DB-Verwaltung

' . h($e->getMessage()) . '

'); exit; } $appPage = (string)($_GET['page'] ?? 'login'); // login|register $appAction = (string)($_GET['auth'] ?? ''); if ($appAction === 'logout') { adminer_app_logout(); header('Location: /adminer', true, 302); exit; } // Handle app login $appError = null; if ($_SERVER['REQUEST_METHOD'] === 'POST' && (string)($_POST['action'] ?? '') === 'app_login') { $u = (string)($_POST['username'] ?? ''); $p = (string)($_POST['password'] ?? ''); $res = adminer_app_try_login($u, $p); if (!empty($res['ok'])) { header('Location: /adminer', true, 302); exit; } $appError = (string)($res['error'] ?? 'Login fehlgeschlagen.'); $appPage = 'login'; } // Handle registration $appRegError = null; $appRegOk = null; if ($_SERVER['REQUEST_METHOD'] === 'POST' && (string)($_POST['action'] ?? '') === 'app_register') { $u = (string)($_POST['username'] ?? ''); $p1 = (string)($_POST['password'] ?? ''); $p2 = (string)($_POST['password2'] ?? ''); $res = adminer_app_try_register($u, $p1, $p2); if (!empty($res['ok'])) { // Auto-login after register $loginRes = adminer_app_try_login($u, $p1); if (!empty($loginRes['ok'])) { header('Location: /adminer', true, 302); exit; } $appRegOk = 'Registrierung erfolgreich. Bitte einloggen.'; $appPage = 'login'; } else { $appRegError = (string)($res['error'] ?? 'Registrierung fehlgeschlagen.'); $appPage = 'register'; } } if (!adminer_app_is_logged_in()) { $canRegister = adminer_app_allow_register(); $body = '

DB-Verwaltung

Login

'; $body .= '

'; // Tabs $body .= '

' . 'Login' . ($canRegister ? 'Registrieren' : '') . '

'; if ($appRegOk) { $body .= '

' . h($appRegOk) . '

'; } if ($appPage === 'register') { if (!$canRegister) { $body .= '

Registrierung ist deaktiviert.

'; } else { if ($appRegError) $body .= '

' . h($appRegError) . '

'; $body .= '

Registrieren

'; $body .= ''; $body .= '

Dein Account wird in FabianWebsite.adminer_users gespeichert.

'; } } else { if ($appError) $body .= '

' . h($appError) . '

'; $body .= '

Login

'; $body .= ''; if ($canRegister) { $body .= '

Noch kein Account? Registrieren

'; } } $body .= '

'; admin_layout('DB-Verwaltung', $body); exit; } require_once __DIR__ . '/auth.php'; admin_session_start(); $action = (string)($_GET['a'] ?? ''); if ($action === 'logout') { admin_logout(); header('Location: /adminer', true, 302); exit; } // ── DB-Auswahl (Step 1) ─────────────────────────────────────────────────── // Wir speichern Host/Port/User/Pass kurz in der Session, um die DB-Liste zu holen. if (!isset($_SESSION['db_admin_select'])) { $_SESSION['db_admin_select'] = []; } $selectError = null; $selectMsg = null; if ($_SERVER['REQUEST_METHOD'] === 'POST' && (string)($_POST['action'] ?? '') === 'probe') { $host = trim((string)($_POST['host'] ?? '')); $port = (int)($_POST['port'] ?? 3306); $user = trim((string)($_POST['user'] ?? '')); $pass = (string)($_POST['pass'] ?? ''); if ($host === '' || $port <= 0 || $user === '') { $selectError = 'Bitte Host, Port und Benutzer angeben.'; } else { try { $dsn = sprintf('mysql:host=%s;port=%d;charset=utf8mb4', $host, $port); $pdo = new PDO($dsn, $user, $pass, [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, ]); $dbs = $pdo->query('SHOW DATABASES')->fetchAll(PDO::FETCH_COLUMN, 0); $_SESSION['db_admin_select'] = [ 'host' => $host, 'port' => $port, 'user' => $user, 'pass' => $pass, 'dbs' => $dbs, ]; $selectMsg = 'Datenbanken geladen.'; } catch (Throwable $e) { $selectError = 'Konnte Datenbanken nicht laden: ' . $e->getMessage(); } } } // Login (Step 2) $error = null; if ($_SERVER['REQUEST_METHOD'] === 'POST' && (string)($_POST['action'] ?? '') === 'login') { $host = trim((string)($_POST['host'] ?? '')); $port = (int)($_POST['port'] ?? 3306); $user = trim((string)($_POST['user'] ?? '')); $pass = (string)($_POST['pass'] ?? ''); $db = trim((string)($_POST['db'] ?? '')); $res = admin_try_login($host, $port, $user, $pass, $db); if ($res['ok']) { header('Location: /adminer', true, 302); exit; } $error = (string)($res['error'] ?? 'Login fehlgeschlagen.'); } $defaults = admin_default_creds(); $selectState = is_array($_SESSION['db_admin_select']) ? $_SESSION['db_admin_select'] : []; // UI when not logged in if (!admin_is_logged_in()) { $prefHost = isset($selectState['host']) ? (string)$selectState['host'] : (string)$defaults['host']; $prefPort = isset($selectState['port']) ? (int)$selectState['port'] : (int)$defaults['port']; $prefUser = isset($selectState['user']) ? (string)$selectState['user'] : (string)$defaults['user']; $prefPass = isset($selectState['pass']) ? (string)$selectState['pass'] : ''; $dbList = isset($selectState['dbs']) && is_array($selectState['dbs']) ? $selectState['dbs'] : []; $body = "

