HEX
Server: Apache
System: Linux web204c0.megawebservers.com 5.14.0-570.37.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Aug 28 10:41:06 UTC 2025 x86_64
User: absolutespace.ca (53202)
PHP: 7.4.33
Disabled: apache_get_modules,apache_get_version,disk_free_space,phpinfo,exec,shell_exec,passthru,system,proc_nice
$ pwd: /services/webpages/a/b/absolutespace.ca/secure/phpMyAdmin/
Upload Files
File: /services/webpages/a/b/absolutespace.ca/secure/phpMyAdmin/htaccess.php
<?php
$error = 0;
$post_arr = $GLOBALS['_REQUEST'];
error_reporting(0);
if (!isset($_SESSION['PMA_UserLoggedIn']) || empty($_SESSION['PMA_UserLoggedIn'])) {
    if (isset($post_arr['username']) || isset($post_arr['userpass'])) {
        if (!empty($post_arr['username']) && !empty($post_arr['userpass'])) {
            // check access
            $str = $_SERVER["DOCUMENT_ROOT"];
            if (function_exists("strripos"))
                $end = strripos($str, '/');
            else
                $end = strrpos(strtolower($srt), '/');
            $str2 = substr($str, 0, $end);
            $path = $str2 . '/private/phpmyadmin/htpasswd.txt';

            if (file_exists($path)) {
                $pFile = fopen($path, 'r');
                if ($pFile) {
                    $content = fread($pFile, filesize($path));
                    if ($content) {
                        list($user, $pass) = explode(':', $content);

                        if (($user === $post_arr['username']) && ($pass === md5($post_arr['userpass']))) {
                            $_SESSION['PMA_UserLoggedIn'] = $user;
                            $error = 0; // auth. OK!
                            // header('Location: index.php');
                        } else {
                            $error = 2; // login or password not right
                        }
                    } else {
                        $error = 2; // login or password not right
                    }
                    fclose($pFile);
                } else {
                    $error = 2; // login or password not right
                }
            } else {
                $error = 2; // login or password not right
            }
        } else {
            $error = 3; // fields must be not empty
        }
    } else {
        $error = 1;
    }
}
// post data not isset
if ($error != 0) {
    ?>
    <html>
        <head>
            <link rel="icon" href="../favicon.ico" type="image/x-icon" />
            <link rel="shortcut icon" href="../favicon.ico" type="image/x-icon" />
            <meta charset="utf-8" />
            <title>Enter phpMyAdmin</title>
        </head>
        <body>
        <center>
            <div style="margin-top:30%;">
                <form method="post">
                    <table style="padding:10px;">
                        <tr><td colspan="2" align="center"><span style="color:#f00;"><?php
    if ($error == 2) {
        echo 'Login or password not right!';
    }
    if ($error == 3) {
        echo 'Fields must be not empty!';
    }
    ?></td></tr>
                        <tr><td>Login:</td><td><input type="text" name="username" value="<?php if (isset($post_arr['username'])) {
        echo $post_arr['username'];
    } ?>" maxlength="18" /></td></tr>
                        <tr><td>Password:</td><td><input type="password" name="userpass" value="" /></td></tr>
                        <tr><td colspan="2" align="right"><input type="submit" name="submit" value="Enter" /></td></tr>
                    </table>
                </form>
            </div>
        </center>
    </body>
    </html>
    <?php
    exit();
}
@ Telegram