PMA\libraries\plugins\auth\AuthenticationCookie::auth PHP 메소드

    public function auth()
    {
        global $conn_error;
        $response = Response::getInstance();
        if ($response->isAjax()) {
            $response->setRequestStatus(false);
            // redirect_flag redirects to the login page
            $response->addJSON('redirect_flag', '1');
            if (defined('TESTSUITE')) {
                return true;
            } else {
                exit;
            }
        }
        // No recall if blowfish secret is not configured as it would produce
        // garbage
        if ($GLOBALS['cfg']['LoginCookieRecall'] && !empty($GLOBALS['cfg']['blowfish_secret'])) {
            $default_user = $GLOBALS['PHP_AUTH_USER'];
            $default_server = $GLOBALS['pma_auth_server'];
            $autocomplete = '';
        } else {
            $default_user = '';
            $default_server = '';
            // skip the IE autocomplete feature.
            $autocomplete = ' autocomplete="off"';
        }
        $response->getFooter()->setMinimal();
        $header = $response->getHeader();
        $header->setBodyId('loginform');
        $header->setTitle('phpMyAdmin');
        $header->disableMenuAndConsole();
        $header->disableWarnings();
        if (@file_exists(CUSTOM_HEADER_FILE)) {
            include CUSTOM_HEADER_FILE;
        }
        echo '
    <div class="container">
    <a href="';
        echo PMA_linkURL('https://www.phpmyadmin.net/');
        echo '" target="_blank" rel="noopener noreferrer" class="logo">';
        $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png';
        if (@file_exists($logo_image)) {
            echo '<img src="', $logo_image, '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />';
        } else {
            echo '<img name="imLogo" id="imLogo" src="', $GLOBALS['pmaThemeImage'], 'pma_logo.png', '" ', 'border="0" width="88" height="31" alt="phpMyAdmin" />';
        }
        echo '</a>
       <h1>';
        echo sprintf(__('Welcome to %s'), '<bdo dir="ltr" lang="en">phpMyAdmin</bdo>');
        echo "</h1>";
        // Show error message
        if (!empty($conn_error)) {
            Message::rawError($conn_error)->display();
        } elseif (isset($_GET['session_expired']) && intval($_GET['session_expired']) == 1) {
            Message::rawError(__('Your session has expired. Please log in again.'))->display();
        }
        echo "<noscript>\n";
        Message::error(__("Javascript must be enabled past this point!"))->display();
        echo "</noscript>\n";
        echo "<div class='hide js-show'>";
        // Displays the languages form
        if (empty($GLOBALS['cfg']['Lang'])) {
            // use fieldset, don't show doc link
            echo LanguageManager::getInstance()->getSelectorDisplay(true, false);
        }
        echo '</div>
    <br />
    <!-- Login form -->
    <form method="post" action="index.php" name="login_form"', $autocomplete, ' class="disableAjax login hide js-show">
        <fieldset>
        <legend>';
        echo __('Log in');
        echo Util::showDocu('index');
        echo '</legend>';
        if ($GLOBALS['cfg']['AllowArbitraryServer']) {
            echo '
            <div class="item">
                <label for="input_servername" title="';
            echo __('You can enter hostname/IP address and port separated by space.');
            echo '">';
            echo __('Server:');
            echo '</label>
                <input type="text" name="pma_servername" id="input_servername"';
            echo ' value="';
            echo htmlspecialchars($default_server);
            echo '" size="24" class="textfield" title="';
            echo __('You can enter hostname/IP address and port separated by space.');
            echo '" />
            </div>';
        }
        echo '<div class="item">
                <label for="input_username">', __('Username:'), '</label>
                <input type="text" name="pma_username" id="input_username" ', 'value="', htmlspecialchars($default_user), '" size="24"', ' class="textfield"/>
            </div>
            <div class="item">
                <label for="input_password">', __('Password:'), '</label>
                <input type="password" name="pma_password" id="input_password"', ' value="" size="24" class="textfield" />
            </div>';
        if (count($GLOBALS['cfg']['Servers']) > 1) {
            echo '<div class="item">
                <label for="select_server">' . __('Server Choice:') . '</label>
                <select name="server" id="select_server"';
            if ($GLOBALS['cfg']['AllowArbitraryServer']) {
                echo ' onchange="document.forms[\'login_form\'].', 'elements[\'pma_servername\'].value = \'\'" ';
            }
            echo '>';
            include_once './libraries/select_server.lib.php';
            echo PMA_selectServer(false, false);
            echo '</select></div>';
        } else {
            echo '    <input type="hidden" name="server" value="', $GLOBALS['server'], '" />';
        }
        // end if (server choice)
        // Add captcha input field if reCaptcha is enabled
        if (!empty($GLOBALS['cfg']['CaptchaLoginPrivateKey']) && !empty($GLOBALS['cfg']['CaptchaLoginPublicKey'])) {
            // If enabled show captcha to the user on the login screen.
