Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-07 22:06:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug fix: elimite login via url parameters

Browse Source
This commit is contained in:
usmannasir
2024-01-22 22:28:29 +05:00
parent 345f37bd83
commit a16884bdfd
4 changed files with 155 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
databases/static/databases/databases.js
View File

@@ -589,8 +589,34 @@ app.controller('phpMyAdmin', function ($scope, $http, $window) {
function ListInitialDatas(response) { function ListInitialDatas(response) {
$scope.cyberPanelLoading = true; $scope.cyberPanelLoading = true;
if (response.data.status === 1) { if (response.data.status === 1) {
var rUrl = '/phpmyadmin/phpmyadminsignin.php?username=' + response.data.username + '&token=' + response.data.token; //var rUrl = '/phpmyadmin/phpmyadminsignin.php?username=' + response.data.username + '&token=' + response.data.token;
$window.location.href = rUrl; //$window.location.href = rUrl;
var form = document.createElement('form');
form.method = 'post';
form.action = '/phpmyadmin/phpmyadminsignin.php';
// Create input elements for username and token
var usernameInput = document.createElement('input');
usernameInput.type = 'hidden';
usernameInput.name = 'username';
usernameInput.value = response.data.username;
var tokenInput = document.createElement('input');
tokenInput.type = 'hidden';
tokenInput.name = 'token';
tokenInput.value = response.data.token;
// Append input elements to the form
form.appendChild(usernameInput);
form.appendChild(tokenInput);
// Append the form to the body
document.body.appendChild(form);
// Submit the form
form.submit();
} else { } else {
} }

44
databases/templates/databases/AutoLogin.html Normal file
View File

@@ -0,0 +1,44 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Auto login for {{ url }}</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
</head>
<body>
<span style="display: none" id="userName">{{ userName }}</span>
<span style="display: none" id="password">{{ password }}</span>
<form style="display: none" name="loginform" id="loginform" action="/phpmyadmin/phpmyadminsignin.php" method="post">
{% csrf_token %}
<p>
<label for="user_login">Username or Email Address</label>
<input type="text" name="username" id="user_login" class="input" value="" size="20" autocapitalize="off"/>
</p>
<div class="user-pass-wrap">
<label for="user_pass">Password</label>
<div class="wp-pwd">
<input type="password" name="password" id="user_pass" class="input password-input" value="" size="20"/>
<button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0"
aria-label="Show password">
<span class="dashicons dashicons-visibility" aria-hidden="true"></span>
</button>
</div>
</div>
<p class="forgetmenot"><input name="rememberme" type="checkbox" id="rememberme" value="forever"/> <label
for="rememberme">Remember Me</label></p>
<p class="submit">
<input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large"
value="Log In"/>
<input type="hidden" name="redirect_to" value="{{ url }}/wp-admin"/>
{# <input type="hidden" name="testcookie" value="1"/>#}
</p>
</form>
<script>
document.getElementById("user_login").value = $("#userName").text();
document.getElementById("user_pass").value = $("#password").text();
document.forms["loginform"].submit();
</script>
</body>
</html>

