phpmyadmin

dutchie · #1 03-17-2002, 06:43 AM

I just installed phpmyadmin, for multiple users.
is it normal that i get directly into the phpmyadmin screen without entering a password ?

Quote:

Welkom op phpMyAdmin 2.2.4
MySQL 3.23.37 running on localhost as admin@localhost

is what i get.
I don't see any databases on the left site, but still.
I've set auth_type to http, and did not enter any user or password information.

serve-you · #2 03-17-2002, 06:46 AM

There is no dropdown menu in the left frame?

-Dan

dutchie · #3 03-17-2002, 01:42 PM

Nu there was one database "test" but i deleted it.
The databases i made for some test users don't show.

serve-you · #4 03-17-2002, 01:53 PM

That's strange. Have you read the documentation on this? Here's the relevant section.

Quote:

Using authentication modes:

* Http and cookie authentication modes are recommended in a multi-user environment where you want to give users access to their own database and don't want them to play around with others.

* Http and cookie authentication modes are secure: the MySQL password does not need to be set in the phpMyAdmin configuration file. (except for the "controluser" -see the Configuration section-).
In cookie mode, we send the password in a temporary cookie, so most browsers should not store the password in their cookie file.

* For 'http' and 'cookie' modes, phpMyAdmin needs a controluser that has only the SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns) & mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables.
You must specify the details for the controluser in the config.inc.php3 file under the $cfgServers[n]['controluser'] & $cfgServers[n]['controlpass'] settings.
This example assumes you want to use pma as the controluser and pmapass as the controlpass:
GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';
GRANT SELECT (Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) ON mysql.user TO 'pma'@'localhost';
GRANT SELECT ON mysql.db TO 'pma'@'localhost';
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv) ON mysql.tables_priv TO 'pma'@'localhost';
... and if you want to use the bookmark feature:
GRANT SELECT, INSERT, DELETE ON <bookmark_db>.<bookmark_table> TO 'pma'@'localhost';

* Then each of the true users should be granted of a set of privileges on a set of perticular databases but shouldn't have any global privileges. For example, to grant the user real_user with all privileges on the database user_base:
GRANT ALL PRIVILEGES ON user_base.* TO 'real_user'@localhost IDENTIFIED BY 'real_password';
What the user may now do is controlled entirely by the MySQL user management system.
With http or cookie auth mode, you don't need to fill the user/password fields inside the $cfgServers array.

-Dan

**ffeingol** · #5 03-17-2002, 01:57 PM

If it's not prompting you for a password, then you setup basic authentication. The user id that you put into the config. prob. does not have the authority to use any of the databases.

Frank

dutchie · #6 03-17-2002, 02:20 PM

To be honest, the readme file confused me, i first created a control user, but the next paragraph in the readme file said it was'nt neccesary so i removed it

First it says:

Quote:

For 'http' and 'cookie' modes, phpMyAdmin needs a stduser that has only the SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns) & mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables.
You must specify the details for the stduser in the config.inc.php3 file under the $cfgServers[n]['stduser'] & $cfgServers[n]['stdpass'] settings

then it says:

Quote:

With http or cookie auth mode, you don't need to fill the user/password fields inside the $cfgServers array

I'm sure i'm missing something very obvious, but it is kind of complicated reading for a non-english reader.

This is my current config

Quote:

$cfgServers[1]['host'] = 'localhost'; // MySQL hostname
$cfgServers[1]['port'] = ''; // MySQL port - leave blank for default port
$cfgServers[1]['socket'] = ''; // Path to the socket - leave blank for default socket
$cfgServers[1]['connect_type'] = 'tcp'; // How to connect to MySQL server ('tcp' or 'socket')
$cfgServers[1]['stduser'] = ''; // MySQL standard user settings (this user must have read-only
$cfgServers[1]['stdpass'] = ''; // access to the "mysql/user" and "mysql/db" tables)
$cfgServers[1]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?
$cfgServers[1]['user'] = ''; // MySQL user
$cfgServers[1]['password'] = ''; // MySQL password (only needed with 'config' auth)
$cfgServers[1]['only_db'] = ''; // If set to a db-name, only this db is displayed at left frame
// It may also be an array of db-names
$cfgServers[1]['verbose'] = ''; // Verbose name for this host - leave blank to show the hostname
$cfgServers[1]['bookmarkdb'] = ''; // Bookmark db - leave blank for no bookmark support
$cfgServers[1]['bookmarktable'] = ''; // Bookmark table - leave blank for no bookmark support
$cfgServers[1]['relation'] = ''; // table to describe the relation between links (see doc)

What do i need to change/add ?