Read only_db restriction from a dedicated session key
da_login.php now stores the ticket's restrict_db into DA_MYSQL_PHPMYADMIN_RESTRICT_DB, and config.inc.php's only_db builder reads that key instead of the landing-page db field, so an all-databases login (empty restrict_db) leaves phpMyAdmin unrestricted.
This commit is contained in:
@@ -353,8 +353,7 @@ function da_mysql_phpmyadmin_only_db(): string
|
|||||||
session_name($sessionName);
|
session_name($sessionName);
|
||||||
session_id($sessionId);
|
session_id($sessionId);
|
||||||
session_start();
|
session_start();
|
||||||
$auth = $_SESSION['DA_MYSQL_PHPMYADMIN_AUTH'] ?? [];
|
$db = (string)($_SESSION['DA_MYSQL_PHPMYADMIN_RESTRICT_DB'] ?? '');
|
||||||
$db = is_array($auth) ? (string)($auth['db'] ?? '') : '';
|
|
||||||
session_write_close();
|
session_write_close();
|
||||||
|
|
||||||
return $db;
|
return $db;
|
||||||
@@ -515,6 +514,7 @@ session_set_cookie_params([
|
|||||||
]);
|
]);
|
||||||
session_start();
|
session_start();
|
||||||
$_SESSION['DA_MYSQL_PHPMYADMIN_AUTH'] = $ticket['auth'];
|
$_SESSION['DA_MYSQL_PHPMYADMIN_AUTH'] = $ticket['auth'];
|
||||||
|
$_SESSION['DA_MYSQL_PHPMYADMIN_RESTRICT_DB'] = (string)($ticket['restrict_db'] ?? '');
|
||||||
session_write_close();
|
session_write_close();
|
||||||
|
|
||||||
header('Cache-Control: no-store, no-cache, must-revalidate');
|
header('Cache-Control: no-store, no-cache, must-revalidate');
|
||||||
|
|||||||
@@ -130,6 +130,7 @@ ONLY_DB="$(php -d session.save_path="$SESSION_DIR" -r '
|
|||||||
session_id("onlydbtest");
|
session_id("onlydbtest");
|
||||||
session_start();
|
session_start();
|
||||||
$_SESSION["DA_MYSQL_PHPMYADMIN_AUTH"] = ["user" => "x", "password" => "y", "db" => "demo_target_db"];
|
$_SESSION["DA_MYSQL_PHPMYADMIN_AUTH"] = ["user" => "x", "password" => "y", "db" => "demo_target_db"];
|
||||||
|
$_SESSION["DA_MYSQL_PHPMYADMIN_RESTRICT_DB"] = "demo_target_db";
|
||||||
session_write_close();
|
session_write_close();
|
||||||
|
|
||||||
$_COOKIE["DA_MYSQL_PHPMYADMIN"] = "onlydbtest";
|
$_COOKIE["DA_MYSQL_PHPMYADMIN"] = "onlydbtest";
|
||||||
@@ -140,6 +141,24 @@ ONLY_DB="$(php -d session.save_path="$SESSION_DIR" -r '
|
|||||||
[ "$ONLY_DB" = "demo_target_db" ] \
|
[ "$ONLY_DB" = "demo_target_db" ] \
|
||||||
|| fail "config.inc.php only_db should be scoped to the SSO ticket's database, got: '$ONLY_DB'"
|
|| fail "config.inc.php only_db should be scoped to the SSO ticket's database, got: '$ONLY_DB'"
|
||||||
|
|
||||||
|
# When no specific database was requested (the top-nav PHPMYADMIN button),
|
||||||
|
# only_db must be empty so phpMyAdmin shows every granted database.
|
||||||
|
ALL_DB_ONLY_DB="$(php -d session.save_path="$SESSION_DIR" -r '
|
||||||
|
session_name("DA_MYSQL_PHPMYADMIN");
|
||||||
|
session_id("alldbtest");
|
||||||
|
session_start();
|
||||||
|
$_SESSION["DA_MYSQL_PHPMYADMIN_AUTH"] = ["user" => "x", "password" => "y", "db" => "demo_landing_db"];
|
||||||
|
$_SESSION["DA_MYSQL_PHPMYADMIN_RESTRICT_DB"] = "";
|
||||||
|
session_write_close();
|
||||||
|
|
||||||
|
$_COOKIE["DA_MYSQL_PHPMYADMIN"] = "alldbtest";
|
||||||
|
$cfg = [];
|
||||||
|
include $argv[1];
|
||||||
|
echo $cfg["Servers"][1]["only_db"] ?? "(unset)";
|
||||||
|
' "$CONFIG_INC")"
|
||||||
|
[ "$ALL_DB_ONLY_DB" = "" ] \
|
||||||
|
|| fail "config.inc.php only_db must be empty for an all-databases login, got: '$ALL_DB_ONLY_DB'"
|
||||||
|
|
||||||
grep -Fq 'return [$username, $password];' "$SIGNON_SCRIPT" \
|
grep -Fq 'return [$username, $password];' "$SIGNON_SCRIPT" \
|
||||||
|| fail "signon script should return username/password only"
|
|| fail "signon script should return username/password only"
|
||||||
php -d display_errors=1 -r 'set_error_handler(static function($errno, $errstr) { fwrite(STDERR, $errstr . "\n"); exit(9); }); $cfg=[]; include $argv[1]; include $argv[2];' "$CONFIG_INC" "$SIGNON_SCRIPT" \
|
php -d display_errors=1 -r 'set_error_handler(static function($errno, $errstr) { fwrite(STDERR, $errstr . "\n"); exit(9); }); $cfg=[]; include $argv[1]; include $argv[2];' "$CONFIG_INC" "$SIGNON_SCRIPT" \
|
||||||
|
|||||||
Reference in New Issue
Block a user