PHPmyAdmin?

Irgendwelche Probleme mit XAMPP für Windows? Dann ist hier genau der richtige Ort um nachzufragen.

PHPmyAdmin?

Postby shack » 30. June 2004 12:14

Hi there, can anyone please help. I've just installed the XaMPP and am getting a error message when clicking on the PHPmyAdmin saying:

Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole.


can anyone shed any light on this, and also tell me what the collection of databases that appear when you install are? Can I deleate them?
shack
 
Posts: 6
Joined: 30. June 2004 12:10

Postby Rolidor » 30. June 2004 13:00

Hello.
You wrote:
Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole.

This is a warning that your acces to mysql as root (WITH ALL PRIVILEGES!) isn't protected by a password. You should specify a password for 'root@localhost' and delete the user 'root@%'.
From the databases some are for demos coming with XAMPP. You may delete all except 'mysql' and 'webauth', if you want to use this feature.

Regards
Rolo
Rolidor
 
Posts: 406
Joined: 20. April 2004 10:17
Location: Dreieich - Hessen

PHPMyadmin Privillages?

Postby shack » 30. June 2004 18:22

Brilliant, seem to have sorted that now, however there's a bunch of USERS already setup in privillages in the phpmyadin. what are they ? You said deleate the root% what was that for?

Any % No USAGE No Edit
Any localhost No
pma localhost No ALL PRIVILEGES Yes Edit
root % No ALL PRIVILEGES Yes Edit
root localhost Yes ALL PRIVILEGES Yes Edit
testuser localhost Yes ALL PRIVILEGES
shack
 
Posts: 6
Joined: 30. June 2004 12:10

Postby Rolidor » 30. June 2004 23:09

Hi.
I don't have the original configuration, so I don't know what users are defined after the installation. I remember that there where some users defined. If you only want to administrate YOUR databases with phpmyadmin, at first you need the user 'root@localhost' with all privileges. If you log in as it, you have all privileges and can do all you need. If you are working on a machine that is only used by yourself, there is no need to specify a password for the root. But if you are online when your server is running or other persons have permission to it, you should specify a password for it.
On the phpmyadmin homepage you will find information about configuring the tool. See http://www.phpmyadmin.net/home_page/docs.php for further information.

Regards
Rolo
Rolidor
 
Posts: 406
Joined: 20. April 2004 10:17
Location: Dreieich - Hessen

privillages

Postby shack » 01. July 2004 09:07

hi thanks for your reply. sadly it doesnt make much sense to me. I am new to all this.

I've listed all the privillages that it displays below, can yoy work it out what I need and what I dont from that?

Any % No USAGE No Edit
Any localhost No
pma localhost No ALL PRIVILEGES Yes Edit
root % No ALL PRIVILEGES Yes Edit
root localhost Yes ALL PRIVILEGES Yes Edit
testuser localhost Yes ALL PRIVILEGES
shack
 
Posts: 6
Joined: 30. June 2004 12:10

Postby Rolidor » 01. July 2004 12:51

Hello.
I thougt that you want to know what users are necessary, to administrate databases with phpmyadmin. I told you! You only need the root with all privileges. If you logged in as root, you may create, edit and delete users and databases for your needs. But if you tell me what you want to do with mysql and the admin tool, possibly I can help you to get answers to your questions.
Is english your natural language?

Regards
Rolo
Rolidor
 
Posts: 406
Joined: 20. April 2004 10:17
Location: Dreieich - Hessen

Postby shack » 02. July 2004 09:45

brilliant!

es english please. Right ive just downloaded it and although ive used it before live on a server before i'm unsure of what setting i need to get right in order to use it for testing locally.

As i understand it, once i have set a root password, then when i start it up it appears to simply log-in automaticaly as i'm not logging in, if you know what I mean.
is that right
I can then use the root password to connect from dreamweaver??
shack
 
Posts: 6
Joined: 30. June 2004 12:10

Postby Rolidor » 02. July 2004 11:33

OK.
Within PhpMyAdmin specify a password for 'root@localhost'. Delete all the other users, if you don't need them. Then you have to change some entries in 'xampp\phpmyadmin\config.inc.php'. Load it in your editor and look for the entries under 'Server's Configuration, ca. at line 64. There are following the entries for the localhost configuration:
Code: Select all
/**
 * Server(s) configuration
 */
$i = 0;
// The $cfg['Servers'] array starts with $cfg['Servers'][1].  Do not use $cfg['Servers'][0].
// You can disable a server config entry by setting host to ''.
$i++;
$cfg['Servers'][$i]['host']          = 'localhost'; // MySQL hostname or IP address
$cfg['Servers'][$i]['port']          = '';          // MySQL port - leave blank for default port
$cfg['Servers'][$i]['socket']        = '';          // Path to the socket - leave blank for default socket
$cfg['Servers'][$i]['connect_type']  = 'tcp';       // How to connect to MySQL server ('tcp' or 'socket')
$cfg['Servers'][$i]['compress']      = FALSE;       // Use compressed protocol for the MySQL connection
                                                    // (requires PHP >= 4.3.0)
$cfg['Servers'][$i]['controluser']   = '';          // MySQL control user settings
                                                    // (this user must have read-only
$cfg['Servers'][$i]['controlpass']   = '';          // access to the "mysql/user"
                                                    // and "mysql/db" tables)
$cfg['Servers'][$i]['auth_type']     = 'config';    // Authentication method (config, http or cookie based)?
$cfg['Servers'][$i]['user']          = 'root';      // MySQL user
$cfg['Servers'][$i]['password']      = 'YourPassWord';          // MySQL password (only needed
                                                    // with 'config' auth_type)


Only three lines are from interest for you:
Code: Select all
$cfg['Servers'][$i]['auth_type']     = 'config';    // Authentication method (config, http or cookie based)?
If you are shure that only you will have access to the machine, let it, if it is. If you want that a login box opens, when you start PhpMyAdmin then change it to'http'.

Code: Select all
$cfg['Servers'][$i]['user']          = 'root';      // MySQL user

I think it's right for your needs to login as root. Let it.

Code: Select all
$cfg['Servers'][$i]['password']      = 'YourPassWord';          // MySQL password (only needed
                                                    // with 'config' auth_type)
If you have left the 'auth_type' as 'config' this is the place for the password you gave the 'root' in PhpMyAdmin. Leave this entry blank if you changed it to 'http'.
Save the file, shut the my sql server down and start it again. if you call PhpMyAdmin now you are logged in as root and the warning about the missing password is gone.

Rolo
Rolidor
 
Posts: 406
Joined: 20. April 2004 10:17
Location: Dreieich - Hessen

Postby shack » 02. July 2004 12:35

Thanks so much for all your help.

Brilliant :_)
shack
 
Posts: 6
Joined: 30. June 2004 12:10


Return to XAMPP für Windows

Who is online

Users browsing this forum: No registered users and 32 guests