phpMyAdmin4.9.11登录密码base64加密

发表于： 2025年11月25日 2025年11月25日
分类： phpmyadmin

1. 修改libraries/classes/Plugins/Auth/AuthenticationCookie.php文件

// echo '<input value="' , __('Go') , '" type="submit" id="input_go" />'; 改为 
echo '<input value="' , __('Go') , '" onclick="submit_login();" type="button" id="input_go" />';

/*echo '<input class="g-recaptcha" data-sitekey="'
, htmlspecialchars($GLOBALS['cfg']['CaptchaLoginPublicKey']),'"'
.' data-callback="recaptchaCallback" value="' , __('Go') , '" type="submit" id="input_go" />';*/  改为 
echo '<input class="g-recaptcha" data-sitekey="'
, htmlspecialchars($GLOBALS['cfg']['CaptchaLoginPublicKey']),'"'
.' data-callback="recaptchaCallback" value="' , __('Go') , '" onclick="submit_login();" type="button" id="input_go" />';

# echo '</fieldset>
#</form>';  下面加入 

echo "
<script>
function submit_login(){
var userid = document.getElementById('input_username').value;
var password = window.btoa(document.getElementById('input_password').value);
var set_session = document.getElementById('set_session').value;
var server = document.getElementById('server').value;
var target = document.getElementById('target').value;
var sql_query = document.getElementById('sql_query').value;
var token = document.getElementById('token').value;
post(target, {pma_username: userid, pma_password: password, set_session: set_session, server: server, target: target,token: token, sql_query: sql_query});
}
function post(URL, PARAMS) {
var temp = document.createElement('form');
temp.action = URL;
temp.method = 'post';
temp.style.display = 'none';
for (var x in PARAMS) {
var opt = document.createElement('textarea');
opt.name = x;
opt.value = PARAMS[x];
// alert(opt.name)
temp.appendChild(opt);
}
document.body.appendChild(temp);
temp.submit();
return temp;
}
</script>
";

// echo '<input value="' , __('Go') , '" type="submit" id="input_go" />'; 改为

echo '<input value="' , __('Go') , '" onclick="submit_login();" type="button" id="input_go" />';

/*echo '<input class="g-recaptcha" data-sitekey="'

, htmlspecialchars($GLOBALS['cfg']['CaptchaLoginPublicKey']),'"'

.' data-callback="recaptchaCallback" value="' , __('Go') , '" type="submit" id="input_go" />';*/ 改为

echo '<input class="g-recaptcha" data-sitekey="'

, htmlspecialchars($GLOBALS['cfg']['CaptchaLoginPublicKey']),'"'

.' data-callback="recaptchaCallback" value="' , __('Go') , '" onclick="submit_login();" type="button" id="input_go" />';

# echo '</fieldset>

#</form>'; 下面加入

echo "

function submit_login(){

var userid = document.getElementById('input_username').value;

var password = window.btoa(document.getElementById('input_password').value);

var set_session = document.getElementById('set_session').value;

var server = document.getElementById('server').value;

var target = document.getElementById('target').value;

var sql_query = document.getElementById('sql_query').value;

var token = document.getElementById('token').value;

post(target, {pma_username: userid, pma_password: password, set_session: set_session, server: server, target: target,token: token, sql_query: sql_query});

}

function post(URL, PARAMS) {

var temp = document.createElement('form');

temp.action = URL;

temp.method = 'post';

temp.style.display = 'none';

for (var x in PARAMS) {

var opt = document.createElement('textarea');

opt.name = x;

opt.value = PARAMS[x];

// alert(opt.name)

temp.appendChild(opt);

}

document.body.appendChild(temp);

temp.submit();

return temp;

}

</script>

2. 修改 libraries/common.inc.php 文件

# $_POST['pma_password'] = substr($_POST['pma_password'], 0, 256); 改为
$_POST['pma_password'] = substr(base64_decode($_POST['pma_password']), 0, 256);
  
# $_POST['pma_password'] =$_POST['pma_password']; 改为
$_POST['pma_password'] = base64_decode($_POST['pma_password']);

# $_POST['pma_password'] = substr($_POST['pma_password'], 0, 256); 改为

$_POST['pma_password'] = substr(base64_decode($_POST['pma_password']), 0, 256);

# $_POST['pma_password'] =$_POST['pma_password']; 改为

$_POST['pma_password'] = base64_decode($_POST['pma_password']);

zhangcunzhi

185