Gecko [ edgpens.lpkmn.gov.my ]

Name	Size	Permission
Charsets	[ DIR ]	drwxrwxrwx
Config	[ DIR ]	drwxrwxrwx
Controllers	[ DIR ]	drwxrwxrwx
Database	[ DIR ]	drwxrwxrwx
Dbi	[ DIR ]	drwxrwxrwx
Di	[ DIR ]	drwxrwxrwx
Display	[ DIR ]	drwxrwxrwx
Engines	[ DIR ]	drwxrwxrwx
Gis	[ DIR ]	drwxrwxrwx
Navigation	[ DIR ]	drwxrwxrwx
Plugins	[ DIR ]	drwxrwxrwx
Properties	[ DIR ]	drwxrwxrwx
Rte	[ DIR ]	drwxrwxrwx
Server	[ DIR ]	drwxrwxrwx
Setup	[ DIR ]	drwxrwxrwx
Twig	[ DIR ]	drwxrwxrwx
Utils	[ DIR ]	drwxrwxrwx
Advisor.php	19.56 KB	-rw-rw-rw-
Bookmark.php	10.74 KB	-rw-rw-rw-
BrowseForeigners.php	11.15 KB	-rw-rw-rw-
CentralColumns.php	44.19 KB	-rw-rw-rw-
Charsets.php	6.14 KB	-rw-rw-rw-
CheckUserPrivileges.php	12.59 KB	-rw-rw-rw-
Config.php	57.38 KB	-rw-rw-rw-
Console.php	3.69 KB	-rw-rw-rw-
Core.php	38.31 KB	-rw-rw-rw-
CreateAddField.php	17.91 KB	-rw-rw-rw-
DatabaseInterface.php	104.47 KB	-rw-rw-rw-
Encoding.php	8.68 KB	-rw-rw-rw-
Error.php	13.34 KB	-rw-rw-rw-
ErrorHandler.php	17.17 KB	-rw-rw-rw-
ErrorReport.php	8.92 KB	-rw-rw-rw-
Export.php	42.76 KB	-rw-rw-rw-
File.php	21.29 KB	-rw-rw-rw-
FileListing.php	2.83 KB	-rw-rw-rw-
Font.php	5.54 KB	-rw-rw-rw-
Footer.php	10.6 KB	-rw-rw-rw-
Header.php	21.87 KB	-rw-rw-rw-
Import.php	56.56 KB	-rw-rw-rw-
Index.php	24.5 KB	-rw-rw-rw-
IndexColumn.php	4.44 KB	-rw-rw-rw-
InsertEdit.php	129.31 KB	-rw-rw-rw-
InternalRelations.php	17.42 KB	-rw-rw-rw-
IpAllowDeny.php	9.57 KB	-rw-rw-rw-
Language.php	4.31 KB	-rw-rw-rw-
LanguageManager.php	23.71 KB	-rw-rw-rw-
Linter.php	5.21 KB	-rw-rw-rw-
ListAbstract.php	2.51 KB	-rw-rw-rw-
ListDatabase.php	4.34 KB	-rw-rw-rw-
Logging.php	2.6 KB	-rw-rw-rw-
Menu.php	22.36 KB	-rw-rw-rw-
Message.php	19.32 KB	-rw-rw-rw-
Mime.php	916 B	-rw-rw-rw-
MultSubmits.php	23.64 KB	-rw-rw-rw-
Normalization.php	40.41 KB	-rw-rw-rw-
OpenDocument.php	8.52 KB	-rw-rw-rw-
Operations.php	81.25 KB	-rw-rw-rw-
OutputBuffering.php	3.71 KB	-rw-rw-rw-
ParseAnalyze.php	2.55 KB	-rw-rw-rw-
Partition.php	7.27 KB	-rw-rw-rw-
Pdf.php	4.37 KB	-rw-rw-rw-
Plugins.php	22.95 KB	-rw-rw-rw-
RecentFavoriteTable.php	12.04 KB	-rw-rw-rw-
Relation.php	79.64 KB	-rw-rw-rw-
RelationCleanup.php	15 KB	-rw-rw-rw-
Replication.php	5.75 KB	-rw-rw-rw-
ReplicationGui.php	21.23 KB	-rw-rw-rw-
Response.php	16.14 KB	-rw-rw-rw-
Sanitize.php	14.51 KB	-rw-rw-rw-
SavedSearches.php	11.94 KB	-rw-rw-rw-
Scripts.php	3.65 KB	-rw-rw-rw-
Session.php	7.62 KB	-rw-rw-rw-
Sql.php	82.09 KB	-rw-rw-rw-
SqlQueryForm.php	17.63 KB	-rw-rw-rw-
StorageEngine.php	13.75 KB	-rw-rw-rw-
SubPartition.php	3.55 KB	-rw-rw-rw-
SysInfo.php	1.61 KB	-rw-rw-rw-
SysInfoBase.php	822 B	-rw-rw-rw-
SysInfoLinux.php	2.16 KB	-rw-rw-rw-
SysInfoSunOS.php	1.89 KB	-rw-rw-rw-
SysInfoWINNT.php	3.27 KB	-rw-rw-rw-
SystemDatabase.php	3.97 KB	-rw-rw-rw-
Table.php	94.87 KB	-rw-rw-rw-
TablePartitionDefinition.php	6.64 KB	-rw-rw-rw-
Template.php	4.02 KB	-rw-rw-rw-
Theme.php	8.62 KB	-rw-rw-rw-
ThemeManager.php	10.42 KB	-rw-rw-rw-
Tracker.php	30.13 KB	-rw-rw-rw-
Tracking.php	40.26 KB	-rw-rw-rw-
Transformations.php	16.27 KB	-rw-rw-rw-
TwoFactor.php	7.14 KB	-rw-rw-rw-
Types.php	24.93 KB	-rw-rw-rw-
Url.php	8.32 KB	-rw-rw-rw-
UserPassword.php	9 KB	-rw-rw-rw-
UserPreferences.php	8.62 KB	-rw-rw-rw-
UserPreferencesHeader.php	4.13 KB	-rw-rw-rw-
Util.php	168.02 KB	-rw-rw-rw-
VersionInformation.php	6.92 KB	-rw-rw-rw-
ZipExtension.php	10.25 KB	-rw-rw-rw-

