How I fixed phpMiniAdmin (v 1.9.170312)

Thursday, 18 May, Year 9 d.Tr. | Author: Mircea Popescu

Motto : I'ma ignore this nonsense
coming from a fella who doesn't program.

Recently I found myself in need of a web db interface ; don't ask why or how and I won't have to tell you.

Turns out such a thing actually exists : phpMiniAdmin by OSAlabs aka Oleg Savchuki is a 40kb, single-file interface so you don't have to type all your selects by hand all the time until you fall over.ii Here you have it : phpminiadmin v1.9.170312 (edited). Supposedly this is the latest version.

The above item is not, however, the file you can download from the author directly. Why not ? Well, because after a cursory read through (turns out it doesn't actually take half an hour to read through 40kb of php, provided of course one doesn't program) and dumping it on the afflicted server, it turned out it... didn't work!

Specifically -- in the original v 1.9.170312, pressing "Go" did nothing useful, but instead simply dumped one to a generic screen, as if he had tried to execute an empty string. Why the hell was it doing that ?

Turns out finding out why the hell it did that doesn't actually take one ten minutesiii : line 497 (of 1`278 total, if you care) read simply

<input type="submit" name="GoSQL" value="Go" class="sbtn">

instead of the obviously preferable

<input type="submit" name="GoSQL" value="Go" class="sbtn" onclick="$('q').value=window.btoa($('qraw').value);">

Consequently, when you clicked Go it simply tried to execute a null string as a query, no matter what you put in the box. But thanks to the magic of not programming, it doesn't do that anymore.

Be so kind as to point this out to the original author, if you have some manner of contacting him ; and always remember : of the people who don't fuck pigs, only some don't fuck pigs because they've no penises.

  1. Elance nowadays (obtained via acquihire of "") with some pretense to independence on the side (but the site no longer loads). []
  2. Yes, yes, I'm sure you configured your emacs in such a way it does all the explains by itself and other magics. Some fellas don't program. []
  3. Provided, of course, one doesn't program and consequently finds himself stuck trying to find out what's the native javascript implementation for base64 and then trying to figure out wtf is actually going on with their insane notation model, should it be object.global_function() or global_function(object) or wtf. As it turns out it's global.function(object.value), with a bonus smattering of $("quoted name") for optimal syntactical confusion. Thanks god one doesn't program, else that one might be mightily pissed off by all the delicate geniusing stuffed in all the nooks. []
Category: Meta psihoza
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

2 Responses

  1. The code is fine as it is, should populate q via

    $('q').value=btoa(encodeURIComponent($('qraw').value).replace(/%([0-9A-F]{2})/g,function(m,p){return String.fromCharCode('0x'+p)}));

    in F.addEventListener('submit',function(e){

    For some reason this doesn't fire on your system I take it.

  2. Mircea Popescu`s avatar
    Mircea Popescu 
    Thursday, 18 May 2017

    Indeed it does not. I'm not entirely convinced it would work even with that, wtf is the gnarl, htmlencode then replace escaped items with the result of a function holy god.

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.