I have just installed Xampp. Now that is the first time in my life that I am looking at PHP or Apache or MySQL and only the third or so I am looking at any SQL or webpage script at all. (Until yesterday it was Microsoft Visual studio Express.)
When I test simple php snippets, they run as they should. phpMyAdmin, however, says "Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user 'root'."
I go to privileges and there are TWO roots there, one on "localhost", the other on "127.0.0.1". Why? Isn't "127.0.0.1" the same as "localhost"? They both have "all privileges". I thought an account with no password and huge privileges was only dangerous if it was on "%", any host. So why is it warning me?
For each of those two roots, I click the icon tooltipped "Edit Privileges" and go to the third container, "change password". The radiobutton is set to "password" but both text boxes are empty. I fill them in carefully (same password for each of the two roots, so four times in all) abd click the button "Go".
Shouldn't that do it? But when I refresh now, I get the same warning message as above. Should I manually edit a config ini? Which one and what to replace with what? There is no config in the folder "xampp\mysql" and two different configs in "xampp\phpMyAdmin". Neither contains and obvious place to edit.
BTW, there is a third user, a "pma". Is that something that phpMyAdmin created for itself and I should ignore it?