Few fixes related pma sso (#3315)

Istiak Ferdous · web-flow · commit 533c0db66683 · 2023-03-01T10:29:44.000Z
* few fixes related pma sso

* Update 1.7.0.sh
diff --git a/docs/docs/server-administration/databases.md b/docs/docs/server-administration/databases.md
@@ -83,7 +83,7 @@ Automated can sometimes cause issues. Login via SSH and open `/var/log/{webserve
   1. Check if the api has been enabled.
   2. Add the public IP of your server to the allowed IPs in the **Server settings**.
 - `Access denied: There is a security token mismatch`
-  1. Enable and then disable the API. This will refresh both keys.
+  1. Disable and then enable the phpMyAdmin SSO. This will refresh both keys.
   2. If you are behind a firewall or proxy, you may want to disable it and try again.
 - `Link has expired`
   1. Refresh the database page and try again.
diff --git a/install/deb/phpmyadmin/hestia-sso.php b/install/deb/phpmyadmin/hestia-sso.php
@@ -132,6 +132,7 @@ function session_invalid() {
 	header("Location: " . dirname($_SERVER["PHP_SELF"]) . "/index.php");
 	die();
 }
+
 $api = new Hestia_API();
 if (!empty($_GET)) {
 	if (isset($_GET["logout"])) {
@@ -141,10 +142,8 @@ function session_invalid() {
 			$_SESSION["PMA_single_signon_user"],
 			$_SESSION["HESTIA_sso_host"],
 		);
-		//remove sessin
+		//remove session
 		session_invalid();
-		header("Location: " . dirname($_SERVER["PHP_SELF"]) . "/index.php");
-		die();
 	} else {
 		if (isset($_GET["user"]) && isset($_GET["hestia_token"])) {
 			$database = $_GET["database"];
@@ -166,8 +165,6 @@ function session_invalid() {
 						E_USER_WARNING,
 					);
 					session_invalid();
-					die();
-					session_invalid();
 				} else {
 					$id = session_id();
 					//create a new temp user
@@ -184,10 +181,10 @@ function session_invalid() {
 						@session_write_close();
 						setcookie($session_name, $id, 0, "/");
 						header("Location: " . dirname($_SERVER["PHP_SELF"]) . "/index.php");
+						die();
 					} else {
 						session_invalid();
 					}
-					die();
 				}
 			} else {
 				trigger_error(
@@ -198,11 +195,9 @@ function session_invalid() {
 					E_USER_WARNING,
 				);
 				session_invalid();
-				die();
 			}
 		}
 	}
 } else {
 	session_invalid();
-	die();
 }
diff --git a/install/upgrade/versions/1.7.0.sh b/install/upgrade/versions/1.7.0.sh
@@ -99,3 +99,9 @@ if echo "$BACKUP_SYSTEM" | grep "google" > /dev/null; then
 	echo "[ ! ] Deprecation notice: Backup via Google Cloud has been removed setup backup again via Rclone to reinstate the backup and restore capebilities!"
 	add_upgrade_message "Deprecation notice: Backup via Google Cloud has been removed setup backup again via Rclone to reinstate the backup and restore capebilities!"
 fi
+
+if [ "$PHPMYADMIN_KEY" != "" ]; then
+	echo "[ * ] Refresh hestia-sso for PMA..."
+	$BIN/v-delete-sys-pma-sso quiet
+	$BIN/v-add-sys-pma-sso quiet
+fi
