Skip to content

Commit d653f93

Browse files
MauricioFauthMauricioFauth
authored
Merge pull request #18750 from MauricioFauth/login-header-undef-var
Fix undefined variable in login/header template
2 parents 79b5ef1 + 2d1c77b commit d653f93

6 files changed

Lines changed: 70 additions & 19 deletions

File tree

phpstan-baseline.neon

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -19100,11 +19100,6 @@ parameters:
1910019100
count: 2
1910119101
path: src/TwoFactor.php
1910219102

19103-
-
19104-
message: "#^Construct empty\\(\\) is not allowed\\. Use more strict comparison\\.$#"
19105-
count: 1
19106-
path: src/TwoFactor.php
19107-
1910819103
-
1910919104
message: "#^Parameter \\#1 \\$name of method PhpMyAdmin\\\\TwoFactor\\:\\:getBackendClass\\(\\) expects string, mixed given\\.$#"
1911019105
count: 1

src/Plugins/Auth/AuthenticationCookie.php

Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -112,14 +112,7 @@ public function showLoginForm(): never
112112
}
113113

114114
// wrap the login form in a div which overlays the whole page.
115-
if ($sessionExpired) {
116-
$loginHeader = $this->template->render('login/header', [
117-
'add_class' => ' modal_form',
118-
'session_expired' => 1,
119-
]);
120-
} else {
121-
$loginHeader = $this->template->render('login/header', ['add_class' => '', 'session_expired' => 0]);
122-
}
115+
$loginHeader = $this->template->render('login/header', ['session_expired' => $sessionExpired]);
123116

124117
$errorMessages = '';
125118
// Show error message

src/Plugins/AuthenticationPlugin.php

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99

1010
use PhpMyAdmin\Config;
1111
use PhpMyAdmin\DatabaseInterface;
12+
use PhpMyAdmin\Exceptions\ExitException;
1213
use PhpMyAdmin\Exceptions\SessionHandlerException;
1314
use PhpMyAdmin\Http\ServerRequest;
1415
use PhpMyAdmin\IpAllowDeny;
@@ -306,6 +307,8 @@ public function checkRules(): void
306307
/**
307308
* Checks whether two factor authentication is active
308309
* for given user and performs it.
310+
*
311+
* @throws ExitException
309312
*/
310313
public function checkTwoFactor(ServerRequest $request): void
311314
{
@@ -321,7 +324,7 @@ public function checkTwoFactor(ServerRequest $request): void
321324
$response->callExit();
322325
}
323326

324-
$response->addHTML($this->template->render('login/header'));
327+
$response->addHTML($this->template->render('login/header', ['session_expired' => false]));
325328
$response->addHTML(Message::rawNotice(
326329
__('You have enabled two factor authentication, please confirm your login.'),
327330
)->getDisplay());

src/TwoFactor.php

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323
use function extension_loaded;
2424
use function in_array;
2525
use function is_array;
26+
use function is_bool;
2627
use function is_string;
2728
use function ucfirst;
2829

@@ -204,11 +205,11 @@ public function check(ServerRequest $request, bool $skipSession = false): bool
204205
return $this->backend->check($request);
205206
}
206207

207-
if (empty($_SESSION['two_factor_check'])) {
208+
if (! isset($_SESSION['two_factor_check']) || ! is_bool($_SESSION['two_factor_check'])) {
208209
$_SESSION['two_factor_check'] = $this->backend->check($request);
209210
}
210211

211-
return (bool) $_SESSION['two_factor_check'];
212+
return $_SESSION['two_factor_check'];
212213
}
213214

214215
/**

templates/login/header.twig

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
1-
{% if session_expired == true %}
2-
<div id="modalOverlay">
1+
{% if session_expired %}
2+
<div id="modalOverlay">
33
{% endif %}
4-
<div class="container{{ add_class }}">
4+
<div class="container{{ session_expired ? ' modal_form' }}">
55
<div class="row">
66
<div class="col-12">
77
<a href="{{ 'https://www.phpmyadmin.net/'|link }}" target="_blank" rel="noopener noreferrer" class="logo" tabindex="-1">

test/classes/Plugins/AuthenticationPluginTest.php

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
<?php
2+
3+
declare(strict_types=1);
4+
5+
namespace PhpMyAdmin\Tests\Plugins;
6+
7+
use PhpMyAdmin\DatabaseInterface;
8+
use PhpMyAdmin\Exceptions\ExitException;
9+
use PhpMyAdmin\Http\Factory\ServerRequestFactory;
10+
use PhpMyAdmin\Plugins\AuthenticationPlugin;
11+
use PhpMyAdmin\ResponseRenderer;
12+
use PhpMyAdmin\Tests\AbstractTestCase;
13+
use PHPUnit\Framework\Attributes\CoversClass;
14+
use ReflectionProperty;
15+
16+
#[CoversClass(AuthenticationPlugin::class)]
17+
final class AuthenticationPluginTest extends AbstractTestCase
18+
{
19+
public function testCheckTwoFactor(): void
20+
{
21+
$GLOBALS['lang'] = 'en';
22+
$dbiDummy = $this->createDbiDummy();
23+
$dbiDummy->addResult('SHOW TABLES FROM `phpmyadmin`;', [['pma__userconfig'], ['Tables_in_phpmyadmin']]);
24+
$dbiDummy->addSelectDb('phpmyadmin');
25+
$dbi = $this->createDatabaseInterface($dbiDummy);
26+
DatabaseInterface::$instance = $dbi;
27+
28+
$object = new class extends AuthenticationPlugin {
29+
public function showLoginForm(): void
30+
{
31+
}
32+
33+
public function readCredentials(): bool
34+
{
35+
return false;
36+
}
37+
};
38+
39+
$_SESSION['two_factor_check'] = false;
40+
41+
(new ReflectionProperty(ResponseRenderer::class, 'instance'))->setValue(null, null);
42+
$responseRenderer = ResponseRenderer::getInstance();
43+
$responseRenderer->setAjax(false);
44+
45+
$request = ServerRequestFactory::create()->createServerRequest('GET', 'http://example.com/');
46+
47+
$object->user = 'test_user';
48+
try {
49+
$object->checkTwoFactor($request);
50+
} catch (ExitException) {
51+
}
52+
53+
$response = $responseRenderer->response();
54+
self::assertStringContainsString(
55+
'You have enabled two factor authentication, please confirm your login.',
56+
(string) $response->getBody(),
57+
);
58+
}
59+
}

0 commit comments

Comments
 (0)