使用過phpMyAdmin的人知道,在phpMyAdmin中,使用文件config.inc.php保存用戶名和密碼,當需要更換用戶或用戶口令更改時,必須修改config.inc.php文件,然後再上傳,特別的不方便。更有時,為了修改MYSQL庫或表而使用root賬號,如果這時其它網站的自動搜擎系統搜索到index.php並繼續執行其中的每一步的話,是相當危險的。為此需要用戶登陸機制,在每次使用時,輸入用戶名和口令,這樣會安全得多。
以下是我在管理過程中,根據實際需要,對phpMyAdmin做的一些更改,為了盡量不影響原來phpMyAdmin的結構,我在phpMyAdmin的基礎上增加了一個文件index0.php,僅僅修改了一個文件config.inc.php,對phpMyAdmin沒有一點影響,既可以使用原來的phpMyAdmin,也可以使用新的用戶口令登陸機制。
以下為兩個文件列表,將這兩個文件拷貝到phpMyAdmin目錄,執行index0.php即可,該程序在Apache + PHP + MYSQL 和 IIS5 + PHP + MYSQl 和 PWS + PHP + MYSQL下正常執行。
phpMyAdmin 下載:
A set of PHP3-scripts to adminstrate MySQL over the WWW.
Version 2.1.0 - 08/06/2000
http://www.phpwizard.net/projects/phpMyAdmin/
index0.php文件:
<html><head><title>MySQL 維護</title></head><body>
<!--
<?php
//編碼,防止在地址欄上顯示
function b2h($string) {
return(bin2hex(strrev($string)));
}
//反編碼,防止在地址欄上顯示
function h2b($string) {
$stringtmp="";
for($i=0;$i<strlen($string);$i+=2) {
$stringtmp .= pack("C",hexdec(substr($string,$i,2)));
}
return(strrev($stringtmp));
}
global $PHP_SELF;
if (1==0) {
echo "-->PHP運行不正常,請檢查<!--";
} else {
echo "--".">";
}
?>
<?php
if ($step=="") {
?>
<p>歡迎使用</p>本工具用於維護MySQL數據庫</p>
<p><a href="<? echo basename($PHP_SELF); ?>?step=2">下一步 -></a></p>
<?php
}
if ($step==2) {
$userfiletmp="/tmp/~userfile/~tmp.inc";
if (file_exists($userfiletmp)) {
include $userfiletmp;
//$dbservertype,$servername,$dbusername,$dbpassword,$dbname;
$dbservertype=h2b($dbservertype);
$servername=h2b($servername);
$dbusername=h2b($dbusername);
$dbname=h2b($dbname);
$curtime=h2b($curtime);
if (time()-$curtime<120){
$dbpassword=h2b($dbpassword);
}else{
$dbpassword="";
}
}else{
$dbservertype="mysql";
$servername="localhost";
$dbusername="";
$dbpassword="";
$dbname="";
}
$dbservertype=($dbservertype==""?"mysql":$dbservertype);
$servername=($servername==""?"localhost":$servername);
?>
<p>填入連接信息</p></p>
<div align="center">
<center>
<table border="1" width="53%" height="111">
<tr>
<td width="100%" height="105">
<form method="POST" action="<? echo basename($PHP_SELF); ?>?step=3">
<div align="center">
<center>
<table border="1" width="83%" height="60">
<tr>
<td width="34%" height="10">主機類型:</td>
<td width="66%" height="10"><input type="text" name="dbservertype" size="20" value="<? echo $dbservertype; ?>"></td>
</tr>
<tr>
<td width="34%" height="10">主機地址:</td>
<td width="66%" height="10"><input type="text" name="servername" size="20" value="<? echo $servername; ?>"></td>
</tr>
<tr>
<td width="34%" height="10">用戶名稱:</td>
<td width="66%" height="10"><input type="text" name="dbusername" size="20" value="<? echo $dbusername; ?>"></td>
</tr>
<tr>
<td width="34%" height="16">密碼:</td>
<td width="66%" height="16"><input type="password" name="dbpassword" size="20" value="<? echo $dbpassword; ?>"></td>
</tr>
<tr>
<td width="34%" height="16">數據庫名:</td>
