165 lines
6.2 KiB
PHP
165 lines
6.2 KiB
PHP
<?php
|
|
/* vim: set expandtab sw=4 ts=4 sts=4: */
|
|
/**
|
|
* Displays form for password change
|
|
*
|
|
* @package PhpMyAdmin
|
|
*/
|
|
namespace PhpMyAdmin\Display;
|
|
|
|
use PhpMyAdmin\Message;
|
|
use PhpMyAdmin\Server\Privileges;
|
|
use PhpMyAdmin\Url;
|
|
use PhpMyAdmin\Util;
|
|
|
|
/**
|
|
* Displays form for password change
|
|
*
|
|
* @package PhpMyAdmin
|
|
*/
|
|
class ChangePassword
|
|
{
|
|
/**
|
|
* Get HTML for the Change password dialog
|
|
*
|
|
* @param string $mode where is the function being called?
|
|
* values : 'change_pw' or 'edit_other'
|
|
* @param string $username username
|
|
* @param string $hostname hostname
|
|
*
|
|
* @return string html snippet
|
|
*/
|
|
public static function getHtml($mode, $username, $hostname)
|
|
{
|
|
/**
|
|
* autocomplete feature of IE kills the "onchange" event handler and it
|
|
* must be replaced by the "onpropertychange" one in this case
|
|
*/
|
|
$chg_evt_handler = 'onchange';
|
|
|
|
$is_privileges = basename($_SERVER['SCRIPT_NAME']) === 'server_privileges.php';
|
|
|
|
$html = '<form method="post" id="change_password_form" '
|
|
. 'action="' . basename($GLOBALS['PMA_PHP_SELF']) . '" '
|
|
. 'name="chgPassword" '
|
|
. 'class="' . ($is_privileges ? 'submenu-item' : '') . '">';
|
|
|
|
$html .= Url::getHiddenInputs();
|
|
|
|
if (strpos($GLOBALS['PMA_PHP_SELF'], 'server_privileges') !== false) {
|
|
$html .= '<input type="hidden" name="username" '
|
|
. 'value="' . htmlspecialchars($username) . '" />'
|
|
. '<input type="hidden" name="hostname" '
|
|
. 'value="' . htmlspecialchars($hostname) . '" />';
|
|
}
|
|
$html .= '<fieldset id="fieldset_change_password">'
|
|
. '<legend'
|
|
. ($is_privileges
|
|
? ' data-submenu-label="' . __('Change password') . '"'
|
|
: ''
|
|
)
|
|
. '>' . __('Change password') . '</legend>'
|
|
. '<table class="data noclick">'
|
|
. '<tr>'
|
|
. '<td colspan="2">'
|
|
. '<input type="radio" name="nopass" value="1" id="nopass_1" '
|
|
. 'onclick="pma_pw.value = \'\'; pma_pw2.value = \'\'; '
|
|
. 'this.checked = true" />'
|
|
. '<label for="nopass_1">' . __('No Password') . '</label>'
|
|
. '</td>'
|
|
. '</tr>'
|
|
. '<tr class="vmiddle">'
|
|
. '<td>'
|
|
. '<input type="radio" name="nopass" value="0" id="nopass_0" '
|
|
. 'onclick="document.getElementById(\'text_pma_change_pw\').focus();" '
|
|
. 'checked="checked" />'
|
|
. '<label for="nopass_0">' . __('Password:') . ' </label>'
|
|
. '</td>'
|
|
. '<td>'
|
|
. __('Enter:') . '  '
|
|
. '<input type="password" name="pma_pw" id="text_pma_change_pw" size="10" '
|
|
. 'class="textfield"'
|
|
. $chg_evt_handler . '="nopass[1].checked = true" />'
|
|
. '<span>Strength:</span> '
|
|
. '<meter max="4" id="change_password_strength_meter" name="pw_meter"></meter> '
|
|
. '<span id="change_password_strength" name="pw_strength">Good</span>'
|
|
. '<br>' . __('Re-type:') . ' '
|
|
. '<input type="password" name="pma_pw2" id="text_pma_change_pw2" size="10" '
|
|
. 'class="textfield"'
|
|
. $chg_evt_handler . '="nopass[1].checked = true" />'
|
|
. '</td>'
|
|
. '</tr>';
|
|
|
|
$serverType = Util::getServerType();
|
|
$serverVersion = $GLOBALS['dbi']->getVersion();
|
|
$orig_auth_plugin = Privileges::getCurrentAuthenticationPlugin(
|
|
'change',
|
|
$username,
|
|
$hostname
|
|
);
|
|
|
|
if (($serverType == 'MySQL'
|
|
&& $serverVersion >= 50507)
|
|
|| ($serverType == 'MariaDB'
|
|
&& $serverVersion >= 50200)
|
|
) {
|
|
// Provide this option only for 5.7.6+
|
|
// OR for privileged users in 5.5.7+
|
|
if (($serverType == 'MySQL'
|
|
&& $serverVersion >= 50706)
|
|
|| ($GLOBALS['dbi']->isSuperuser() && $mode == 'edit_other')
|
|
) {
|
|
$auth_plugin_dropdown = Privileges::getHtmlForAuthPluginsDropdown(
|
|
$orig_auth_plugin, 'change_pw', 'new'
|
|
);
|
|
|
|
$html .= '<tr class="vmiddle">'
|
|
. '<td>' . __('Password Hashing:') . '</td><td>';
|
|
$html .= $auth_plugin_dropdown;
|
|
$html .= '</td></tr>'
|
|
. '<tr id="tr_element_before_generate_password"></tr>'
|
|
. '</table>';
|
|
|
|
$html .= '<div'
|
|
. ($orig_auth_plugin != 'sha256_password'
|
|
? ' class="hide"'
|
|
: '')
|
|
. ' id="ssl_reqd_warning_cp">'
|
|
. Message::notice(
|
|
__(
|
|
'This method requires using an \'<i>SSL connection</i>\' '
|
|
. 'or an \'<i>unencrypted connection that encrypts the '
|
|
. 'password using RSA</i>\'; while connecting to the server.'
|
|
)
|
|
. Util::showMySQLDocu(
|
|
'sha256-authentication-plugin'
|
|
)
|
|
)
|
|
->getDisplay()
|
|
. '</div>';
|
|
} else {
|
|
$html .= '<tr id="tr_element_before_generate_password"></tr>'
|
|
. '</table>';
|
|
}
|
|
} else {
|
|
$auth_plugin_dropdown = Privileges::getHtmlForAuthPluginsDropdown(
|
|
$orig_auth_plugin, 'change_pw', 'old'
|
|
);
|
|
|
|
$html .= '<tr class="vmiddle">'
|
|
. '<td>' . __('Password Hashing:') . '</td><td>';
|
|
$html .= $auth_plugin_dropdown . '</td></tr>'
|
|
. '<tr id="tr_element_before_generate_password"></tr>'
|
|
. '</table>';
|
|
}
|
|
|
|
$html .= '</fieldset>'
|
|
. '<fieldset id="fieldset_change_password_footer" class="tblFooters">'
|
|
. '<input type="hidden" name="change_pw" value="1" />'
|
|
. '<input type="submit" value="' . __('Go') . '" />'
|
|
. '</fieldset>'
|
|
. '</form>';
|
|
return $html;
|
|
}
|
|
}
|