diff --git a/libraries/display_change_password.lib.php b/libraries/display_change_password.lib.php
index 0b65e3d6b803..042b52c5abba 100644
--- a/libraries/display_change_password.lib.php
+++ b/libraries/display_change_password.lib.php
@@ -77,73 +77,33 @@ function PMA_getHtmlForChangePassword($username, $hostname)
. $chg_evt_handler . '="nopass[1].checked = true" />'
. ''
. '';
+
+ $active_auth_plugins = PMA_getActiveAuthPlugins();
+
$default_auth_plugin = PMA_getCurrentAuthenticationPlugin(
'change', $username, $hostname
);
- // See http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-5.html
- if (PMA_Util::getServerType() == 'MySQL'
- && PMA_MYSQL_INT_VERSION >= 50705
- ) {
- $html .= ''
- . '' . __('Password Hashing:') . ' '
- . ''
- . ' '
- . ' '
- . ''
- . ' '
- . ''
- . ' ';
+
+ $iter = 0;
+ foreach ($active_auth_plugins as $plugin) {
+ if ($iter != 0) {
+ $html .= ' ';
}
- $html .= ' />'
- . ''
- . __('SHA256 password')
- . ' '
- . ''
- . ' ';
- } elseif (PMA_Util::getServerType() == 'MySQL'
- && PMA_MYSQL_INT_VERSION >= 50606
- ) {
- $html .= ''
- . '' . __('Password Hashing:') . ' '
- . ''
- . '' . $default_auth_plugin . ' '
- . ' '
- . ' ';
- } else {
- $html .= ''
- . '' . __('Password Hashing:') . ' '
- . ''
- . 'mysql_native_password '
- . ' '
- . ' '
- . ''
- . ' '
- . ''
- . '' . __('MySQL 4.0 compatible')
- . ' '
- . ' '
- . ' ';
+ $html .= ''
+ . ''
+ . __($plugin['PLUGIN_DESCRIPTION']) . ' ';
+ $iter++;
}
+ $html .= ' ';
+ $html .= ''
+ . ' ';
$html .= '';
$html .= 'query($get_plugins_query);
+
+ $result = array();
+
+ while ($row = $GLOBALS['dbi']->fetchAssoc($resultset)) {
+ $result[] = $row;
+ }
+
+ return $result;
+}
+
/**
* Displays the fields used by the "new user" form as well as the
* "change login information / copy user" form.
@@ -1631,10 +1652,6 @@ function PMA_getHtmlForLoginInformationFields(
)
. '
' . "\n";
- $orig_auth_plugin = PMA_getCurrentAuthenticationPlugin(
- $mode, $username, $hostname
- );
-
$html_output .= '' . "\n"
. '' . "\n"
. ' ' . __('Password:') . "\n"
@@ -1694,18 +1711,18 @@ function PMA_getHtmlForLoginInformationFields(
. __('Authentication Plugin')
. ' ' . "\n"
. ''
- . '' . __('MySQL native password') . ' ';
+ . 'title="' . __('Authentication Plugin') . '" >';
- // sha256 auth plugin exists only for 5.6.6+
- if (PMA_Util::getServerType() == 'MySQL'
- && PMA_MYSQL_INT_VERSION >= 50606
- ) {
- $html_output .= '' . __('SHA256 password') . ' ';
+ $active_auth_plugins = PMA_getActiveAuthPlugins();
+
+ $orig_auth_plugin = PMA_getCurrentAuthenticationPlugin(
+ $mode, $username, $hostname
+ );
+
+ foreach ($active_auth_plugins as $plugin) {
+ $html_output .= '' . __($plugin['PLUGIN_DESCRIPTION']) . ' ';
}
$html_output .= ' '
@@ -3422,15 +3439,20 @@ function PMA_getHtmlTableBodyForUserRights($db_rights)
$html_output .= '
';
$password_column = 'Password';
+ $serverType = PMA_Util::getServerType();
- if (PMA_Util::getServerType() == 'MySQL'
+ $check_plugin_query = "SELECT * FROM `mysql`.`user` WHERE "
+ . "`User` = '" . $host['User'] . "' AND `Host` = '"
+ . $host['Host'] . "'";
+ $res = $GLOBALS['dbi']->fetchSingleRow($check_plugin_query);
+
+ // For MySQL 5.6.6+ to 5.7.6, mysql.user table has both
+ // `password` and `authentication_string` columns,
+ // We should use authentication_string for sha256_password
+ if ($serverType == 'MySQL'
&& PMA_MYSQL_INT_VERSION >= 50606
&& PMA_MYSQL_INT_VERSION < 50706
) {
- $check_plugin_query = "SELECT * FROM `mysql`.`user` WHERE "
- . "`User` = '" . $host['User'] . "' AND `Host` = '"
- . $host['Host'] . "'";
- $res = $GLOBALS['dbi']->fetchSingleRow($check_plugin_query);
