Disallow using password-less databases
This commit is contained in:
parent
db11fa4c1a
commit
60d1b7b3b4
|
@ -227,8 +227,11 @@ if (isset($_GET["elastic"])) {
|
||||||
function connect() {
|
function connect() {
|
||||||
global $adminer;
|
global $adminer;
|
||||||
$connection = new Min_DB;
|
$connection = new Min_DB;
|
||||||
$credentials = $adminer->credentials();
|
list($server, $username, $password) = $adminer->credentials();
|
||||||
if ($connection->connect($credentials[0], $credentials[1], $credentials[2])) {
|
if ($password != "" && $connection->connect($server, $username, "")) {
|
||||||
|
return lang('Database does not support password.');
|
||||||
|
}
|
||||||
|
if ($connection->connect($server, $username, $password)) {
|
||||||
return $connection;
|
return $connection;
|
||||||
}
|
}
|
||||||
return $connection->error;
|
return $connection->error;
|
||||||
|
|
|
@ -610,7 +610,7 @@ if (isset($_GET["mongo"])) {
|
||||||
$connection = new Min_DB;
|
$connection = new Min_DB;
|
||||||
list($server, $username, $password) = $adminer->credentials();
|
list($server, $username, $password) = $adminer->credentials();
|
||||||
$options = array();
|
$options = array();
|
||||||
if ($username != "") {
|
if ($username . $password != "") {
|
||||||
$options["username"] = $username;
|
$options["username"] = $username;
|
||||||
$options["password"] = $password;
|
$options["password"] = $password;
|
||||||
}
|
}
|
||||||
|
@ -620,6 +620,15 @@ if (isset($_GET["mongo"])) {
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
$connection->_link = $connection->connect("mongodb://$server", $options);
|
$connection->_link = $connection->connect("mongodb://$server", $options);
|
||||||
|
if ($password != "") {
|
||||||
|
$options["password"] = "";
|
||||||
|
try {
|
||||||
|
$connection->connect("mongodb://$server", $options);
|
||||||
|
return lang('Database does not support password.');
|
||||||
|
} catch (Exception $ex) {
|
||||||
|
// this is what we want
|
||||||
|
}
|
||||||
|
}
|
||||||
return $connection;
|
return $connection;
|
||||||
} catch (Exception $ex) {
|
} catch (Exception $ex) {
|
||||||
return $ex->getMessage();
|
return $ex->getMessage();
|
||||||
|
|
|
@ -248,6 +248,11 @@ if (isset($_GET["simpledb"])) {
|
||||||
|
|
||||||
|
|
||||||
function connect() {
|
function connect() {
|
||||||
|
global $adminer;
|
||||||
|
list(, , $password) = $adminer->credentials();
|
||||||
|
if ($password != "") {
|
||||||
|
return lang('Database does not support password.');
|
||||||
|
}
|
||||||
return new Min_DB;
|
return new Min_DB;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -240,6 +240,11 @@ if (isset($_GET["sqlite"]) || isset($_GET["sqlite2"])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function connect() {
|
function connect() {
|
||||||
|
global $adminer;
|
||||||
|
list(, , $password) = $adminer->credentials();
|
||||||
|
if ($password != "") {
|
||||||
|
return lang('Database does not support password.');
|
||||||
|
}
|
||||||
return new Min_DB;
|
return new Min_DB;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -145,9 +145,8 @@ class Adminer {
|
||||||
* @return mixed true for success, string for error message, false for unknown error
|
* @return mixed true for success, string for error message, false for unknown error
|
||||||
*/
|
*/
|
||||||
function login($login, $password) {
|
function login($login, $password) {
|
||||||
global $jush;
|
if ($password == "") { //! password is optional in Elastic and Mongo
|
||||||
if ($jush == "sqlite") {
|
return lang('<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use password-less database.', target_blank(), '<code>login()</code>');
|
||||||
return lang('<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.', target_blank(), '<code>login()</code>');
|
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,8 @@ $translations = array(
|
||||||
'Logout successful.' => 'Odhlášení proběhlo v pořádku.',
|
'Logout successful.' => 'Odhlášení proběhlo v pořádku.',
|
||||||
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Díky za použití Admineru, <a href="%s">příspějte</a> na vývoj.',
|
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Díky za použití Admineru, <a href="%s">příspějte</a> na vývoj.',
|
