使用过phpmyadmin的人知道,在phpmyadmin中,使用文件config.inc.php保存用户名和密码,当需要更换用户或用户口令更改时,必须修改config.inc.php文件,然后再上传,特别的不方便。更有时,为了修改mysql库或表而使用root账号,如果这时其它网站的自动搜擎系统搜索到index.php并继续执行其中的每一步的话,是相当危险的。为此需要用户登陆机制,在每次使用时,输入用户名和口令,这样会安全得多。 index0.php文件: <html><head><title>mysql 维护</title></head><body> <?php //反编码,防止在地址栏上显示 if (1==0) { <?php <p>欢迎使用</p>本工具用于维护mysql数据库</p> <?php $userfiletmp="/tmp/~userfile/~tmp.inc"; $dbservertype=($dbservertype==""?"mysql":$dbservertype); ?> <p>填入连接信息</p></p> <form method="post" action="<? echo basename($php_self); ?>?step=3"> <div align="center"> <?php echo "<p>确认是否正确:</p>n"; $dbservertype=b2h($dbservertype); $userfiletmp="/tmp/~userfile/~tmp.inc"; if ($step==4) { if ($step==44) { <?php <?php --> config.inc.php 文件 <?php //编码,防止在地址栏上显示 //反编码,防止在地址栏上显示 /* // the $cfgservers array starts with $cfgservers[1]. do not use $cfgservers[0]. $userfiletmp="/tmp/~userfile/~tmp.inc"; //重新保存文件,以便更新时间 $handertmp=fopen($userfiletmp,"w"); }else{ $cfgservers[2]['host'] = ''; $cfgservers[3]['host'] = ''; // if you have more than one server configured, you can set $cfgserverdefault $cfgmanualbase = "http://www.mysql.com/documentation/mysql/bychapter/"; $cfgconfirm = true; $cfgborder = "0"; require("chinese_gb.inc.php"); $strwelcome="<a href="index0.php?step=44" target="_top">注销账户</a> <a href="index0.php" target="_top">重新登陆</a></p>$strwelcome"; $cfgcolumntypes = array( $cfgfunctions = array( $cfgattributetypes = array( // setting magic_quotes_runtime - do not change! 如有引用,请注明高山雪和alpsnow@china.com
以下是我在管理过程中,根据实际需要,对phpmyadmin做的一些更改,为了尽量不影响原来phpmyadmin的结构,我在phpmyadmin的基础上增加了一个文件index0.php,仅仅修改了一个文件config.inc.php,对phpmyadmin没有一点影响,既可以使用原来的phpmyadmin,也可以使用新的用户口令登陆机制。
以下为两个文件列表,将这两个文件拷贝到phpmyadmin目录,执行index0.php即可,该程序在apache + php + mysql 和 iis5 + php + mysql 和 pws + php + mysql下正常执行。
phpmyadmin 下载:
a set of php3-scripts to adminstrate mysql over the www.
version 2.1.0 - 08/06/2000
http://www.phpwizard.net/projects/phpmyadmin/
<!--
//编码,防止在地址栏上显示
function b2h($string) {
return(bin2hex(strrev($string)));
}
function h2b($string) {
$stringtmp="";
for($i=0;$i<strlen($string);$i+=2) {
$stringtmp .= pack("c",hexdec(substr($string,$i,2)));
}
return(strrev($stringtmp));
}
global $php_self;
echo "-->php运行不正常,请检查<!--";
} else {
echo "--".">";
}
?>
if ($step=="") {
?>
<p><a href="<? echo basename($php_self); ?>?step=2">下一步 -></a></p>
}
if ($step==2) {
if (file_exists($userfiletmp)) {
include $userfiletmp;
//$dbservertype,$servername,$dbusername,$dbpassword,$dbname;
$dbservertype=h2b($dbservertype);
$servername=h2b($servername);
$dbusername=h2b($dbusername);
$dbname=h2b($dbname);
$curtime=h2b($curtime);
if (time()-$curtime<120){
$dbpassword=h2b($dbpassword);
}else{
$dbpassword="";
}
}else{
$dbservertype="mysql";
$servername="localhost";
$dbusername="";
$dbpassword="";
$dbname="";
}
$servername=($servername==""?"localhost":$servername);
<div align="center">
<center>
<table border="1" width="53%" height="111">
<tr>
<td width="100%" height="105">
<center>
<table border="1" width="83%" height="60">
<tr>
<td width="34%" height="10">主机类型:</td>
<td width="66%" height="10"><input type="text" name="dbservertype" size="20" value="<? echo $dbservertype; ?>"></td>
</tr>
<tr>
<td width="34%" height="10">主机地址:</td>
<td width="66%" height="10"><input type="text" name="servername" size="20" value="<? echo $servername; ?>"></td>
</tr>
<tr>
<td width="34%" height="10">用户名称:</td>
