PHP中要求用户输入服务器的超级用户/root密码
我正在用 PHP 制作一个名为 NCIV 的系统。在该系统中,您可以更改 settings.php 中的设置,这允许系统管理员启用或禁用 MySQL 而不是一堆文本文件的使用。 但是,如果站点已有内容,则更改该设置会将所有数据从 MySQL 数据库移至/移至基于文本文件的数据库(根据设置的值)。这是代码:
/*******************************************************/
/* __ __ _____ _ _ _____ _ _ _____ */
/* \ \ / /\ | __ \| \ | |_ _| \ | |/ ____| */
/* \ \ /\ / / \ | |__) | \| | | | | \| | | __ */
/* \ \/ \/ / /\ \ | _ /| . ` | | | | . ` | | |_ | */
/* \ /\ / ____ \| | \ \| |\ |_| |_| |\ | |__| | */
/* \/ \/_/ \_\_| \_\_| \_|_____|_| \_|\_____| */
/* */
/* CHANGING ["server"]["mysql"] WHILE THE SITE IS */
/* ALREADY IN USE WILL MIGRATE ALL DATA TO THE */
/* MySQL DATABASE IF TRUE */
/* OR TO THE TEXTUAL DATABASE IF FALSE!! */
/* */
/* IF YOU HAVE A HUGE SITE, THIS CAN TAKE A FEW HOURS */
/* OR EVEN A FEW DAYS OR WEEKS!! */
/* PLEASE ONLY CHANGE THIS SETTING IF YOU HAVE */
/* JUST INSTALLED NCIV! */
/* */
/* */
/* */
/* REMOVING OR MODIFYING THIS WARNING WILL TAKE THE */
/* ENTIRE SITE OFFLINE! */
/* */
/* YOU WILL NEED TO ENTER THE */
/* SERVER'S SUPERUSER/ROOT PASSWORD AFTER CHANGING */
/* THIS SETTING! */
/* */
/* NEVER TRY TO MIGRATE THE DATA MANUALLY! */
/*******************************************************/
$GLOBALS["NCIV"]["server"]["mysql"] = FALSE; //Enable MySQL? See the WARNING above!
设置更改后,有没有办法检查用户在 PHP 中输入的超级用户/root 密码是否正确?
提前致谢!
I'm making a system called NCIV in PHP. In that system you can change a setting in settings.php, which allows the system's admin to enable or disable the usage of MySQL rather then a bunch of text files.
However, changing that setting if the site already has content, will move all the data from/to the MySQL Database to/from the text-file based database (according to the setting's value). This is the code:
/*******************************************************/
/* __ __ _____ _ _ _____ _ _ _____ */
/* \ \ / /\ | __ \| \ | |_ _| \ | |/ ____| */
/* \ \ /\ / / \ | |__) | \| | | | | \| | | __ */
/* \ \/ \/ / /\ \ | _ /| . ` | | | | . ` | | |_ | */
/* \ /\ / ____ \| | \ \| |\ |_| |_| |\ | |__| | */
/* \/ \/_/ \_\_| \_\_| \_|_____|_| \_|\_____| */
/* */
/* CHANGING ["server"]["mysql"] WHILE THE SITE IS */
/* ALREADY IN USE WILL MIGRATE ALL DATA TO THE */
/* MySQL DATABASE IF TRUE */
/* OR TO THE TEXTUAL DATABASE IF FALSE!! */
/* */
/* IF YOU HAVE A HUGE SITE, THIS CAN TAKE A FEW HOURS */
/* OR EVEN A FEW DAYS OR WEEKS!! */
/* PLEASE ONLY CHANGE THIS SETTING IF YOU HAVE */
/* JUST INSTALLED NCIV! */
/* */
/* */
/* */
/* REMOVING OR MODIFYING THIS WARNING WILL TAKE THE */
/* ENTIRE SITE OFFLINE! */
/* */
/* YOU WILL NEED TO ENTER THE */
/* SERVER'S SUPERUSER/ROOT PASSWORD AFTER CHANGING */
/* THIS SETTING! */
/* */
/* NEVER TRY TO MIGRATE THE DATA MANUALLY! */
/*******************************************************/
$GLOBALS["NCIV"]["server"]["mysql"] = FALSE; //Enable MySQL? See the WARNING above!
Is there a way to check if the user entered the correct superuser/root password in PHP after the setting has changed?
Thanks in advance!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
嗯,总有PAM...但这是一个非常非常 em>,非常坏主意。
另外,请记住诸如共享托管之类的事情,用户不会拥有 root 权限。
如果这个设置如此危险,也许你应该重新考虑它,即使它是一个开始的设置。
Well, there's always PAM... but this is a very, very, very bad idea.
Also, keep in mind things like, say, shared hosting, where the user won't have root.
If this setting is so dangerous, perhaps you should reconsider it even being a setting to begin with.