$cfg['Servers'][$i]['extension'] = 'mysql'; // The php MySQL extension to use ('mysql' or 'mysqli')
* This is needed for cookie based authentication to encrypt password in
$cfg['blowfish_secret'] = 'My Blowfish Key here'; /* YOU SHOULD CHANGE THIS FOR A MORE SECURE COOKIE AUTH! */
* Servers configuration
$i = 0;
* First server
/* Authentication type and info */
$cfg['Servers'][$i]['auth_type'] = 'cookie'; // Authentication method (config, http or cookie based)
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['AllowNoPasswordRoot'] = false;
/* User for advanced features */
$cfg['Servers'][$i]['controluser'] = 'pma';
$cfg['Servers'][$i]['controlpass'] = '';
/* Advanced phpMyAdmin features */
$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
$cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
$cfg['Servers'][$i]['relation'] = 'pma_relation';
$cfg['Servers'][$i]['table_info'] = 'pma_table_info';
$cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
$cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
$cfg['Servers'][$i]['column_info'] = 'pma_column_info';
$cfg['Servers'][$i]['history'] = 'pma_history';
$cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
* End of servers configuration
* The PHP MySQL extension to use ('mysql' or 'mysqli')
* @global string $cfg['Servers'][$i]['extension']
$cfg['Servers'][$i]['extension'] = 'mysql';
w4vy wrote:The MySQL admin user root has NO password and that Every local user on Windows box can access your MySQL database with administrator rights. You should set a password.
This is the default setting and would, in normal circumstances, not need changing if you set passwords for your users including superuser root.w4vy wrote:...only if I set the AllowNoRootPassword in PMA's Config file to True.
Did you change the settings in the httpd-xampp.conf file as suggested in this post by Wiedmann which may or may not be related but should be changed anyway perhaps in 1.7.0 and especially on Vista as it includes the IPv6 localhost entry in the Windows HOSTS file ::1 localhost - try commenting that out to # ::1 localhost:w4vy wrote:...after lots and lots of attempts at setting a password via the xampp security page which all ended in failure.
This behavior will occur regardless of the AllowNoRootPassword setting if a password has been set and I tested that on my XP box.w4vy wrote:I then switched AllowNoRootPassword back from True to False and Restarted everything and tried to log in again to PMA, first without a pw (just to test) which it then did the right thing and said Access Denied. I then tried to access with the pw I set for root@localhost and access was granted
Again I could not replicate this behavior on my XP box on a vanilla 1.7.0 installation from a 7zip version install - which leads me to the conclusion it's either another Vista 64 issue, as MySQL would seem to have issues with 64 bit systems on Vista, or it is the install method used ie installer version versus the 7zip version or you have or have had another instance of MySQL that either is still installed or has left some residue behind affecting your current XAMPP MySQL instance.w4vy wrote:However, If I use the Default Mysql extension and try to log in to PMA it logs me in as user SYSTEM@localhost with No Privileges. Why is it doing that ? it's not like I type in System as my user name.
This system@localhost issue has to be resolved or it may have other consequences later down the track and it would be best to address it at this early stage than later when you may have a more complex structure in place.w4vy wrote:I suppose the Mysql extension logging me in as System@localhost isn't that bad for me as I would be using the Mysqli ext' instead so unless I am missing some important factor regarding that or maybe you/I have to have both ext' uncommented in php.ini file then I can move on
See the last comment below.w4vy wrote:I have a password set now for the user root@localhost as stated above and it works fine but still the Security page in xampp tells me that there is still no password set and that I should fix it asap.
This is also the case with localhost as it's IP is 127.0.0.1 the local loop back address, both are only accessible from the PC your are currently logged into - BTW I deleted this email@example.com entry in 1.6.8 with no ill effects at all and may be worth a try as you can always create it again if removing it gives issues.w4vy wrote:Now I know you said to set up a password for the user 127.0.0.1@localhost too but do I really need to do that since 127.0.0.1 is and can only be this machine ?
Another example of never setting the root user for a database in a script as this superuser root has full privileges and could spell disaster, always create a specific user for a specific database then the only 2 users allowed to manage that database are the specific user when logged in to PMA/MySQLl and the superuser root.w4vy wrote:Would adding a password stop say certain programmes from accessing a database, I'm just thinking about when I had my forum running before xmas and the arcade script couldn't connect and was trying to log in as user Admin@localhost using password NO and I couldn't figure out what was happening because the arcade script called another script that had the user details and password details already set for the forum which was root@localhost, which is kinda like what is happening now but this time the user is System@localhost.
The XAMPP pages can be secured in the Security menu item of the Welcome Page and the files created would be in the xampp\security and the xampp\security\htdocs folders and also in the xampp\htdocs\xampp - .htaccess and .htpasswd files.w4vy wrote:last but not least, IS the reason the xampp page still says unsecure because there is no password set for the user 127.0.0.1@localhost or is there still something else not working right ?
Izzy wrote:Go to xampp xampp\mysql and try the resetroot.bat file...
w4vy wrote::( it's not working
what's the complex method ?
Anything specific you want to know?w4vy wrote:...Now does anyone know anything about .htaccess files ?
Users browsing this forum: No registered users and 53 guests