<td width="66%" height="10"><input type="text" name="dbusername" size="20" value="<? echo $dbusername; ?>"></td>
</tr>
<tr>
<td width="34%" height="16">密码:</td>
<td width="66%" height="16"><input type="password" name="dbpassword" size="20" value="<? echo $dbpassword; ?>"></td>
</tr>
<tr>
<td width="34%" height="16">数据库名:</td>
<td width="66%" height="16"><input type="text" name="dbname" size="20" value="<? echo $dbname; ?>"></td>
</tr>
</table>
</center>
</div>
<p align="center"><input type="submit" value="下一步" name="next"><input type="reset" value="清 除" name="reset"></p>
</form>
</td>
</tr>
</table>
</center>
</div>
}
if ($step==3) {
$dbservertype=trim($dbservertype);
$servername=trim($servername);
$dbusername=trim($dbusername);
$dbpassword=trim($dbpassword);
$dbname=trim($dbname);
echo "<p><b>database server type:</b> $dbservertype</p>n";
echo "<p><b>database server hostname / ip address:</b> $servername</p>n";
echo "<p><b>database username:</b> $dbusername</p>n";
echo "<p><b>database password:</b> ******</p>n";
echo "<p><b>database name:</b> $dbname</p>n";
echo "<p>以上参数正确才能继续</p>";
$servername=b2h($servername);
$dbusername=b2h($dbusername);
$dbpassword=b2h($dbpassword);
$dbname=b2h($dbname);
if (!file_exists(dirname($userfiletmp))) {
mkdir(dirname($userfiletmp), 0700);
}
$handertmp=fopen($userfiletmp,"w");
fputs($handertmp,"<?phpn");
fputs($handertmp,"$"."dbservertype="$dbservertype";n");
fputs($handertmp,"$"."servername="$servername";n");
fputs($handertmp,"$"."dbusername="$dbusername";n");
fputs($handertmp,"$"."dbpassword="$dbpassword";n");
fputs($handertmp,"$"."dbname="$dbname";n");
$curtime=time();
$curtime=b2h($curtime);
fputs($handertmp,"$"."curtime="$curtime";n");
fputs($handertmp,"?>n");
fclose($handertmp);
//echo "<p><a href="".basename($php_self)."?step=4&servername=$servername&dbusername=$dbusername&dbpassword=$dbpassword&dbname=$dbname">下一步 -></a></p>";
echo "<p><a href="index.php">下一步 -></a></p>";
}
}
$step=0;
$userfiletmp="/tmp/~userfile/~tmp.inc";
if (file_exists($userfiletmp)) {
include $userfiletmp;
//重新保存文件,去掉密码
$dbpassword="";
$handertmp=fopen($userfiletmp,"w");
fputs($handertmp,"<?phpn");
fputs($handertmp,"$"."dbservertype="$dbservertype";n");
fputs($handertmp,"$"."servername="$servername";n");
fputs($handertmp,"$"."dbusername="$dbusername";n");
fputs($handertmp,"$"."dbpassword="$dbpassword";n");
fputs($handertmp,"$"."dbname="$dbname";n");
$curtime=time();
$curtime=b2h($curtime);
fputs($handertmp,"$"."curtime="$curtime";n");
fputs($handertmp,"?>n");
fclose($handertmp);
echo "</p></p><center><a href="".basename($php_self)."">成功注销,请重新登陆</a></center>";
}
}
?>
if ($step>1) {
echo "</p><a href=javascript:location.reload()>刷新</a>";
echo " <a href=javascript:history.back()>上一步</a>";
}
?>
echo "</"."body>";
echo "<"."!--";
?>
</html>
/* $id: config.inc.php,v 1.28 2000/07/13 13:52:48 tobias exp $ */
function b2h($string) {
return(bin2hex(strrev($string)));
}
function h2b($string) {
$stringtmp="";
for($i=0;$i<strlen($string);$i+=2) {
$stringtmp .= pack("c",hexdec(substr($string,$i,2)));
}
return(strrev($stringtmp));
}
* phpmyadmin configuration file
* all directives are explained in documentation.html
*/
// you can disable a server config entry by setting host to ''.
$cfgservers[1]['host'] = 'localhost'; // mysql hostname
$cfgservers[1]['port'] = ''; // mysql port - leave blank for default port
$cfgservers[1]['adv_auth'] = false; // use advanced authentication?