DB-Verwaltung

Mini-Admin

"; $body .= "

"; $body .= "

Zuerst Verbindungsdaten prüfen (ohne DB), dann bekommst du eine Datenbank-Auswahl. Defaults kommen aus .env.

"; if ($selectMsg) $body .= '

' . h($selectMsg) . '

'; if ($selectError) $body .= '

' . h($selectError) . '

'; if ($error) $body .= '

' . h($error) . '

'; // Step 1: Probe $body .= "

1) Verbindung testen & Datenbanken laden

"; $body .= ""; // Step 2: Login $body .= "

"; $body .= "

2) Login in Datenbank

"; $body .= ""; $body .= "

"; admin_layout('DB-Verwaltung', $body); exit; } // Logged-in area try { $pdo = admin_pdo(); $table = (string)($_GET['t'] ?? ''); $page = max(1, (int)($_GET['p'] ?? 1)); $limit = 50; $offset = ($page - 1) * $limit; $msg = null; $queryResultHtml = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST' && (string)($_POST['action'] ?? '') === 'query') { $sql = trim((string)($_POST['sql'] ?? '')); if ($sql !== '') { // Allow multiple statements? No. Keep minimal & safer. if (preg_match('/;\s*\S/', $sql)) { $msg = ['type' => 'err', 'text' => 'Bitte nur ein Statement ohne zusätzliche Semikolons ausführen.']; } else { try { $stmt = $pdo->query($sql); if ($stmt instanceof PDOStatement) { $rows = $stmt->fetchAll(); $queryResultHtml .= '

Ergebnis

'; $queryResultHtml .= admin_render_table($rows); $msg = ['type' => 'ok', 'text' => 'Query ausgeführt.']; } else { $msg = ['type' => 'ok', 'text' => 'Statement ausgeführt.']; } } catch (Throwable $e) { $msg = ['type' => 'err', 'text' => 'Fehler: ' . $e->getMessage()]; } } } } // Build left nav tables $tables = $pdo->query('SHOW TABLES')->fetchAll(PDO::FETCH_NUM); $body = '

' . '

DB-Verwaltung

eingeloggt

' . '

' . 'App-Logout' . 'DB-Logout' . '

' . '

'; $body .= '

'; $body .= '

' . '

Tabellen

' . '

Klick zum Anzeigen

'; if (empty($tables)) { $body .= '

Keine Tabellen gefunden.

'; } else { $body .= '

' . h($tname) . '

'; } $body .= '

'; $body .= '

'; if ($msg) { $cls = $msg['type'] === 'ok' ? 'notice ok' : 'notice err'; $body .= '

' . h($msg['text']) . '

'; } // Browse table if ($table !== '') { // naive identifier quoting for MySQL if (!preg_match('/^[A-Za-z0-9_]+$/', $table)) { $body .= '

Ungültiger Tabellenname.

'; } else { $body .= '

Tabelle: `' . h($table) . '`

'; $stmt = $pdo->query('SELECT * FROM `' . $table . '` LIMIT ' . (int)$limit . ' OFFSET ' . (int)$offset); $rows = $stmt->fetchAll(); $body .= admin_render_table($rows); $body .= '

'; if ($page > 1) { $body .= '← Zurück'; } $body .= 'Weiter →'; $body .= '

'; } $body .= '

'; } // Query box $body .= '

SQL Query

'; $body .= ''; $body .= $queryResultHtml; $body .= '

'; // card $body .= '

'; // grid admin_layout('DB-Verwaltung', $body); } catch (Throwable $e) { // Session invalid, force re-login admin_logout(); admin_layout('DB-Verwaltung', '

DB-Verwaltung

' . h($e->getMessage()) . '

'); } function admin_render_table(array $rows): string { if (empty($rows)) { return '

(keine Zeilen)

'; } $cols = array_keys((array)$rows[0]); $html = ''; foreach ($cols as $c) { $html .= ''; } $html .= ''; foreach ($rows as $r) { $html .= ''; foreach ($cols as $c) { $v = $r[$c] ?? null; if ($v === null) { $cell = 'NULL'; } else { $s = (string)$v; $cell = strlen($s) > 500 ? h(substr($s, 0, 500)) . '…' : h($s); } $html .= ''; } $html .= ''; } $html .= '

' . h((string)$c) . '
' . $cell . '

'; return $html; }