58
databases/views.py
View File

@@ -2,6 +2,7 @@
from django.shortcuts import redirect, HttpResponse from django.shortcuts import redirect, HttpResponse
from django.views.decorators.csrf import csrf_exempt
from cloudAPI.cloudManager import CloudManager from cloudAPI.cloudManager import CloudManager
from loginSystem.views import loadLoginPage from loginSystem.views import loadLoginPage
@@ -251,7 +252,7 @@ def generateAccess(request):
json_data = json.dumps(data_ret) json_data = json.dumps(data_ret)
return HttpResponse(json_data) return HttpResponse(json_data)
@csrf_exempt
def fetchDetailsPHPMYAdmin(request): def fetchDetailsPHPMYAdmin(request):
try: try:
@@ -259,8 +260,15 @@ def fetchDetailsPHPMYAdmin(request):
admin = Administrator.objects.get(id=userID) admin = Administrator.objects.get(id=userID)
currentACL = ACLManager.loadedACL(userID) currentACL = ACLManager.loadedACL(userID)
token = request.GET.get('token')
username = request.GET.get('username')
token = request.POST.get('token')
username = request.POST.get('username')
from plogical.httpProc import httpProc
proc = httpProc(request, None,
)
#return proc.ajax(0, str(request.POST.get('token')))
if username != admin.userName: if username != admin.userName:
return redirect(loadLoginPage) return redirect(loadLoginPage)
@@ -280,20 +288,37 @@ def fetchDetailsPHPMYAdmin(request):
mysqluser = jsonData['mysqluser'] mysqluser = jsonData['mysqluser']
password = jsonData['mysqlpassword'] password = jsonData['mysqlpassword']
returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % ( # returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (
mysqluser, password) # mysqluser, password)
return redirect(returnURL) # return redirect(returnURL)
data = {}
data['userName'] = mysqluser
data['password'] = password
except BaseException:
proc = httpProc(request, 'databases/AutoLogin.html',
data, 'admin')
return proc.render()
except BaseException as msg:
f = open(passFile) f = open(passFile)
data = f.read() data = f.read()
password = data.split('\n', 1)[0] password = data.split('\n', 1)[0]
password = password.strip('\n').strip('\r') password = password.strip('\n').strip('\r')
returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % ( data = {}
'root', password) data['userName'] = 'root'
return redirect(returnURL) data['password'] = password
# return redirect(returnURL)
proc = httpProc(request, 'databases/AutoLogin.html',
data, 'admin')
return proc.render()
# returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (
# 'root', password)
# return redirect(returnURL)
keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName) keySavePath = '/home/cyberpanel/phpmyadmin_%s' % (admin.userName)
key = ProcessUtilities.outputExecutioner('cat %s' % (keySavePath)).strip('\n').encode() key = ProcessUtilities.outputExecutioner('cat %s' % (keySavePath)).strip('\n').encode()
@@ -306,8 +331,17 @@ def fetchDetailsPHPMYAdmin(request):
for db in site.databases_set.all(): for db in site.databases_set.all():
mysqlUtilities.addUserToDB(db.dbName, admin.userName, password.decode(), 0) mysqlUtilities.addUserToDB(db.dbName, admin.userName, password.decode(), 0)
returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password.decode()) data = {}
return redirect(returnURL) data['userName'] = admin.userName
data['password'] = password.decode()
# return redirect(returnURL)
proc = httpProc(request, 'databases/AutoLogin.html',
data, 'admin')
return proc.render()
# returnURL = '/phpmyadmin/phpmyadminsignin.php?username=%s&password=%s' % (admin.userName, password.decode())
# return redirect(returnURL)
else: else:
return redirect(loadLoginPage) return redirect(loadLoginPage)

69
plogical/phpmyadminsignin.php
View File

@@ -3,52 +3,57 @@
define("PMA_SIGNON_INDEX", 1); define("PMA_SIGNON_INDEX", 1);
try{ try {
define('PMA_SIGNON_SESSIONNAME', 'SignonSession');
define('PMA_DISABLE_SSL_PEER_VALIDATION', TRUE);
define('PMA_SIGNON_SESSIONNAME', 'SignonSession'); if (isset($_POST['token'])) {
define('PMA_DISABLE_SSL_PEER_VALIDATION', TRUE);
if(isset($_GET['token'])){ ### Get credentials using the token
### Get credentials using the token $token = $_POST['token'];
$username = $_POST['username'];
$token = $_GET['token']; //$url = "/dataBases/fetchDetailsPHPMYAdmin?token=" . $token . '&username=' . $username;
$username = $_GET['username']; $url = "/dataBases/fetchDetailsPHPMYAdmin";
$url = "/dataBases/fetchDetailsPHPMYAdmin?token=" . $token . '&username=' . $username; // header('Location: ' . $url);
header('Location: ' . $url); // Redirect with POST data
} echo '<form id="redirectForm" action="' . $url . '" method="post">';
else if(isset($_GET['logout'])){ echo '<input type="hidden" value="' . $token . '" name="token">';
$params = session_get_cookie_params(); echo '<input type="hidden" value="' . $username . '" name="username">';
setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); echo '</form>';
session_destroy(); echo '<script>document.getElementById("redirectForm").submit();</script>';
header('Location: /dataBases/phpMyAdmin');
return;
}
else if(isset($_GET['password'])){
session_name(PMA_SIGNON_SESSIONNAME); } else if (isset($_POST['logout'])) {
@session_start(); $params = session_get_cookie_params();
setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
session_destroy();
header('Location: /base/');
return;
} else if (isset($_POST['password'])) {
$username = $_GET['username']; session_name(PMA_SIGNON_SESSIONNAME);
$password = $_GET['password']; @session_start();
$_SESSION['PMA_single_signon_user'] = $username; $username = $_POST['username'];
$_SESSION['PMA_single_signon_password'] = $password; $password = $_POST['password'];
$_SESSION['PMA_single_signon_host'] = 'localhost';
$_SESSION['PMA_single_signon_user'] = $username;
$_SESSION['PMA_single_signon_password'] = $password;
$_SESSION['PMA_single_signon_host'] = 'localhost';
@session_write_close(); @session_write_close();
header('Location: /phpmyadmin/index.php?server=' . PMA_SIGNON_INDEX); header('Location: /phpmyadmin/index.php?server=' . PMA_SIGNON_INDEX);
} }
}catch (Exception $e) { } catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n"; echo 'Caught exception: ', $e->getMessage(), "\n";
$params = session_get_cookie_params(); $params = session_get_cookie_params();
setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
session_destroy(); session_destroy();
header('Location: /dataBases/phpMyAdmin'); header('Location: /dataBases/phpMyAdmin');
return; return;
} }