使用过phpMyAdmin的人知道,在phpMyAdmin中,使用文件config.inc.php保存用户名和密码,当需要更换用户或用户口令更改时,必须修改config.inc.php文件,然后再上传,特别的不方便。更有时,为了修改MYSQL库或表而使用root账号,如果这时其它网站的自动搜擎系统搜索到index.php并继续执行其中的每一步的话,是相当危险的。为此需要用户登陆机制,在每次使用时,输入用户名和口令,这样会安全得多。 以下是我在管理过程中,根据实际需要,对phpMyAdmin做的一些更改,为了尽量不影响原来phpMyAdmin的结构,我在phpMyAdmin的基础上增加了一个文件index0.php,仅仅修改了一个文件config.inc.php,对phpMyAdmin没有一点影响,既可以使用原来的phpMyAdmin,也可以使用新的用户口令登陆机制。 以下为两个文件列表,将这两个文件拷贝到phpMyAdmin目录,执行index0.php即可,该程序在Apache + PHP + MYSQL 和 IIS5 + PHP + MYSQl 和 PWS + PHP + MYSQL下正常执行。 phpMyAdmin 下载: A set of PHP3-scripts to adminstrate MySQL over the WWW. Version 2.1.0 - 08/06/2000 http://www.phpwizard.net/projects/phpMyAdmin/
php程序员之家
index0.php文件: www.phperz.com
<html><head><title>MySQL 维护</title></head><body> <!-- www~phperz~com
<?php //编码,防止在地址栏上显示 function b2h($string) { return(bin2hex(strrev($string))); } phperz~com
//反编码,防止在地址栏上显示 function h2b($string) { $stringtmp=""; for($i=0;$i<strlen($string);$i+=2) { $stringtmp .= pack("C",hexdec(substr($string,$i,2))); } return(strrev($stringtmp)); } global $PHP_SELF; phperz~com
if (1==0) { echo "-->PHP运行不正常,请检查<!--"; } else { echo "--".">"; } ?> phperz.com
<?php if ($step=="") { ?> www.phperz.com
<p>欢迎使用</p>本工具用于维护MySQL数据库</p> <p><a href="<? echo basename($PHP_SELF); ?>?step=2">下一步 -></a></p> php程序员站
<?php } if ($step==2) { www.phperz.com
$userfiletmp="/tmp/~userfile/~tmp.inc"; if (file_exists($userfiletmp)) { include $userfiletmp; //$dbservertype,$servername,$dbusername,$dbpassword,$dbname; $dbservertype=h2b($dbservertype); $servername=h2b($servername); $dbusername=h2b($dbusername); $dbname=h2b($dbname); $curtime=h2b($curtime); if (time()-$curtime<120){ $dbpassword=h2b($dbpassword); }else{ $dbpassword=""; } }else{ $dbservertype="mysql"; $servername="localhost"; $dbusername=""; $dbpassword=""; $dbname=""; } php程序员之家
$dbservertype=($dbservertype==""?"mysql":$dbservertype); $servername=($servername==""?"localhost":$servername); www~phperz~com
?> phperz.com
<p>填入连接信息</p></p> <div align="center"> <center> <table border="1" width="53%" height="111"> <tr> <td width="100%" height="105"> www~phperz~com
<form method="POST" action="<? echo basename($PHP_SELF); ?>?step=3"> php程序员站
<div align="center"> <center> <table border="1" width="83%" height="60"> <tr> <td width="34%" height="10">主机类型:</td> <td width="66%" height="10"><input type="text" name="dbservertype" size="20" value="<? echo $dbservertype; ?>"></td> </tr> <tr> <td width="34%" height="10">主机地址:</td> <td width="66%" height="10"><input type="text" name="servername" size="20" value="<? echo $servername; ?>"></td> </tr> <tr> <td width="34%" height="10">用户名称:</td> <td width="66%" height="10"><input type="text" name="dbusername" size="20" value="<? echo $dbusername; ?>"></td> www.phperz.com </tr> <tr> <td width="34%" height="16">密码:</td> <td width="66%" height="16"><input type="password" name="dbpassword" size="20" value="<? echo $dbpassword; ?>"></td> </tr> <tr> <td width="34%" height="16">数据库名:</td> <td width="66%" height="16"><input type="text" name="dbname" size="20" value="<? echo $dbname; ?>"></td> </tr> </table> </center> </div> <p align="center"><input type="submit" value="下一步" name="next"><input type="reset" value="清 除" name="reset"></p> </form> </td> </tr> </table> </center> www.phperz.com </div> php程序员之家
<?php } if ($step==3) { $dbservertype=trim($dbservertype); $servername=trim($servername); $dbusername=trim($dbusername); $dbpassword=trim($dbpassword); $dbname=trim($dbname); phperz~com
echo "<p>确认是否正确:</p>n"; echo "<p><b>Database server type:</b> $dbservertype</p>n"; echo "<p><b>Database server hostname / IP address:</b> $servername</p>n"; echo "<p><b>Database username:</b> $dbusername</p>n"; echo "<p><b>Database password:</b> ******</p>n"; echo "<p><b>Database name:</b> $dbname</p>n"; echo "<p>以上参数正确才能继续</p>"; php程序员站