||||||
'Invalid credentials.' => 'Neplatné přihlašovací údaje.',
|
'Invalid credentials.' => 'Neplatné přihlašovací údaje.',
|
||||||
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.' => 'Pro přihlášení k SQLite <a href="https://www.adminer.org/cs/extension/"%s>implementujte</a> metodu %s.',
|
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use password-less database.' => 'Pro přihlášení bez hesla <a href="https://www.adminer.org/cs/extension/"%s>implementujte</a> metodu %s.',
|
||||||
|
'Database does not support password.' => 'Databáze nepodporuje heslo.',
|
||||||
'Too many unsuccessful logins, try again in %d minute(s).' => array('Příliš mnoho pokusů o přihlášení, zkuste to znovu za %d minutu.', 'Příliš mnoho pokusů o přihlášení, zkuste to znovu za %d minuty.', 'Příliš mnoho pokusů o přihlášení, zkuste to znovu za %d minut.'),
|
'Too many unsuccessful logins, try again in %d minute(s).' => array('Příliš mnoho pokusů o přihlášení, zkuste to znovu za %d minutu.', 'Příliš mnoho pokusů o přihlášení, zkuste to znovu za %d minuty.', 'Příliš mnoho pokusů o přihlášení, zkuste to znovu za %d minut.'),
|
||||||
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Platnost hlavního hesla vypršela. <a href="https://www.adminer.org/cs/extension/"%s>Implementujte</a> metodu %s, aby platilo stále.',
|
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Platnost hlavního hesla vypršela. <a href="https://www.adminer.org/cs/extension/"%s>Implementujte</a> metodu %s, aby platilo stále.',
|
||||||
'Language' => 'Jazyk',
|
'Language' => 'Jazyk',
|
||||||
|
|
|
@ -276,7 +276,6 @@ $translations = array(
|
||||||
'ATTACH queries are not supported.' => 'שאילתת ATTACH אינה נתמכת',
|
'ATTACH queries are not supported.' => 'שאילתת ATTACH אינה נתמכת',
|
||||||
'%d / ' => '%d / ',
|
'%d / ' => '%d / ',
|
||||||
'Limit rows' => 'הגבל שורות',
|
'Limit rows' => 'הגבל שורות',
|
||||||
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.' => '<a href="https://www.adminer.org/en/extension/"%s>התקן</a> את תוסף SQLite בשביל להתחבר',
|
|
||||||
'Default value' => 'ערך ברירת מחדל',
|
'Default value' => 'ערך ברירת מחדל',
|
||||||
'Full table scan' => 'סריקה טבלה מלאה',
|
'Full table scan' => 'סריקה טבלה מלאה',
|
||||||
'Too many unsuccessful logins, try again in %d minute(s).' => 'יותר מידי נסיונות כניסה נכשלו, אנא נסה עוד %d דקות',
|
'Too many unsuccessful logins, try again in %d minute(s).' => 'יותר מידי נסיונות כניסה נכשלו, אנא נסה עוד %d דקות',
|
||||||
|
|
|
@ -12,7 +12,6 @@ $translations = array(
|
||||||
'Logout successful.' => 'Log keluar berjaya.',
|
'Logout successful.' => 'Log keluar berjaya.',
|
||||||
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Terima kasih kerana menggunakan Adminer, pertimbangkan untuk <a href="%s">menderma</a>.',
|
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Terima kasih kerana menggunakan Adminer, pertimbangkan untuk <a href="%s">menderma</a>.',
|
||||||
'Invalid credentials.' => 'Akses tidak sah.',
|
'Invalid credentials.' => 'Akses tidak sah.',
|
||||||
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.' => '<a href="https://www.adminer.org/en/extension/"%s>Gunakan</a> cara %s untuk menggunakan SQLite.',
|
|
||||||
'Too many unsuccessful logins, try again in %d minute(s).' => 'Terlalu banyak percubaan log masuk yang gagal, sila cuba lagi dalam masa %d minit.',
|
'Too many unsuccessful logins, try again in %d minute(s).' => 'Terlalu banyak percubaan log masuk yang gagal, sila cuba lagi dalam masa %d minit.',
|
||||||
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Kata laluan utama telah luput. <a href="https://www.adminer.org/en/extension/"%s>Gunakan</a> cara %s untuk mengekalkannya.',
|
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Kata laluan utama telah luput. <a href="https://www.adminer.org/en/extension/"%s>Gunakan</a> cara %s untuk mengekalkannya.',
|
||||||
'Language' => 'Bahasa',
|
'Language' => 'Bahasa',
|
||||||
|
|
|
@ -12,7 +12,6 @@ $translations = array(
|
||||||
'Logout successful.' => 'Wylogowano pomyślnie.',
|
'Logout successful.' => 'Wylogowano pomyślnie.',
|
||||||
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Dziękujemy za używanie Adminera, rozważ proszę <a href="%s">dotację</a>.',
|
