From 65f6b7af64330e01cae7dd4c8240723dc20049fb Mon Sep 17 00:00:00 2001
From: master3395 <master3395@users.noreply.github.com>
Date: Fri, 27 Mar 2026 13:40:21 +0100
Subject: [PATCH] fix phpmyadmin signin endpoint not found

Restore the missing phpMyAdmin sign-in bridge file so CyberPanel DB login no longer returns 404 on /phpmyadmin/phpmyadminsignin.php.
---
 public/phpmyadmin/phpmyadminsignin.php | 68 ++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 public/phpmyadmin/phpmyadminsignin.php

diff --git a/public/phpmyadmin/phpmyadminsignin.php b/public/phpmyadmin/phpmyadminsignin.php
new file mode 100644
index 000000000..1ac2461e9
--- /dev/null
+++ b/public/phpmyadmin/phpmyadminsignin.php
@@ -0,0 +1,68 @@
+<?php
+
+
+define("PMA_SIGNON_INDEX", 1);
+
+try {
+    define('PMA_SIGNON_SESSIONNAME', 'SignonSession');
+    define('PMA_DISABLE_SSL_PEER_VALIDATION', TRUE);
+
+    // Handle both GET and POST parameters for token and username
+    $token = isset($_POST['token']) ? $_POST['token'] : (isset($_GET['token']) ? $_GET['token'] : null);
+    $username = isset($_POST['username']) ? $_POST['username'] : (isset($_GET['username']) ? $_GET['username'] : null);
+
+    if ($token && $username) {
+
+        ### Get credentials using the token
+
+        $token = htmlspecialchars($token, ENT_QUOTES, 'UTF-8');
+        $username = htmlspecialchars($username, ENT_QUOTES, 'UTF-8');
+
+        //$url = "/dataBases/fetchDetailsPHPMYAdmin?token=" . $token . '&username=' . $username;
+        $url = "/dataBases/fetchDetailsPHPMYAdmin";
+
+        //         header('Location: ' . $url);
+
+        // Redirect with POST data
+
+        echo '<form id="redirectForm" action="' . $url . '" method="post">';
+        echo '<input type="hidden"  value="' . $token . '" name="token">';
+        echo '<input type="hidden"  value="' . $username . '" name="username">';
+        echo '</form>';
+        echo '<script>document.getElementById("redirectForm").submit();</script>';
+
+    } else if (isset($_POST['logout']) || isset($_GET['logout'])) {
+        session_name(PMA_SIGNON_SESSIONNAME);
+        @session_start();
+        $_SESSION = array();
+        $params = session_get_cookie_params();
+        setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
+        session_destroy();
+        header('Location: /base/');
+        exit;
+    } else if (isset($_POST['password'])) {
+
+        session_name(PMA_SIGNON_SESSIONNAME);
+        @session_start();
+
+        $username = htmlspecialchars($_POST['username'], ENT_QUOTES, 'UTF-8');
+        $password = $_POST['password'];
+        $host = isset($_POST['host']) ? trim($_POST['host']) : '127.0.0.1';
+        if ($host === 'localhost') { $host = '127.0.0.1'; }
+
+        $_SESSION['PMA_single_signon_user'] = $username;
+        $_SESSION['PMA_single_signon_password'] = $password;
+        $_SESSION['PMA_single_signon_host'] = $host;
+
+        @session_write_close();
+
+        header('Location: /phpmyadmin/index.php?server=' . PMA_SIGNON_INDEX);
+    }
+} catch (Exception $e) {
+    echo 'Caught exception: ', $e->getMessage(), "\n";
+    $params = session_get_cookie_params();
+    setcookie(session_name(), '', time() - 86400, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
+    session_destroy();
+    header('Location: /dataBases/phpMyAdmin');
+    return;
+}