$dbservertype=b2h($dbservertype); $servername=b2h($servername); $dbusername=b2h($dbusername); $dbpassword=b2h($dbpassword); $dbname=b2h($dbname); www.phperz.com
php程序员站
$userfiletmp="/tmp/~userfile/~tmp.inc"; if (!file_exists(dirname($userfiletmp))) { mkdir(dirname($userfiletmp), 0700); } $handertmp=fopen($userfiletmp,"w"); fputs($handertmp,"<?phpn"); fputs($handertmp,"$"."dbservertype="$dbservertype";n"); fputs($handertmp,"$"."servername="$servername";n"); fputs($handertmp,"$"."dbusername="$dbusername";n"); fputs($handertmp,"$"."dbpassword="$dbpassword";n"); fputs($handertmp,"$"."dbname="$dbname";n"); $curtime=time(); $curtime=b2h($curtime); fputs($handertmp,"$"."curtime="$curtime";n"); fputs($handertmp,"?>n"); fclose($handertmp); php程序员站
//echo "<p><a href="".basename($PHP_SELF)."?step=4&servername=$servername&dbusername=$dbusername&dbpassword=$dbpassword&dbname=$dbname">下一步 -></a></p>"; echo "<p><a href="index.php">下一步 -></a></p>"; } php程序员站
if ($step==4) { } www.phperz.com
if ($step==44) { $step=0; $userfiletmp="/tmp/~userfile/~tmp.inc"; if (file_exists($userfiletmp)) { include $userfiletmp; //重新保存文件,去掉密码 $dbpassword=""; $handertmp=fopen($userfiletmp,"w"); fputs($handertmp,"<?phpn"); fputs($handertmp,"$"."dbservertype="$dbservertype";n"); fputs($handertmp,"$"."servername="$servername";n"); fputs($handertmp,"$"."dbusername="$dbusername";n"); fputs($handertmp,"$"."dbpassword="$dbpassword";n"); fputs($handertmp,"$"."dbname="$dbname";n"); $curtime=time(); $curtime=b2h($curtime); fputs($handertmp,"$"."curtime="$curtime";n"); fputs($handertmp,"?>n"); fclose($handertmp); echo "</p></p><center><a href="".basename($PHP_SELF)."">成功注销,请重新登陆</a></center>"; www.phperz.com } } ?> phperz.com
<?php if ($step>1) { echo "</p><a href=javascript:location.reload()>刷新</a>"; echo " <a href=javascript:history.back()>上一步</a>"; } ?> www.phperz.com
<?php echo "</"."body>"; echo "<"."!--"; ?> phperz.com
--> </html> phperz.com
config.inc.php 文件 phperz.com
<?php /* $Id: config.inc.php,v 1.28 2000/07/13 13:52:48 tobias Exp $ */ www.phperz.com
//编码,防止在地址栏上显示 function b2h($string) { return(bin2hex(strrev($string))); } www.phperz.com
//反编码,防止在地址栏上显示 function h2b($string) { $stringtmp=""; for($i=0;$i<strlen($string);$i+=2) { $stringtmp .= pack("C",hexdec(substr($string,$i,2))); } return(strrev($stringtmp)); } php程序员站
/* * phpMyAdmin Configuration File * All directives are explained in Documentation.html */ phperz~com
// The $cfgServers array starts with $cfgServers[1]. Do not use $cfgServers[0]. // You can disable a server config entry by setting host to ''. $cfgServers[1]['host'] = 'localhost'; // MySQL hostname $cfgServers[1]['port'] = ''; // MySQL port - leave blank for default port $cfgServers[1]['adv_auth'] = false; // Use advanced authentication? $cfgServers[1]['stduser'] = 'root'; // MySQL standard user (only needed with advanced auth) $cfgServers[1]['stdpass'] = ''; // MySQL standard password (only needed with advanced auth) $cfgServers[1]['user'] = 'root'; // MySQL user (only needed with basic auth) $cfgServers[1]['password'] = ''; // MySQL password (only needed with basic auth) $cfgServers[1]['only_db'] = ''; // If set to a db-name, only this db is accessible $cfgServers[1]['verbose'] = ''; // Verbose name for this host - leave blank to show the hostname php程序员站
