Jump to content

How to use adminer without password basing on login-password-less plugins


mstdmstd
 Share

Recommended Posts

Hello,
I want to use adminer without password.

I uploaded adminer-4.7.7-en.php file and finding login-password-less plugin
I create file plugins/login-password-less.php with content :

<?php

/** Enable login for password-less database
* @link https://www.adminer.org/plugins/#use
* @author Jakub Vrana, https://www.vrana.cz/
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
*/
class AdminerLoginPasswordLess {
    /** @access protected */
    var $password_hash;
    
    /** Set allowed password
    * @param string result of password_hash
    */
    function __construct($password_hash) {
        $this->password_hash = $password_hash;
    }

    function credentials() {
        $password = get_password();
        return array(SERVER, $_GET["username"], (password_verify($password, $this->password_hash) ? "" : $password));
    }
    
    function login($login, $password) {
        if ($password != "") {
            return true;
        }
    }

}

and reading https://www.adminer.org/plugins/#use I created file adminer.php, which is
located in one dir with adminer-4.7.7-en.php and I created new apache host pointed at this file.

<?php
function adminer_object() {
    // required to run any plugin
    include_once "./plugins/login-password-less.php";

    // autoloader
    foreach (glob("plugins/*.php") as $filename) {
        include_once "./$filename";
    }

    $plugins = array(
        // specify enabled plugins here
        new AdminerLoginPasswordLess(hash("md5", 'my_sql_user_password')),
        //Is the selected "md5" method valid ?

    );


    return new AdminerPlugin($plugins); // I am not sure which class is it and where it is defined ?
}

// include original Adminer or Adminer Editor
include "./adminer-4.7.7-en.php";  // encoded file I uploaded
?>


But I got error :

Fatal error: Uncaught Error: Class 'AdminerPlugin' not found in /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php:32 Stack trace: #0 /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer-4.7.7-en.php(1654): adminer_object() #1 /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php(36): include('/mnt/_work_sdb8...') #2 {main} thrown in /mnt/_work_sdb8/wwwroot/lar/local_adminer/adminer.php on line 32

Which class AdminerPlugin is it and where it is defined ?

How to fix this issue?

Thanks!

Link to comment
Share on other sites

In source version of the site I foun file plugin.php with AdminerPlugin class implementation.
I moved this file under plugins directory.
In plugins/login-password-less.php I added reference to plugins/plugin.php file and added debugging info :

<?php

/** Enable login for password-less database
* @link https://www.adminer.org/plugins/#use
* @author Jakub Vrana, https://www.vrana.cz/
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
*/

include_once "./plugins/plugin.php";

class AdminerLoginPasswordLess {
    /** @access protected */
    var $password_hash;

    /** Set allowed password
    * @param string result of password_hash
    */
    function __construct($password_hash) {
        $this->password_hash = $password_hash;
        debToFile('-2 AdminerLoginPasswordLess->__construct:$this->password_hash::'.$this->password_hash);
        // That is debugging method appending  string into text file
    }

    function credentials() {
        $password = get_password();
        debToFile('-3 AdminerLoginPasswordLess->credentials:$password::'.$password);
        // That is debugging method appending  string into text file
        return array(SERVER, $_GET["username"], (password_verify($password, $this->password_hash) ? "" : $password));
    }

    function login($login, $password) {
        debToFile('-4 AdminerLoginPasswordLess->login:$login::'.$login);
        if ($password != "") {
            debToFile('-5 TRUE AdminerLoginPasswordLess->login:$login::'.$login);
        // That is debugging method appending  string into text file
            return true;
        }
        debToFile('-5 false AdminerLoginPasswordLess->login:$login::'.$login);
    }

}

and in adminer.php I added debugging line:

    $plugins = array(
        new AdminerLoginPasswordLess(hash("md5", 'm8y2s8q&L')),

    );
    debToFile('-1After:AdminerLoginPasswordLess');


I loggin file I see:

<pre>::-2 AdminerLoginPasswordLess->__construct:$this->password_hash::c61d49aaab35ca428e60d764ff05159d</pre>
<pre>::-1After:AdminerLoginPasswordLess</pre>

It means that methods credentials and login of AdminerLoginPasswordLess class are not triggered.
I run in browser as :
http://local-adminer.com/?username=mysql_login_user

or
http://local-adminer.com  // host in apache config

and I have no errors, but I still have to enter password for mysql_login_user.

Did I miss some options/plugins?
 

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.