$cfgservers[1]['stduser'] = 'root'; // mysql standard user (only needed with advanced auth)
$cfgservers[1]['stdpass'] = ''; // mysql standard password (only needed with advanced auth)
$cfgservers[1]['user'] = 'root'; // mysql user (only needed with basic auth)
$cfgservers[1]['password'] = ''; // mysql password (only needed with basic auth)
$cfgservers[1]['only_db27%] = ''; // if set to a db-name, only this db is accessible
$cfgservers[1]['verbose'] = ''; // verbose name for this host - leave blank to show the hostname
if (file_exists($userfiletmp)) {
include $userfiletmp;
//$servername,$dbusername,$dbpassword,$dbname;
$dbservertype=h2b($dbservertype);
if ($dbservertype=="mysql"){
$servername=h2b($servername);
$dbusername=h2b($dbusername);
$dbpassword=h2b($dbpassword);
$dbname=h2b($dbname);
$curtime=h2b($curtime);
if (time()-$curtime<600){
$cfgservers[1]['host'] = $servername; // mysql hostname
$cfgservers[1]['user'] = $dbusername; // mysql user (only needed with basic auth)
$cfgservers[1]['password'] = $dbpassword; // mysql password (only needed with basic auth)
$cfgservers[1]['only_db27%] = $dbname; // if set to a db-name, only this db is accessible
$dbservertype=b2h($dbservertype);
$servername=b2h($servername);
$dbusername=b2h($dbusername);
$dbpassword=b2h($dbpassword);
$dbname=b2h($dbname);
fputs($handertmp,"<?phpn");
fputs($handertmp,"$"."dbservertype="$dbservertype";n");
fputs($handertmp,"$"."servername="$servername";n");
fputs($handertmp,"$"."dbusername="$dbusername";n");
fputs($handertmp,"$"."dbpassword="$dbpassword";n");
fputs($handertmp,"$"."dbname="$dbname";n");
$curtime=time();
$curtime=b2h($curtime);
fputs($handertmp,"$"."curtime="$curtime";n");
fputs($handertmp,"?>n");
fclose($handertmp);
echo "</p>账号参数已经过期,请重新输入!</p>";
echo "<a href="index0.php" target="_top">登陆</a>";
die("</p><b>程序终止</b>");
}
}
}
$cfgservers[2]['port'] = '';
$cfgservers[2]['adv_auth'] = false;
$cfgservers[2]['stduser'] = '';
$cfgservers[2]['stdpass'] = '';
$cfgservers[2]['user'] = '';
$cfgservers[2]['password'] = '';
$cfgservers[2]['only_db27%] = '';
$cfgservers[2]['verbose'] = '';
$cfgservers[3]['port'] = '';
$cfgservers[3]['adv_auth'] = false;
$cfgservers[3]['stduser'] = '';
$cfgservers[3]['stdpass'] = '';
$cfgservers[3]['user'] = 'root';
$cfgservers[3]['password'] = '';
$cfgservers[3]['only_db27%] = '';
$cfgservers[3]['verbose'] = '';
// to any one of them to autoconnect to that server when phpmyadmin is started,
// or set it to 0 to be given a list of servers without logging in
// if you have only one server configured, $cfgserverdefault *must* be
// set to that server.
$cfgserverdefault = 1; // default server (0 = no default server)
$cfgserver = '';
unset($cfgservers[0]);
$cfgpersistentconnections = false;
$cfgthbgcolor = "#d3dce3";
$cfgbgcolorone = "#cccccc";
$cfgbgcolortwo = "#dddddd";
$cfgmaxrows = 30;
$cfgmaxinputsize = "300px";
$cfgorder = "asc";
$cfgshowblob = true;
$cfgshowsql = true;
"tinyint",
"smallint",
"mediumint",
"int",
"bigint",
"float",
"double",
"decimal",
"date",
"datetime",
"timestamp",
"time",
"year",
"char",
"varchar",
"tinyblob",
"tinytext",
"text",
"blob",
"mediumblob",
"mediumtext",
"longblob",
"longtext",
"enum",
"set");
"ascii",
"char",
"soundex",
"curdate",
"curtime",
"from_days",
"from_unixtime",
"now",
"password",
"period_add",
"period_diff",
"to_days",
"user",
"weekday",
"rand");
"",
"binary",
"unsigned",
"unsigned zerofill");
set_magic_quotes_runtime(0);
?>
Java Asp PHP .Net XML C/C++ CGI VB Jsp J2ee J2se J2me EJB Servlet Tomcat Resin Struts Weblogic Eclipse ANT GUI JMS Web servise IDEA Webphere Hibernate Spring Jboss Applet Swing Socket Javamail Perl Ajax P2P 安全 模式 框架 测试 开源 游戏
Windows XP Windows 2000 Windows 2003 Windows Me Windows 9.x Linux UNIX 注册表 操作系统 服务器 应用服务器
