From 38be018b2148aea77bf617e7085657fe2ca6c15c Mon Sep 17 00:00:00 2001
From: moglia <moglia@ispconfig3>
Date: Sun, 09 Aug 2009 23:34:12 -0400
Subject: [PATCH] Do not apply port if host is http only for https.

---
 interface/web/sites/database_phpmyadmin.php |   42 ++++++++----------------------------------
 1 files changed, 8 insertions(+), 34 deletions(-)

diff --git a/interface/web/sites/database_phpmyadmin.php b/interface/web/sites/database_phpmyadmin.php
index 481a654..84a31c6 100644
--- a/interface/web/sites/database_phpmyadmin.php
+++ b/interface/web/sites/database_phpmyadmin.php
@@ -34,7 +34,9 @@
 //* Check permissions for module
 $app->auth->check_module_permissions('sites');
 
-/* get the id of the database (must be int!) */
+/*
+ *  get the id of the database (must be int!)
+ */
 if (!isset($_GET['id'])){
     die ("No DB selected!");
 }
@@ -43,48 +45,20 @@
 /*
  * Get the data to connect to the database
  */
-$dbData = $app->db->queryOneRecord(
-    "SELECT sys_userid, sys_groupid, sys_perm_user, sys_perm_group, server_id, database_name, database_user, database_password FROM web_database WHERE database_id = " .
-    $databaseId);
-
-/*
- * We also need the data of the server
- */
+$dbData = $app->db->queryOneRecord("SELECT server_id FROM web_database WHERE database_id = " . $databaseId);
 $serverId = intval($dbData['server_id']);
 if ($serverId == 0){
     die ("No DB-Server found!");
 }
-
 $serverData = $app->db->queryOneRecord(
     "SELECT server_name FROM server WHERE server_id = " .
     $serverId);
 
 /*
- * Check if the user has the right to open phpmyadmin with this database
- * (we will check only users, not admins)
- */
-if($_SESSION["s"]["user"]["typ"] == 'user') {
-	/* Get the group of the client */
-	$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
-	/* compare both */
-	if ($dbData['sys_groupid'] != $client_group_id){
-	    die ("You don't have the right to access this db!");
-	}
-}
-
-/*
- * Now generate the login-Form
+ * We only redirect to the login-form, so there is no need, to check any rights
  */
 isset($_SERVER['HTTPS'])? $http = 'https' : $http = 'http';
-echo '
-starting phpMyAdmin...<br>
-<form method="post" action="' . $http . '://' . $serverData['server_name'] . '/phpmyadmin/index.php" name="login_form" target="_top" style="visibility:hidden">
-    <input type="text" name="pma_username" id="input_username" value="' .  $dbData['database_user'] . '" />
-    <input type="password" name="pma_password" id="input_password" value="' . $dbData['database_password'] . '" size="24" class="textfield" />
-</form>
-<script type="text/javascript" language="javascript">
-<!--
-document.forms["login_form"].submit();
-//-->
-</script>';
+($_SERVER["SERVER_PORT"] != '80' and $http == 'https')? $serverPort = ':'.$_SERVER["SERVER_PORT"] : $serverPort = '';
+header('location:'.$http.'://'.$serverData['server_name'].$serverPort.'/phpmyadmin');
+exit;
 ?>
\ No newline at end of file

--
Gitblit v1.9.1