if (isset($res['plugin'])
&& $res['plugin'] == 'sha256_password'
&& isset($res['authentication_string'])
@@ -3444,6 +3466,20 @@ function PMA_getHtmlTableBodyForUserRights($db_rights)
}
}
+ // For MariaDB, even mysql_native_password auth plugin can have
+ // its password hash stored in `authentication_string` column
+ if ($serverType == 'MariaDB'
+ && PMA_MYSQL_INT_VERSION >= 50200
+ && isset($res['plugin'])
+ && isset($res['authentication_string'])
+ && (! empty($res['authentication_string'])
+ || ! empty($res['Password']))
+ ) {
+ $host[$password_column] = 'Y';
+ } else {
+ $host[$password_column] = 'N';
+ }
+
switch ($host[$password_column]) {
case 'Y':
$html_output .= __('Yes');
@@ -4890,6 +4926,25 @@ function PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query,
return array($sql_query, $message);
}
+/**
+ * Get the hashed string for password
+ *
+ * @param string $password password
+ *
+ * @return string $hashedPassword
+ */
+function PMA_getHashedPassword($password)
+{
+ $result = $GLOBALS['dbi']->fetchSingleRow(
+ "SELECT PASSWORD('" . $password . "') AS `password`;"
+ );
+
+ $hashedPassword = $result['password'];
+
+ return $hashedPassword;
+}
+
+
/**
* Get SQL queries for Display and Add user
*
@@ -4920,8 +4975,19 @@ function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
$create_user_stmt .= ' IDENTIFIED WITH '
. $_REQUEST['authentication_plugin'];
}
- if (PMA_MYSQL_INT_VERSION >= 50707
- && $serverType == 'MySQL'
+
+ if ($serverType == 'MariaDB'
+ && PMA_MYSQL_INT_VERSION >= 50200
+ && isset($_REQUEST['authentication_plugin'])
+ ) {
+ $create_user_stmt .= ' IDENTIFIED VIA '
+ . $_REQUEST['authentication_plugin'];
+ }
+
+ if (((PMA_MYSQL_INT_VERSION >= 50707
+ && $serverType == 'MySQL')
+ || (PMA_MYSQL_INT_VERSION >= 50200
+ && $serverType == 'MariaDB'))
&& strpos($create_user_stmt, '%') !== false
) {
$create_user_stmt = str_replace(
@@ -4947,8 +5013,10 @@ function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
);
$real_sql_query = $sql_query = $sql_query_stmt;
- if (PMA_MYSQL_INT_VERSION < 50707
- || $serverType != 'MySQL'
+ if ((PMA_MYSQL_INT_VERSION < 50707
+ && $serverType == 'MySQL')
+ || (PMA_MYSQL_INT_VERSION < 50200
+ && $serverType == 'MariaDB')
) {
if ($_POST['pred_password'] == 'keep') {
$password_set_real = sprintf(
@@ -4974,13 +5042,21 @@ function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
}
} else {
$password_set_real = null;
- $create_user_stmt .= ' BY \'%s\'';
+
+ // MariaDB has slightly different syntax for create-user
+ if ($serverType == 'MariaDB') {
+ $create_user_stmt .= ' USING \'%s\'';
+ } else {
+ $create_user_stmt .= ' BY \'%s\'';
+ }
+
$create_user_real = $create_user_show = $create_user_stmt;
if ($_POST['pred_password'] == 'keep') {
+ $hashedPassword = PMA_getHashedPassword($password);
$create_user_real = sprintf(
$create_user_stmt,
- $password
+ $hashedPassword
);
$create_user_show = sprintf(
$create_user_stmt,
@@ -4996,9 +5072,10 @@ function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
'***'
);
} else {
+ $hashedPassword = PMA_getHashedPassword($_POST['pma_pw']);
$create_user_real = sprintf(
$create_user_stmt,
- $_POST['pma_pw']
+ $hashedPassword
);
$create_user_show = sprintf(
$create_user_stmt,
@@ -5033,8 +5110,10 @@ function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
$sql_query = '';
}
- if ($serverType == 'MySQL'
- && PMA_MYSQL_INT_VERSION >= 50700
+ if (($serverType == 'MySQL'
+ && PMA_MYSQL_INT_VERSION >= 50700)
+ || ($serverType == 'MariaDB'
+ && PMA_MYSQL_INT_VERSION >= 50200)
) {
$password_set_real = null;
$password_set_show = null;