Code Editor : UserPassword.php

<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
 * Holds the PhpMyAdmin\UserPassword class
 *
 * @package PhpMyAdmin
 */
declare(strict_types=1);

namespace PhpMyAdmin;

use PhpMyAdmin\Core;
use PhpMyAdmin\Message;
use PhpMyAdmin\Response;
use PhpMyAdmin\Server\Privileges;
use PhpMyAdmin\Url;
use PhpMyAdmin\Util;

/**
 * Functions for user_password.php
 *
 * @package PhpMyAdmin
 */
class UserPassword
{
    /**
     * @var Privileges
     */
    private $serverPrivileges;

/**
     * UserPassword constructor.
     *
     * @param Privileges $serverPrivileges Privileges object
     */
    public function __construct(Privileges $serverPrivileges)
    {
        $this->serverPrivileges = $serverPrivileges;
    }

/**
     * Send the message as an ajax request
     *
     * @param array  $change_password_message Message to display
     * @param string $sql_query               SQL query executed
     *
     * @return void
     */
    public function getChangePassMessage(array $change_password_message, $sql_query = '')
    {
        $response = Response::getInstance();
        if ($response->isAjax()) {
            /**
             * If in an Ajax request, we don't need to show the rest of the page
             */
            if ($change_password_message['error']) {
                $response->addJSON('message', $change_password_message['msg']);
                $response->setRequestStatus(false);
            } else {
                $sql_query = Util::getMessage(
                    $change_password_message['msg'],
                    $sql_query,
                    'success'
                );
                $response->addJSON('message', $sql_query);
            }
            exit;
        }
    }

/**
     * Generate the message
     *
     * @return array   error value and message
     */
    public function setChangePasswordMsg()
    {
        $error = false;
        $message = Message::success(__('The profile has been updated.'));

if ($_POST['nopass'] != '1') {
            if (strlen($_POST['pma_pw']) === 0 || strlen($_POST['pma_pw2']) === 0) {
                $message = Message::error(__('The password is empty!'));
                $error = true;
            } elseif ($_POST['pma_pw'] !== $_POST['pma_pw2']) {
                $message = Message::error(
                    __('The passwords aren\'t the same!')
                );
                $error = true;
            } elseif (strlen($_POST['pma_pw']) > 256) {
                $message = Message::error(__('Password is too long!'));
                $error = true;
            }
        }
        return [
            'error' => $error,
            'msg' => $message,
        ];
    }

/**
     * Change the password
     *
     * @param string $password                New password
     * @param string $message                 Message
     * @param array  $change_password_message Message to show
     *
     * @return void
     */
    public function changePassword($password, $message, array $change_password_message)
    {
        global $auth_plugin;

$hashing_function = $this->changePassHashingFunction();

list($username, $hostname) = $GLOBALS['dbi']->getCurrentUserAndHost();

$serverType = Util::getServerType();
        $serverVersion = $GLOBALS['dbi']->getVersion();

if (isset($_POST['authentication_plugin'])
            && ! empty($_POST['authentication_plugin'])
        ) {
            $orig_auth_plugin = $_POST['authentication_plugin'];
        } else {
            $orig_auth_plugin = $this->serverPrivileges->getCurrentAuthenticationPlugin(
                'change',
                $username,
                $hostname
            );
        }

