUnset('col_priv');
         Util::cacheUnset('table_priv');
         Util::cacheUnset('proc_priv');
         $GLOBALS['no_activity'] = true;
         $this->authFails();
         if (!defined('TESTSUITE')) {
             exit;
         } else {
             return false;
         }
     }
     // check password cookie
     if (empty($_COOKIE['pmaAuth-' . $GLOBALS['server']])) {
//.........这里部分代码省略.........
开发者ID:wp-cloud,项目名称:phpmyadmin,代码行数:101,代码来源:AuthenticationCookie.php


注:本文中的PMA_secureSession函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。