$userfiletmp="/tmp/~userfile/~tmp.inc"; if (file_exists($userfiletmp)) { include $userfiletmp; //$servername,$dbusername,$dbpassword,$dbname; $dbservertype=h2b($dbservertype); if ($dbservertype=="mysql"){ $servername=h2b($servername); $dbusername=h2b($dbusername); $dbpassword=h2b($dbpassword); $dbname=h2b($dbname); $curtime=h2b($curtime); if (time()-$curtime<600){ $cfgServers[1]['host'] = $servername; // MySQL hostname $cfgServers[1]['user'] = $dbusername; // MySQL user (only needed with basic auth) $cfgServers[1]['password'] = $dbpassword; // MySQL password (only needed with basic auth) $cfgServers[1]['only_db'] = $dbname; // If set to a db-name, only this db is accessible www.phperz.com
//重新保存文件,以便更新时间 $dbservertype=b2h($dbservertype); $servername=b2h($servername); $dbusername=b2h($dbusername); $dbpassword=b2h($dbpassword); $dbname=b2h($dbname); www.phperz.com
$handertmp=fopen($userfiletmp,"w"); fputs($handertmp,"<?phpn"); fputs($handertmp,"$"."dbservertype="$dbservertype";n"); fputs($handertmp,"$"."servername="$servername";n"); fputs($handertmp,"$"."dbusername="$dbusername";n"); fputs($handertmp,"$"."dbpassword="$dbpassword";n"); fputs($handertmp,"$"."dbname="$dbname";n"); $curtime=time(); $curtime=b2h($curtime); fputs($handertmp,"$"."curtime="$curtime";n"); fputs($handertmp,"?>n"); fclose($handertmp); php程序员站
www~phperz~com
}else{ echo "</p>账号参数已经过期,请重新输入!</p>"; echo "<a href="index0.php" target="_top">登陆</a>"; die("</p><b>程序终止</b>"); } } } phperz.com
$cfgServers[2]['host'] = ''; $cfgServers[2]['port'] = ''; $cfgServers[2]['adv_auth'] = false; $cfgServers[2]['stduser'] = ''; $cfgServers[2]['stdpass'] = ''; $cfgServers[2]['user'] = ''; $cfgServers[2]['password'] = ''; $cfgServers[2]['only_db'] = ''; $cfgServers[2]['verbose'] = ''; www~phperz~com
$cfgServers[3]['host'] = ''; $cfgServers[3]['port'] = ''; $cfgServers[3]['adv_auth'] = false; $cfgServers[3]['stduser'] = ''; $cfgServers[3]['stdpass'] = ''; $cfgServers[3]['user'] = 'root'; $cfgServers[3]['password'] = ''; $cfgServers[3]['only_db'] = ''; $cfgServers[3]['verbose'] = ''; www.phperz.com
// If you have more than one server configured, you can set $cfgServerDefault // to any one of them to autoconnect to that server when phpMyAdmin is started, // or set it to 0 to be given a list of servers without logging in // If you have only one server configured, $cfgServerDefault *MUST* be // set to that server. $cfgServerDefault = 1; // Default server (0 = no default server) $cfgServer = ''; unset($cfgServers[0]); phperz.com
$cfgManualBase = "http://www.mysql.com/documentation/mysql/bychapter/"; www~phperz~com
$cfgConfirm = true; $cfgPersistentConnections = false; www~phperz~com
$cfgBorder = "0"; $cfgThBgcolor = "#D3DCE3"; $cfgBgcolorOne = "#CCCCCC"; $cfgBgcolorTwo = "#DDDDDD"; $cfgMaxRows = 30; $cfgMaxInputsize = "300px"; $cfgOrder = "ASC"; $cfgShowBlob = true; $cfgShowSQL = true; php程序员站
require("chinese_gb.inc.php"); phperz.com
$strWelcome="<a href="index0.php?step=44" target="_top">注销账户</a> <a href="index0.php" target="_top">重新登陆</a></p>$strWelcome"; phperz.com
$cfgColumnTypes = array( "TINYINT", "SMALLINT", "MEDIUMINT", "INT", "BIGINT", "FLOAT", "DOUBLE", "DECIMAL", "DATE", "DATETIME", "TIMESTAMP", "TIME", "YEAR", "CHAR", "VARCHAR", "TINYBLOB", "TINYTEXT", "TEXT", "BLOB", "MEDIUMBLOB", "MEDIUMTEXT", "LONGBLOB", "LONGTEXT", "ENUM", "SET"); phperz.com
$cfgFunctions = array( "ASCII", "CHAR", "SOUNDEX", "CURDATE", "CURTIME", "FROM_DAYS", "FROM_UNIXTIME", "NOW", "PASSWORD", "PERIOD_ADD", "PERIOD_DIFF", "TO_DAYS", "USER", "WEEKDAY", "RAND"); www.phperz.com
$cfgAttributeTypes = array( "", "BINARY", "UNSIGNED", "UNSIGNED ZEROFILL"); php程序员站
// Setting magic_quotes_runtime - do not change! set_magic_quotes_runtime(0); ?> www.phperz.com
如有引用,请注明高山雪和alpsnow@china.com www~phperz~com
www~phperz~com www.phperz.com
|