plogical/phpmyadminsignin.php

<?php


define("PMA_SIGNON_INDEX", 1);

try {
    define('PMA_SIGNON_SESSIONNAME', 'SignonSession');
    define('PMA_DISABLE_SSL_PEER_VALIDATION', TRUE);

    if (isset($_POST['token'])) {

        ### Get credentials using the token

        $token = $_POST['token'];
        $username = $_POST['username'];

        //$url = "/dataBases/fetchDetailsPHPMYAdmin?token=" . $token . '&username=' . $username;
        $url = "/dataBases/fetchDetailsPHPMYAdmin";

        //         header('Location: ' . $url);

        // Redirect with POST data

        echo '<form id="redirectForm" action="' . $url . '" method="post">';
        echo '<input type="hidden"  value="' . $token . '" name="token">';
        echo '<input type="hidden"  value="' . $username . '" name="username">';
        echo '</form>';
        echo '<script>document.getElementById("redirectForm").submit();</script>';

    } else if (isset($_POST['logout'])) {
        $params = session_get_cookie_params();
        setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
        session_destroy();
        header('Location: /base/');
        return;
    } else if (isset($_POST['password'])) {

        session_name(PMA_SIGNON_SESSIONNAME);
        @session_start();

        $username = $_POST['username'];
        $password = $_POST['password'];

        $_SESSION['PMA_single_signon_user'] = $username;
        $_SESSION['PMA_single_signon_password'] = $password;
        $_SESSION['PMA_single_signon_host'] = 'localhost';

        @session_write_close();

        header('Location: /phpmyadmin/index.php?server=' . PMA_SIGNON_INDEX);
    }
} catch (Exception $e) {
    echo 'Caught exception: ', $e->getMessage(), "\n";
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
    session_destroy();
    header('Location: /dataBases/phpMyAdmin');
    return;
}
complete phpmyadmin 2020-08-09 12:45:18 +05:00			`<?php`


			`define("PMA_SIGNON_INDEX", 1);`

bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`try {`
			`define('PMA_SIGNON_SESSIONNAME', 'SignonSession');`
			`define('PMA_DISABLE_SSL_PEER_VALIDATION', TRUE);`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`if (isset($_POST['token'])) {`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`### Get credentials using the token`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`$token = $_POST['token'];`
			`$username = $_POST['username'];`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`//$url = "/dataBases/fetchDetailsPHPMYAdmin?token=" . $token . '&username=' . $username;`
			`$url = "/dataBases/fetchDetailsPHPMYAdmin";`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`// header('Location: ' . $url);`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`// Redirect with POST data`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`echo '<form id="redirectForm" action="' . $url . '" method="post">';`
			`echo '<input type="hidden" value="' . $token . '" name="token">';`
			`echo '<input type="hidden" value="' . $username . '" name="username">';`
			`echo '</form>';`
			`echo '<script>document.getElementById("redirectForm").submit();</script>';`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`} else if (isset($_POST['logout'])) {`
			`$params = session_get_cookie_params();`
			`setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);`
			`session_destroy();`
			`header('Location: /base/');`
			`return;`
			`} else if (isset($_POST['password'])) {`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`session_name(PMA_SIGNON_SESSIONNAME);`
			`@session_start();`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`$username = $_POST['username'];`
			`$password = $_POST['password'];`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`$_SESSION['PMA_single_signon_user'] = $username;`
			`$_SESSION['PMA_single_signon_password'] = $password;`
			`$_SESSION['PMA_single_signon_host'] = 'localhost';`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`@session_write_close();`
complete phpmyadmin 2020-08-09 12:45:18 +05:00
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`header('Location: /phpmyadmin/index.php?server=' . PMA_SIGNON_INDEX);`
			`}`
			`} catch (Exception $e) {`
			`echo 'Caught exception: ', $e->getMessage(), "\n";`
generate token everytime phpmyadmin is requested 2020-09-06 01:51:58 +05:00			`$params = session_get_cookie_params();`
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);`
generate token everytime phpmyadmin is requested 2020-09-06 01:51:58 +05:00			`session_destroy();`
			`header('Location: /dataBases/phpMyAdmin');`
			`return;`
bug fix: elimite login via url parameters 2024-01-22 22:28:29 +05:00			`}`