Scope phpMyAdmin SSO to one database, fix logout, reset create form

After live testing on the real server, three follow-up issues surfaced:

- PhpMyAdminSso granted the temporary SSO MySQL role access to every
  database the account owns, not just the one the "Zaloguj do bazy"
  button was clicked for, so phpMyAdmin showed all databases. Extract
  determineGrantTargets() and scope the GRANT to only the requested
  database; also set phpMyAdmin's only_db from the SSO session so the
  UI itself only shows that database.

- phpMyAdmin's LogoutURL pointed at da_login.php with no ticket, which
  always produced "Missing or invalid phpMyAdmin login ticket." on
  logout. Add a DIRECTADMIN_PANEL_PORT setting (default 2222) and
  point LogoutURL at the plugin's own database list
  (/CMD_PLUGINS/alt-mysql/index.html) instead.

- The create-database form kept echoing back the just-submitted
  values after a successful creation, forcing manual clearing before
  creating the next database. Clear the relevant $_POST keys once
  creation succeeds so the form resets while still preserving sticky
  values on validation failure.

Bump version to 1.2.14 and rebuild the release archive.
This commit is contained in:
Marek Miklewicz
2026-07-04 20:38:04 +02:00
parent abbeaf67ec
commit 1560759c51
11 changed files with 140 additions and 9 deletions
+1
View File
@@ -25,6 +25,7 @@ final class PhpMyAdminRuntimeConfig
'host' => 'dynamic:' . basename($settings->mysqlCredentialsFile()),
'credentials_file' => $settings->mysqlCredentialsFile(),
'client_bin_dir' => $settings->mysqlClientBinDir(),
'directadmin_panel_port' => $settings->directAdminPanelPort(),
'updated_at' => time(),
];
+10 -1
View File
@@ -60,7 +60,7 @@ final class PhpMyAdminSso
$this->db->createTemporaryRole($role, $password, $expiresAt);
try {
foreach ($databaseNames as $dbName) {
foreach (self::determineGrantTargets($targetDatabase, $databaseNames) as $dbName) {
$this->db->grantTemporaryAdminerAccess($dbName, $role);
}
} catch (Throwable $e) {
@@ -86,6 +86,15 @@ final class PhpMyAdminSso
];
}
/**
* @param string[] $ownedDatabases
* @return string[]
*/
private static function determineGrantTargets(string $targetDatabase, array $ownedDatabases): array
{
return in_array($targetDatabase, $ownedDatabases, true) ? [$targetDatabase] : [];
}
private function buildPhpMyAdminLoginUrl(string $database, string $ticket): string
{
$query = http_build_query([
+6
View File
@@ -309,6 +309,12 @@ final class Settings
return $ttl;
}
public function directAdminPanelPort(): string
{
$port = trim($this->getString('DIRECTADMIN_PANEL_PORT', '2222'));
return ctype_digit($port) && $port !== '' ? $port : '2222';
}
public function phpMyAdminIntegrationWarning(): string
{
if (!$this->getBool('ENABLE_PHPMYADMIN', $this->getBool('ENABLE_ADMINER', true))) {