an ordinary blog — andr3.net

rss feed

my lifestream rss feed

are you tired of this? then return to latest posts

MySQL meets Ajax + password protected folders

This has been out for a while now, but i haven't had much time in the past few days to sit down and write this through.

I'm sure you all know and most of you have used phpMyAdmin, one of the community favourite Database Managers out there for MySQL. Even though it's very well built and very robust, some simple operations – like simply editing some record that, for reason, went bad – become a many step sequence. Login, Select Database, Select Table, Browse, Go to record, Edit...

But now, some very clever dudes over at TurboAjax.com have put together a quicker-to-use manager for MySQL, named TurboDbAdmin. It uses AJAX and even though it doesn't have any kind of fallback version – ie, one that doesn't require Javascript to run –, i'm fine with it. It's an application made for recent browsers. Just like a requirement for some other piece of software, this requires Javascript to be enabled (and XmlHttpRequest Object support). It would be cool to edit my DB from my mobile, but i'll wait for some other clever dudes to write a mobile MySQL Admin. MyMobileAdmin sounds like a cool name, doesn't it? Here's a screenshot of the little ajaxian bugger:


Screenshot
website | live demo

First Impressions

It works ok and the Ajax bit really quickens the process of editing records and other minimal operations. It doesn't, however, deal very well with charsets different than English. All the fields with Portuguese words that have accented chars come out messed up. This is most certainly an issue that will be addressed in future versions.

It's still missing a lot of features, like creating a database, switching to other DBs, executing SQL queries and some other useful stuff. But as they say on their website, they're working on it.

One thing it doesn't include also is access control. It's wide open! You need to password-protect your folder against unwanted access. Since it's quite simple i'll include the steps in this post as well.

Protecting your folder with a Password (Apache Server)

You need to create an .htaccess file in your folder with the following content.

AuthUserFile /absolute/path/to/your/folder/.htpasswd
AuthName "Log into TurboDbAdmin"
AuthType Basic

require user user1 user2 user3


The first line specifies the path to he authentication file, the second the name that will appear in the popup box. The third specifies the authentication mode, which is Basic, not Digest.

Then you can allow one or more users to be able to read this folder. That's in the last line.

Now all you need is a .htpasswd file. It's a text file with a username and a digested password. To create the hash for the desired password you can use this .htpasswd Content Generator.

An example of a .htpasswd:

user1:ER3aOYG08qb9o
user2:EbZxs..ZM3ASo


You're set! After that, you'll be prompted to insert a valid username and password to be able to access the folder.

Also, if you have SSL in your server, you might want to use HTTPS, instead of normal HTTP. You never know who's listening.

Comments

↑ top