How to use editor-2.3.2.php?

Help
2010-05-10
2013-06-06
  • Jakub Vrána
    Jakub Vrána
    2010-05-10

    Hello!

    You don't have to modify or rename editor-2.3.2.php. Just create another file (named for example index.php) and put your customization in it (don't forget to include PHP tags): http://www.adminer.org/en/extension/

    It is important to understand that Adminer Editor uses a different set of credentials to access the application (defined by login() method) and to authentize to database (detined by credentials() method).

     
  • The following index.php works, but it is dangerous, because it includes the root password for the MySQL database.

    Is there a way to log in using Adminer Editor (included in the file 'index.php') WITHOUT including the MySQL database password in file 'index.php'? Thank you.

    <?php
    function adminer_object() {

        class AdminerSoftware extends Adminer {

            function name() {
                // custom name in title and heading
                return 'MyDatabase001';
            }

            function permanentLogin() {
                // key used for permanent login
                return "";
            }

            function credentials() {
                // server, username and password for connecting to database
                return array('localhost', 'root' , 'MYSQLROOTPASSWORD');
            }

            function database() {
                // database name, will be escaped by Adminer
                return 'mydatabase001';
            }

            function login($login, $password) {
                // validate user submitted credentials
                return ($login == 'root');
            }

        }

        return new AdminerSoftware;
    }

    include "./editor-2.3.2.php";
    php?>

     
  • Jakub Vrána
    Jakub Vrána
    2010-05-25

    You can return return array("localhost", "root", get_session("passwords")) from credentials() method but I strongly suggest to use different password for Editor (checked in login() method) and for MySQL (specified in credentials() method).

    PHP end tag is only ?> (not php?>) and it is optional.

    1. You can name the class anything you want.

    2. Method permanentLogin() is used for permanent storing passwords in cookies. Returned string is a key so you should change it to anything else (preferably random). You can also take it out but then permanent login would be disabled.

    3. The credentials() method doesn't take any parameters. It returns an array with MySQL server, username and password. If you use 'root' username then this method should return 'root' in second array member.

    4. The login() method authorizes a user to use Adminer.

    5. The credentials() method should return the database password in plain text. The login() method can check $password against hash of password.

    You get the error message because credentials() method returns an empty string.

    P.S. Don't use the root user for simple data editing. Create a separate user with limited privileges.

     
  • "PHP end tag is only ?> and is optional"

    It is ?>, but it is most certainly *not* optional. It does correct this error, but at a cost. If you do not include it, it waits until the timeout before returning your data, keeping an instance of php in memory on the server. Using resources and doing nothing, for no reason.

    I have crashed my testbed server by doing this in a loop with an include and the include did not include the end. It will bring it down php, or maybe your whole server eventually. In a well setup server environment, only for your site, and only for a time. But still poor coding. Either way, just do not be lazy. Close your php.

    Eric S

     
  • Jakub Vrána
    Jakub Vrána
    2011-12-22

    Read section in PHP Manual before writing anything else.