DB Admin — A Lightweight MySQL Browser

Publicerad den av
DB Admin — A Lightweight MySQL Browser
DB Admin — A Lightweight MySQL Browser

I’ve been running MySQL databases for a while now, and for years my go-to tool was phpMyAdmin. It works, but it’s a lot: more features than I’ll ever need, and a UI that always feels like it was designed for a different era. All I really wanted was to browse tables, look at rows, apply a quick filter, and occasionally fix a value — without spinning up a desktop client or fumbling with phpMyAdmin’s maze of settings.

So I asked Claude to help me build something simpler.

What it is

DB Admin is a single PHP file — literally one file and one PNG icon — that you drop into a password-protected directory on your server and you’re done. It runs on any standard LAMP/LEMP stack with PHP 8 and MySQL/MariaDB. No Composer, no npm, no framework, no external CDN. Just plain PHP and a bit of vanilla JavaScript.

You log in with your database username and password (not a separate admin password), which means it automatically respects whatever privileges that DB user actually has. If the user can only SELECT and UPDATE, that’s all the tool can do.

Once in, you get:

  • A sidebar listing all your tables with a live filter
  • A data view with sorting, search, and a per-column filter builder
  • A structure view showing column types, keys, and indexes
  • Inline row editing — click Edit on any row, change what you need, save. No deletes, by design.
  • Relational navigation — click any value in the grid to find matching records in other tables that share the same column name. Useful when you want to trace a user ID across a dozen tables without writing SQL.
  • Dark mode, CSV export, and a clean responsive layout that works on a laptop in a coffee shop

Security-first

Since this sits in front of a live database, I didn’t cut corners on security. It uses prepared statements everywhere, a column/table whitelist to prevent SQL injection via identifier names, CSRF tokens on every state-changing action, strict CSP headers (no `unsafe-inline`), session timeouts, and a file-based login rate limiter that survives a cleared browser cookie. There’s a deployment guide at the top of the file with concrete Apache/Nginx recommendations.

It is still, however, a tool meant for trusted internal networks or VPN access only. It is not a replacement for proper database access controls.

Free, as-is

The tool is free to download and use — no license fee, no registration, no tracking. It comes with no warranties and is provided as-is. Use it, adapt it, improve it. If it breaks something, that’s on you to fix — but the code is readable and well-commented, so it shouldn’t be hard.

Built with Claude

The entire tool was developed through conversation with Anthropic’s Claude models. The initial architecture and implementation came from Claude Sonnet and Claude Opus, with security hardening, bug fixes, and the most recent feature additions made with Claude Fable. It’s a good example of what you can get done when you use an AI model that understands both security requirements and the practical tradeoffs of building admin tooling.

Download: two files — `dbadmin.php` and `dbadmin.png` in a zip-archive. Drop them in a directory, restrict access by IP, open in your browser.

 

Get the files
Version: 1.1.0