diff -u mysql-webadmin/auth.inc mysql/webadmin/auth.inc --- mysql-webadmin/auth.inc Sun May 11 11:28:00 1997 +++ mysql/webadmin/auth.inc Thu May 29 20:36:00 1997 @@ -1,17 +1,43 @@ <? include ("config.inc"); + /* To use this with Roxen 1.1: + + Turn on: Send decoded Password + + modules/scripting/cgi.pike: + + mapping build_env_vars(string f, object id, string|void path_info) + { + + mapping new = ::build_env_vars(f,id,path_info); + if(QUERY(rawauth) && id->rawauth) + new["HTTP_AUTHORIZATION"] = id->rawauth; ++ if(id->realauth) ++ new["REMOTE_USER"] = (id->realauth/":")[0]; + if(QUERY(clearpass) && id->realauth) + new["REMOTE_PASSWORD"] = (id->realauth/":")[1]; + + */ + + + $PHP_AUTH_USER = $REMOTE_USER; + $PHP_AUTH_PW = $REMOTE_PASSWORD; + if(!$PHP_AUTH_USER) { + Header("status: 401 Unauthorized"); + Header("http/1.0 401 Unauthorized"); Header("WWW-authenticate: basic realm=\"MYSQL WEBADMIN\""); - Header("HTTP/1.0 401 Unauthorized"); + Header("kiss me: $PHP_AUTH_USER $PHP_AUTH_PW"); exit; } else { mysql_connect("$hostname","$standarduser","$standarduser_pw"); $rs=mysql("mysql","select User,Password from user where User='$PHP_AUTH_USER' having Password=password('$PHP_AUTH_PW')"); if (mysql_numrows($rs)<=0); $PHP_AUTH_USER=""; - Header("WWW-authenticate: basic realm=\"MYSQL WEBADMIN\""); + Header("status: 401 Unauthorized"); Header("HTTP/1.0 401 Unauthorized"); + Header("WWW-authenticate: basic realm=\"MYSQL WEBADMIN\""); exit; endif; echo "user: $PHP_AUTH_USER"; diff -u mysql-webadmin/edit_data.inc mysql/webadmin/edit_data.inc --- mysql-webadmin/edit_data.inc Fri May 9 20:03:00 1997 +++ mysql/webadmin/edit_data.inc Thu May 29 18:19:00 1997 @@ -3,16 +3,19 @@ $nf=mysql_numrows($rs); echo "<table $tablebg border=1>\n<tr>"; $j=0; - echo "<th> $table_font_tag Fieldname <th> $table_font_tag Type <th> $table_font_tag Key <th> $table_font_tag extra <th> $table_font_tag function<th>"; + echo "<th> $table_font_tag Fieldname <th> $table_font_tag Type <th> $table_font_tag Key <th> $table_font_tag extra <th> $table_font_tag function<th>\n\n"; while($j<$nf); $fn = mysql_result($rs,$j,"Field"); $tt="old$fn"; $$tt=$$fn; - echo "<input TYPE=HIDDEN NAME=$tt VALUE='$$tt'>"; $ft = mysql_result($rs,$j,"Type"); $fk = mysql_result($rs,$j,"Key"); $fe = mysql_result($rs,$j,"Extra"); - echo "\n\t<tr><td> $table_font_tag $fn <td> $table_font_tag $ft <td> $table_font_tag $fk <td> $table_font_tag $fe <td>"; + + $use_textarea=0; + if (ereg("char",$ft)) { $use_textarea=1 ; }; + if (ereg("blob",$ft)) { $use_textarea=1 ; }; + echo "\n\t<tr><td> $table_font_tag $fn <td> $table_font_tag $ft <td> $table_font_tag $fk <td> $table_font_tag $fe <td>\n"; echo "<select name=function$j>"; > <option> @@ -28,7 +31,13 @@ </select> <td> <? - echo "<input name=$fn type=text size=40 value='$$fn'>"; + $temp = urlencode($$tt); + echo "<input TYPE=HIDDEN NAME=$tt VALUE=\"$temp\">"; + if ($use_textarea) { + echo "<textarea name=$fn cols=40 rows=$textarea_rows>$$fn</textarea>\n"; + } else { + echo "<input name=$fn type=text size=40 value='$$fn'>\n"; + } $j++; endwhile; echo "</tr>"; diff -u mysql-webadmin/search.phtml mysql/webadmin/search.phtml --- mysql-webadmin/search.phtml Fri May 9 20:48:04 1997 +++ mysql/webadmin/search.phtml Thu May 29 17:40:14 1997 @@ -99,8 +99,8 @@ endwhile; $i++; if ($show_buttons){ - echo "</td>\n\t<td width=$fl[$j]>\n<input name=action value=delete type=submit><br>\n"; - echo "<input name=action value=insert type=submit><br>\n"; + echo "</td>\n\t<td width=$fl[$j]>\n<input name=action value=delete type=submit>\n"; + echo "<input name=action value=insert type=submit>\n"; echo "<input name=action value=edit type=submit></FORM>\n"; } echo "</td></tr>"; diff -u mysql-webadmin/update.phtml mysql/webadmin/update.phtml --- mysql-webadmin/update.phtml Fri May 9 19:02:18 1997 +++ mysql/webadmin/update.phtml Thu May 29 18:18:14 1997 @@ -25,17 +25,19 @@ $qr += "$fn = "; + $data = urldecode($$fn); + $funct="function$j"; if ($$funct); $$funct=substr($$funct,0,strlen($$funct)-2); echo $funct; if ($$fn); - $qr += "$$funct('$$fn')"; + $qr += "$$funct('$data')"; else; $qr += "$$funct()"; endif; else; - $qr += "'$$fn'"; + $qr += "'$data'"; endif;