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Dziękujemy za używanie Adminera, rozważ proszę <a href="%s">dotację</a>.',
|
||||||
'Invalid credentials.' => 'Nieprawidłowe dane logowania.',
|
'Invalid credentials.' => 'Nieprawidłowe dane logowania.',
|
||||||
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.' => '<a href="https://www.adminer.org/pl/extension/"%s>Zaimplementuj</a> metodę %s aby użyć SQLite.',
|
|
||||||
'Too many unsuccessful logins, try again in %d minute(s).' => array('Za dużo nieudanych prób logowania, spróbuj ponownie za %d minutę.', 'Za dużo nieudanych prób logowania, spróbuj ponownie za %d minuty.', 'Za dużo nieudanych prób logowania, spróbuj ponownie za %d minut.'),
|
'Too many unsuccessful logins, try again in %d minute(s).' => array('Za dużo nieudanych prób logowania, spróbuj ponownie za %d minutę.', 'Za dużo nieudanych prób logowania, spróbuj ponownie za %d minuty.', 'Za dużo nieudanych prób logowania, spróbuj ponownie za %d minut.'),
|
||||||
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Ważność hasła głównego wygasła. <a href="https://www.adminer.org/pl/extension/"%s>Zaimplementuj</a> własną metodę %s, aby ustawić je na stałe.',
|
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Ważność hasła głównego wygasła. <a href="https://www.adminer.org/pl/extension/"%s>Zaimplementuj</a> własną metodę %s, aby ustawić je na stałe.',
|
||||||
'Language' => 'Język',
|
'Language' => 'Język',
|
||||||
|
|
|
@ -276,7 +276,6 @@ $translations = array(
|
||||||
'ATTACH queries are not supported.' => 'ATTACH-запросы не поддерживаются.',
|
'ATTACH queries are not supported.' => 'ATTACH-запросы не поддерживаются.',
|
||||||
'%d / ' => '%d / ',
|
'%d / ' => '%d / ',
|
||||||
'Limit rows' => 'Лимит строк',
|
'Limit rows' => 'Лимит строк',
|
||||||
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.' => '<a href="https://www.adminer.org/en/extension/"%s>Реализуйте</a> метод %s, чтобы использовать SQLite.',
|
|
||||||
'Default value' => 'Значение по умолчанию',
|
'Default value' => 'Значение по умолчанию',
|
||||||
'Full table scan' => 'Анализ полной таблицы',
|
'Full table scan' => 'Анализ полной таблицы',
|
||||||
'Too many unsuccessful logins, try again in %d minute(s).' => array('Слишком много неудачных попыток входа. Попробуйте снова через %d минуту.', 'Слишком много неудачных попыток входа. Попробуйте снова через %d минуты.', 'Слишком много неудачных попыток входа. Попробуйте снова через %d минут.'),
|
'Too many unsuccessful logins, try again in %d minute(s).' => array('Слишком много неудачных попыток входа. Попробуйте снова через %d минуту.', 'Слишком много неудачных попыток входа. Попробуйте снова через %d минуты.', 'Слишком много неудачных попыток входа. Попробуйте снова через %d минут.'),
|
||||||
|
|
|
@ -12,7 +12,6 @@ $translations = array(
|
||||||
'Logout successful.' => 'Oturum başarıyla sonlandı.',
|
'Logout successful.' => 'Oturum başarıyla sonlandı.',
|
||||||
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Adminer kullandığınız için teşekkür ederiz <a href="%s">bağış yapmayı düşünün</a>.',
|
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Adminer kullandığınız için teşekkür ederiz <a href="%s">bağış yapmayı düşünün</a>.',
|
||||||
'Invalid credentials.' => 'Geçersiz kimlik bilgileri.',
|
'Invalid credentials.' => 'Geçersiz kimlik bilgileri.',
|
||||||
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.' => 'SQLite kullanmak için <a href="https://www.adminer.org/en/extension/"%s>%s metodunu</a> kullanın.',
|
|
||||||
'Too many unsuccessful logins, try again in %d minute(s).' => array('Çok fazla oturum açma denemesi yapıldı.', '%d Dakika sonra tekrar deneyiniz.'),
|
'Too many unsuccessful logins, try again in %d minute(s).' => array('Çok fazla oturum açma denemesi yapıldı.', '%d Dakika sonra tekrar deneyiniz.'),
|
||||||
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Ana şifrenin süresi doldu. Kalıcı olması için <a href="https://www.adminer.org/en/extension/"%s>%s medodunu</a> kullanın.',
|
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Ana şifrenin süresi doldu. Kalıcı olması için <a href="https://www.adminer.org/en/extension/"%s>%s medodunu</a> kullanın.',
|
||||||
'Language' => 'Dil',
|
'Language' => 'Dil',
