w4vy wrote:...only if I set the AllowNoRootPassword in PMA's Config file to True.
This is the default setting and would, in normal circumstances, not need changing if you set passwords for your users including superuser root.
w4vy wrote:...after lots and lots of attempts at setting a password via the xampp security page which all ended in failure.
Did you change the settings in the httpd-xampp.conf file as suggested in this post by Wiedmann which may or may not be related but should be changed anyway perhaps in 1.7.0 and especially on Vista as it includes the IPv6 localhost entry in the Windows HOSTS file
::1 localhost - try commenting that out to
# ::1 localhost:
viewtopic.php?f=16&t=32503&p=131519w4vy wrote:I then switched AllowNoRootPassword back from True to False and Restarted everything and tried to log in again to PMA, first without a pw (just to test) which it then did the right thing and said Access Denied. I then tried to access with the pw I set for root@localhost and access was granted
This behavior will occur regardless of the AllowNoRootPassword setting if a password has been set and I tested that on my XP box.
w4vy wrote:However, If I use the Default Mysql extension and try to log in to PMA it logs me in as user SYSTEM@localhost with No Privileges. Why is it doing that ? it's not like I type in System as my user name.
Again I could not replicate this behavior on my XP box on a vanilla 1.7.0 installation from a 7zip version install - which leads me to the conclusion it's either another Vista 64 issue, as MySQL would seem to have issues with 64 bit systems on Vista, or it is the install method used ie installer version versus the 7zip version or you have or have had another instance of MySQL that either is still installed or has left some residue behind affecting your current XAMPP MySQL instance.
Try to clean uninstall then do a fresh new install of XAMPP using a different install method, the 7zip version perhaps and install to the default C:\ drive which will create C:\ when the files are extracted, then simply run the setup_xampp.bat file - also see if there is any issues with old installs especially IIS in Vista.
You know to clear your cookies for localhost and the browser cache from time to time?
w4vy wrote:I suppose the Mysql extension logging me in as System@localhost isn't that bad for me as I would be using the Mysqli ext' instead so unless I am missing some important factor regarding that or maybe you/I have to have both ext' uncommented in php.ini file then I can move on
This system@localhost issue has to be resolved or it may have other consequences later down the track and it would be best to address it at this early stage than later when you may have a more complex structure in place.
w4vy wrote:I have a password set now for the user root@localhost as stated above and it works fine but still the Security page in xampp tells me that there is still no password set and that I should fix it asap.
See the last comment below.
w4vy wrote:Now I know you said to set up a password for the user 127.0.0.1@localhost too but do I really need to do that since 127.0.0.1 is and can only be this machine ?
This is also the case with localhost as it's IP is 127.0.0.1 the local loop back address, both are only accessible from the PC your are currently logged into - BTW I deleted this root@127.0.0.1 entry in 1.6.8 with no ill effects at all and may be worth a try as you can always create it again if removing it gives issues.
w4vy wrote:Would adding a password stop say certain programmes from accessing a database, I'm just thinking about when I had my forum running before xmas and the arcade script couldn't connect and was trying to log in as user Admin@localhost using password NO and I couldn't figure out what was happening because the arcade script called another script that had the user details and password details already set for the forum which was root@localhost, which is kinda like what is happening now but this time the user is System@localhost.
Another example of never setting the root user for a database in a script as this superuser root has full privileges and could spell disaster, always create a specific user for a specific database then the only 2 users allowed to manage that database are the specific user when logged in to PMA/MySQLl and the superuser root.
w4vy wrote:last but not least, IS the reason the xampp page still says unsecure because there is no password set for the user 127.0.0.1@localhost or is there still something else not working right ?
The XAMPP pages can be secured in the Security menu item of the Welcome Page and the files created would be in the
xampp\security and the
xampp\security\htdocs folders and also in the
xampp\htdocs\xampp - .htaccess and .htpasswd files.
I hope all this helps and good luck again.