如何解决如何基于无登录密码的插件使用无密码的管理员
我想使用没有密码的管理员。
我上传了adminer-4.7.7-en.php文件并找到了无需登录密码的插件 我用内容创建文件plugins / login-password-less.php:
<?php
/** Enable login for password-less database
* @link https://www.adminer.org/plugins/#use
* @author Jakub Vrana,https://www.vrana.cz/
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License,Version 2.0
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License,version 2 (one or other)
*/
class AdminerLoginPasswordLess {
/** @access protected */
var $password_hash;
/** Set allowed password
* @param string result of password_hash
*/
function __construct($password_hash) {
$this->password_hash = $password_hash;
}
function credentials() {
$password = get_password();
return array(SERVER,$_GET["username"],(password_verify($password,$this->password_hash) ? "" : $password));
}
function login($login,$password) {
if ($password != "") {
return true;
}
}
}
并阅读https://www.adminer.org/plugins/#use,我创建了文件adminer.php,该文件是 位于一个adminer-4.7.7-en.php目录中,我创建了指向该文件的新Apache主机。
此文件具有:
<?php
function adminer_object() {
// required to run any plugin
include_once "./plugins/login-password-less.php"; // Plugin I want to use
// autoloader
foreach (glob("plugins/*.php") as $filename) {
include_once "./$filename";
}
$plugins = array(
// specify enabled plugins here
new AdminerLoginPasswordLess,// Plugin I want to use
/* new AdminerTinymce,new AdminerFileUpload("data/"),new AdminerSlugify,new AdminerTranslation,new AdminerForeignSystem,*/
);
/* It is possible to combine customization and plugins:
class AdminerCustomization extends AdminerPlugin {
}
return new AdminerCustomization($plugins);
*/
return new AdminerPlugin($plugins); // I am not sure which class is it and where it is defined ?
}
// include original Adminer or Adminer Editor
include "./adminer-4.7.7-en.php"; // encoded file I uploaded
?>
我得到了错误:
Fatal error: Uncaught ArgumentCountError: Too few arguments to function AdminerLoginPasswordLess::__construct(),0 passed in /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php on line 13 and exactly 1 expected in /mnt/_work_sdb8/wwwroot/lar/local_adminer/plugins/login-password-less.php:16 Stack trace: #0 /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php(13): AdminerLoginPasswordLess->__construct() #1 /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer-4.7.7-en.php(1654): adminer_object() #2 /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php(31): include('/mnt/_work_sdb8...') #3 {main} thrown in /mnt/_work_sdb8/wwwroot/lar/local_adminer/plugins/login-password-less.php on line 16
哪种是不带密码使用管理员的有效方法?
已修改: 我做了:
new AdminerLoginPasswordLess(hash("md5",'my_sql_user_password')),
所选的“ md5”方法是否有效?
但是我遇到了错误:
Fatal error: Uncaught Error: Class 'AdminerPlugin' not found in /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php:32 Stack trace: #0 /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer-4.7.7-en.php(1654): adminer_object() #1 /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php(36): include('/mnt/_work_sdb8...') #2 {main} thrown in /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php on line 32
已修改: 在网站的源版本中,我使用AdminerPlugin类实现创建了plugin.php文件。 我将此文件移到了plugins目录下。 在plugins / login-password-less.php中,我添加了对plugins / plugin.php文件的引用,并添加了调试信息:
<?php
/** Enable login for password-less database
* @link https://www.adminer.org/plugins/#use
* @author Jakub Vrana,version 2 (one or other)
*/
include_once "./plugins/plugin.php";
class AdminerLoginPasswordLess {
/** @access protected */
var $password_hash;
/** Set allowed password
* @param string result of password_hash
*/
function __construct($password_hash) {
$this->password_hash = $password_hash;
debToFile('-2 AdminerLoginPasswordLess->__construct:$this->password_hash::'.$this->password_hash);
// That is debugging method appending string into text file
}
function credentials() {
$password = get_password();
debToFile('-3 AdminerLoginPasswordLess->credentials:$password::'.$password);
// That is debugging method appending string into text file
return array(SERVER,$this->password_hash) ? "" : $password));
}
function login($login,$password) {
debToFile('-4 AdminerLoginPasswordLess->login:$login::'.$login);
if ($password != "") {
debToFile('-5 TRUE AdminerLoginPasswordLess->login:$login::'.$login);
// That is debugging method appending string into text file
return true;
}
debToFile('-5 false AdminerLoginPasswordLess->login:$login::'.$login);
}
}
在adminer.php中,我添加了调试行:
$plugins = array(
new AdminerLoginPasswordLess(hash("md5",'m8y2s8q&L')),);
debToFile('-1After:AdminerLoginPasswordLess');
我看到的登录文件是
<pre>::-2 AdminerLoginPasswordLess->__construct:$this->password_hash::c61d49aaab35ca428e60d764ff05159d</pre>
<pre>::-1After:AdminerLoginPasswordLess</pre>
这意味着不会触发方法凭据和AdminerLoginPasswordLess类的登录。 我在浏览器中运行为: http://local-adminer.com/?username=mysql_login_user
或 http://local-adminer.com //在apache配置中托管
并且我没有错误,但是我仍然必须输入mysql_login_user的密码。
我错过了一些选项/插件吗?
谢谢!
解决方法
首先要做
mkdir -p plugins;
wget -O plugins/plugin.php https://raw.githubusercontent.com/vrana/adminer/master/plugins/plugin.php;
nano plugins/passwordless_login.php
然后写
<?php
class AdminerLoginPasswordLess {
public function credentials() {
return array("mysql_hostname","mysql_username","mysql_password");
}
function login($login,$password) {
return true;
}
}
然后保存并退出,然后运行nano adminer_with_plugins.php
并输入:
<?php
function adminer_object() {
// required to run any plugin
include_once "./plugins/plugin.php";
// "autoloader"
foreach (glob("plugins/*.php") as $filename) {
include_once "./$filename";
}
$plugins = array(
// specify enabled plugins here
new AdminerLoginPasswordLess,//new AdminerDumpXml,//new AdminerTinymce,//new AdminerFileUpload("data/"),//new AdminerSlugify,//new AdminerTranslation,//new AdminerForeignSystem,);
return new AdminerPlugin($plugins);
}
// include original Adminer or Adminer Editor
include "./adminer.php";
然后保存并退出;
然后将您的网络浏览器指向adminer_with_plugins.php
而不是adminer.php
,现在您已经有效地禁用了管理员使用不同的用户名/密码/主机登录的能力,无论您尝试使用哪种凭据登录,它都将始终使用源代码中写的mysql_hostname / mysql_username / mysql_password登录,而忽略用户输入的凭据。
不用说,这是一个非常安全的操作。
,如果您可以绕过耗时的小任务,通常可以节省时间。我尝试了上述方法,但对我不起作用,所以我做了以下工作,适用于 2021 年的 Adminer 4.7.9。
警告:请注意,它仅适用于您的本地计算机,不建议用于在线数据库。:
第 1 步:从 Github 下载 Adminer 源代码,此 link。
第 2 步:打开 adminer-master\adminer\include\auth.inc.php
第 3 步:在第 55 至 57 行编辑以下内容并将 my_username 和 my_password 替换为您的 MySQL 凭据:
$server = "localhost"; //$auth["server"];
$username = "my_username"; //$auth["username"];
$password = "my_password"; //(string) $auth["password"];
第 4 步:保存并立即打开 Adminer,将浏览器指向“adminer-master\adminer”
第 5 步:只需单击“登录”按钮,您无需输入任何内容即可登录。
希望它对你有用。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。