$sql_query = 'SET password = '
            . (($password == '') ? '\'\'' : $hashing_function . '(\'***\')');

if ($serverType == 'MySQL'
            && $serverVersion >= 50706
        ) {
            $sql_query = 'ALTER USER \'' . $GLOBALS['dbi']->escapeString($username)
                . '\'@\'' . $GLOBALS['dbi']->escapeString($hostname)
                . '\' IDENTIFIED WITH ' . $orig_auth_plugin . ' BY '
                . (($password == '') ? '\'\'' : '\'***\'');
        } elseif (($serverType == 'MySQL'
            && $serverVersion >= 50507)
            || ($serverType == 'MariaDB'
            && $serverVersion >= 50200)
        ) {
            // For MySQL versions 5.5.7+ and MariaDB versions 5.2+,
            // explicitly set value of `old_passwords` so that
            // it does not give an error while using
            // the PASSWORD() function
            if ($orig_auth_plugin == 'sha256_password') {
                $value = 2;
            } else {
                $value = 0;
            }
            $GLOBALS['dbi']->tryQuery('SET `old_passwords` = ' . $value . ';');
        }

$this->changePassUrlParamsAndSubmitQuery(
            $username,
            $hostname,
            $password,
            $sql_query,
            $hashing_function,
            $orig_auth_plugin
        );

$auth_plugin->handlePasswordChange($password);
        $this->getChangePassMessage($change_password_message, $sql_query);
        $this->changePassDisplayPage($message, $sql_query);
    }

/**
     * Generate the hashing function
     *
     * @return string
     */
    private function changePassHashingFunction()
    {
        if (Core::isValid(
            $_POST['authentication_plugin'],
            'identical',
            'mysql_old_password'
        )) {
            $hashing_function = 'OLD_PASSWORD';
        } else {
            $hashing_function = 'PASSWORD';
        }
        return $hashing_function;
    }

/**
     * Changes password for a user
     *
     * @param string $username         Username
     * @param string $hostname         Hostname
     * @param string $password         Password
     * @param string $sql_query        SQL query
     * @param string $hashing_function Hashing function
     * @param string $orig_auth_plugin Original Authentication Plugin
     *
     * @return void
     */
    private function changePassUrlParamsAndSubmitQuery(
        $username,
        $hostname,
        $password,
        $sql_query,
        $hashing_function,
        $orig_auth_plugin
    ) {
        $err_url = 'user_password.php' . Url::getCommon();

$serverType = Util::getServerType();
        $serverVersion = $GLOBALS['dbi']->getVersion();

if ($serverType == 'MySQL' && $serverVersion >= 50706) {
            $local_query = 'ALTER USER \'' . $GLOBALS['dbi']->escapeString($username)
                . '\'@\'' . $GLOBALS['dbi']->escapeString($hostname) . '\''
                . ' IDENTIFIED with ' . $orig_auth_plugin . ' BY '
                . (($password == '')
                ? '\'\''
                : '\'' . $GLOBALS['dbi']->escapeString($password) . '\'');
        } elseif ($serverType == 'MariaDB'
            && $serverVersion >= 50200
            && $serverVersion < 100100
            && $orig_auth_plugin !== ''
        ) {
            if ($orig_auth_plugin == 'mysql_native_password') {
                // Set the hashing method used by PASSWORD()
                // to be 'mysql_native_password' type
                $GLOBALS['dbi']->tryQuery('SET old_passwords = 0;');
            } elseif ($orig_auth_plugin == 'sha256_password') {
                // Set the hashing method used by PASSWORD()
                // to be 'sha256_password' type
                $GLOBALS['dbi']->tryQuery('SET `old_passwords` = 2;');
            }

$hashedPassword = $this->serverPrivileges->getHashedPassword($_POST['pma_pw']);

$local_query = "UPDATE `mysql`.`user` SET"
                . " `authentication_string` = '" . $hashedPassword
                . "', `Password` = '', "
                . " `plugin` = '" . $orig_auth_plugin . "'"
                . " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username)
                . "' AND Host = '" . $GLOBALS['dbi']->escapeString($hostname) . "';";
        } else {
            $local_query = 'SET password = ' . (($password == '')
                ? '\'\''
                : $hashing_function . '(\''
                    . $GLOBALS['dbi']->escapeString($password) . '\')');
        }
        if (! @$GLOBALS['dbi']->tryQuery($local_query)) {
            Util::mysqlDie(
                $GLOBALS['dbi']->getError(),
                $sql_query,
                false,
                $err_url
            );
        }

// Flush privileges after successful password change
        $GLOBALS['dbi']->tryQuery("FLUSH PRIVILEGES;");
    }

/**
     * Display the page
     *
     * @param string $message   Message
     * @param string $sql_query SQL query
     *
     * @return void
     */
    private function changePassDisplayPage($message, $sql_query)
    {
        echo '<h1>' , __('Change password') , '</h1>' , "\n\n";
        echo Util::getMessage(
            $message,
            $sql_query,
            'success'
        );
        echo '<a href="index.php' , Url::getCommon()
            , ' target="_parent">' , "\n"
            , '<strong>' , __('Back') , '</strong></a>';
        exit;
    }
}

${this.title}

Code Editor : UserPassword.php