<td width="66%" height="16"><input type="text" name="dbname" size="20" value="<? echo $dbname; ?>"></td>
</tr>
</table>
</center>
</div>
<p align="center"><input type="submit" value="下一步" name="next"><input type="reset" value="清 除" name="reset"></p>
</form>
</td>
</tr>
</table>
</center>
</div>
<?php
}
if ($step==3) {
$dbservertype=trim($dbservertype);
$servername=trim($servername);
$dbusername=trim($dbusername);
$dbpassword=trim($dbpassword);
$dbname=trim($dbname);
echo "<p>確認是否正確:</p>n";
echo "<p><b>Database server type:</b> $dbservertype</p>n";
echo "<p><b>Database server hostname / IP address:</b> $servername</p>n";
echo "<p><b>Database username:</b> $dbusername</p>n";
echo "<p><b>Database password:</b> ******</p>n";
echo "<p><b>Database name:</b> $dbname</p>n";
echo "<p>以上參數正確才能繼續</p>";
$dbservertype=b2h($dbservertype);
$servername=b2h($servername);
$dbusername=b2h($dbusername);
$dbpassword=b2h($dbpassword);
$dbname=b2h($dbname);
$userfiletmp="/tmp/~userfile/~tmp.inc";
if (!file_exists(dirname($userfiletmp))) {
mkdir(dirname($userfiletmp), 0700);
}
$handertmp=fopen($userfiletmp,"w");
fputs($handertmp,"<?phpn");
fputs($handertmp,"$"."dbservertype="$dbservertype";n");
fputs($handertmp,"$"."servername="$servername";n");
fputs($handertmp,"$"."dbusername="$dbusername";n");
fputs($handertmp,"$"."dbpassword="$dbpassword";n");
fputs($handertmp,"$"."dbname="$dbname";n");
$curtime=time();
$curtime=b2h($curtime);
fputs($handertmp,"$"."curtime="$curtime";n");
fputs($handertmp,"?>n");
fclose($handertmp);
//echo "<p><a href="".basename($PHP_SELF)."?step=4&servername=$servername&dbusername=$dbusername&dbpassword=$dbpassword&dbname=$dbname">下一步 -></a></p>";
echo "<p><a href="index.php">下一步 -></a></p>";
}
if ($step==4) {
}
if ($step==44) {
$step=0;
$userfiletmp="/tmp/~userfile/~tmp.inc";
if (file_exists($userfiletmp)) {
include $userfiletmp;
//重新保存文件,去掉密碼
$dbpassword="";
$handertmp=fopen($userfiletmp,"w");
fputs($handertmp,"<?phpn");
fputs($handertmp,"$"."dbservertype="$dbservertype";n");
fputs($handertmp,"$"."servername="$servername";n");
fputs($handertmp,"$"."dbusername="$dbusername";n");
fputs($handertmp,"$"."dbpassword="$dbpassword";n");
fputs($handertmp,"$"."dbname="$dbname";n");
$curtime=time();
$curtime=b2h($curtime);
fputs($handertmp,"$"."curtime="$curtime";n");
fputs($handertmp,"?>n");
fclose($handertmp);
echo "</p></p><center><a href="".basename($PHP_SELF)."">成功注銷,請重新登陸</a></center>";
}
}
?>
<?php
if ($step>1) {
echo "</p><a href=javascript:location.reload()>刷新</a>";
echo " <a href=javascript:history.back()>上一步</a>";
}
?>
<?php
echo "</"."body>";
echo "<"."!--";
?>
-->
</html>
config.inc.php 文件
<?php
/* $Id: config.inc.php,v 1.28 2000/07/13 13:52:48 tobias Exp $ */
//編碼,防止在地址欄上顯示
function b2h($string) {
return(bin2hex(strrev($string)));
}
//反編碼,防止在地址欄上顯示
function h2b($string)