|
||||||
|
|
|
@ -12,7 +12,8 @@ $translations = array(
|
||||||
'Logout successful.' => 'Xx.',
|
'Logout successful.' => 'Xx.',
|
||||||
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Xx <a href="%s">xx</a>.',
|
'Thanks for using Adminer, consider <a href="%s">donating</a>.' => 'Xx <a href="%s">xx</a>.',
|
||||||
'Invalid credentials.' => 'Xx.',
|
'Invalid credentials.' => 'Xx.',
|
||||||
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use SQLite.' => '<a href="https://www.adminer.org/en/extension/"%s>Xx</a> %s xx.',
|
'<a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to use password-less database.' => '<a href="https://www.adminer.org/en/extension/"%s>Xx</a> %s xx.',
|
||||||
|
'Database does not support password.' => 'Xx.',
|
||||||
'Too many unsuccessful logins, try again in %d minute(s).' => array('Xx %d.', 'Xx %d.'),
|
'Too many unsuccessful logins, try again in %d minute(s).' => array('Xx %d.', 'Xx %d.'),
|
||||||
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => '<a href="https://www.adminer.org/en/extension/"%s>Xx</a> %s xx.',
|
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => '<a href="https://www.adminer.org/en/extension/"%s>Xx</a> %s xx.',
|
||||||
'Language' => 'Xx',
|
'Language' => 'Xx',
|
||||||
|
|
|
@ -1,8 +1,10 @@
|
||||||
<?php
|
<?php
|
||||||
function adminer_object() {
|
function adminer_object() {
|
||||||
include_once "../plugins/plugin.php";
|
include_once "../plugins/plugin.php";
|
||||||
include_once "../plugins/login-sqlite.php";
|
include_once "../plugins/login-password-less.php";
|
||||||
return new AdminerPlugin(array(new AdminerLoginSqlite("admin", password_hash("", PASSWORD_DEFAULT))));
|
return new AdminerPlugin(array(
|
||||||
|
new AdminerLoginPasswordLess(password_hash("YOUR_PASSWORD_HERE", PASSWORD_DEFAULT)),
|
||||||
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
include "./index.php";
|
include "./index.php";
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
Adminer 4.6.3-dev:
|
Adminer 4.6.3-dev:
|
||||||
|
Disallow using password-less databases
|
||||||
Stop session before connecting
|
Stop session before connecting
|
||||||
Simplify running slow queries
|
Simplify running slow queries
|
||||||
Decrease timeout for running slow queries from 5 seconds to 2 seconds
|
Decrease timeout for running slow queries from 5 seconds to 2 seconds
|
||||||
|
|
|
@ -1,29 +1,31 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/** Enable login for SQLite
|
/** Enable login for password-less database
|
||||||
* @link https://www.adminer.org/plugins/#use
|
* @link https://www.adminer.org/plugins/#use
|
||||||
* @author Jakub Vrana, https://www.vrana.cz/
|
* @author Jakub Vrana, https://www.vrana.cz/
|
||||||
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
|
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
|
||||||
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
|
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
|
||||||
*/
|
*/
|
||||||
class AdminerLoginSqlite {
|
class AdminerLoginPasswordLess {
|
||||||
/** @access protected */
|
/** @access protected */
|
||||||
var $login, $password_hash;
|
var $password_hash;
|
||||||
|
|
||||||
/** Set allowed credentials
|
/** Set allowed password
|
||||||
* @param string
|
|
||||||
* @param string result of password_hash
|
* @param string result of password_hash
|
||||||
*/
|
*/
|
||||||
function __construct($login, $password_hash) {
|
function __construct($password_hash) {
|
||||||
$this->login = $login;
|
|
||||||
$this->password_hash = $password_hash;
|
$this->password_hash = $password_hash;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function credentials() {
|
||||||
|
$password = get_password();
|
||||||
|
return array(SERVER, $_GET["username"], (password_verify($password, $this->password_hash) ? "" : $password));
|
||||||
|
}
|
||||||
|
|
||||||
function login($login, $password) {
|
function login($login, $password) {
|
||||||
if (DRIVER != "sqlite" && DRIVER != "sqlite2") {
|
if ($password != "") {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
return $this->login == $login && password_verify($password, $this->password_hash);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
Loading…
Reference in a new issue