            echo '<script src="https://www.google.com/recaptcha/api.js?hl=', $GLOBALS['lang'], '" async defer></script>';
            echo '<div class="g-recaptcha" data-sitekey="', htmlspecialchars($GLOBALS['cfg']['CaptchaLoginPublicKey']), '"></div>';
        }
        echo '</fieldset>
        <fieldset class="tblFooters">
            <input value="', __('Go'), '" type="submit" id="input_go" />';
        $_form_params = array();
        if (!empty($GLOBALS['target'])) {
            $_form_params['target'] = $GLOBALS['target'];
        }
        if (!empty($GLOBALS['db'])) {
            $_form_params['db'] = $GLOBALS['db'];
        }
        if (!empty($GLOBALS['table'])) {
            $_form_params['table'] = $GLOBALS['table'];
        }
        // do not generate a "server" hidden field as we want the "server"
        // drop-down to have priority
        echo URL::getHiddenInputs($_form_params, '', 0, 'server');
        echo '</fieldset>
    </form>';
        if ($GLOBALS['error_handler']->hasDisplayErrors()) {
            echo '<div id="pma_errors">';
            $GLOBALS['error_handler']->dispErrors();
            echo '</div>';
        }
        echo '</div>';
        if (@file_exists(CUSTOM_FOOTER_FILE)) {
            include CUSTOM_FOOTER_FILE;
        }
        if (!defined('TESTSUITE')) {
            exit;
        } else {
            return true;
        }
    }

 /**
  * Test for PMA\libraries\plugins\auth\AuthenticationConfig::auth
  *
  * @return void
  * @group medium
  */
 public function testAuthCaptcha()
 {
     $restoreInstance = PMA\libraries\Response::getInstance();
     $mockResponse = $this->getMockBuilder('PMA\\libraries\\Response')->disableOriginalConstructor()->setMethods(array('isAjax', 'getFooter', 'getHeader'))->getMock();
     $mockResponse->expects($this->once())->method('isAjax')->with()->will($this->returnValue(false));
     $mockResponse->expects($this->once())->method('getFooter')->with()->will($this->returnValue(new PMA\libraries\Footer()));
     $mockResponse->expects($this->once())->method('getHeader')->with()->will($this->returnValue(new PMA\libraries\Header()));
     $_REQUEST['old_usr'] = '';
     $GLOBALS['cfg']['LoginCookieRecall'] = false;
     $attrInstance = new ReflectionProperty('PMA\\libraries\\Response', '_instance');
     $attrInstance->setAccessible(true);
     $attrInstance->setValue($mockResponse);
     $GLOBALS['pmaThemeImage'] = 'test';
     $GLOBALS['cfg']['Lang'] = '';
     $GLOBALS['cfg']['AllowArbitraryServer'] = false;
     $GLOBALS['cfg']['Servers'] = array(1);
     $GLOBALS['cfg']['CaptchaLoginPrivateKey'] = 'testprivkey';
     $GLOBALS['cfg']['CaptchaLoginPublicKey'] = 'testpubkey';
     $GLOBALS['server'] = 0;
     $GLOBALS['error_handler'] = new PMA\libraries\ErrorHandler();
     ob_start();
     $this->object->auth();
     $result = ob_get_clean();
     // assertions
     $this->assertContains('<img name="imLogo" id="imLogo" src="testpma_logo.png"', $result);
     $this->assertContains('<select name="lang" class="autosubmit" lang="en" dir="ltr" ' . 'id="sel-lang">', $result);
     $this->assertContains('<form method="post" action="index.php" name="login_form" ' . 'autocomplete="off" class="disableAjax login hide js-show">', $result);
     $this->assertContains('<input type="hidden" name="server" value="0" />', $result);
     $this->assertContains('<script src="https://www.google.com/recaptcha/api.js?hl=en"' . ' async defer></script>', $result);
     $this->assertContains('<div class="g-recaptcha" data-sitekey="testpubkey">', $result);
     $attrInstance->setValue($restoreInstance);
 }