[Webdev] phpMyAdmin config, how?

[adam beecher]

Hi Lars,

>  In config.inc, I have specified auth_type=config, and specified the
>  password of the mysql root user.
>
The username should go in the $cfg['Servers'][$i]['user'] variable and the
password in $cfg['Servers'][$i]['password']. However, this is a very
insecure auth mechanism unless you specifically configure HTTP-AUTH in the
httpd.conf. Even then it's not brilliant.

> What is this mysql control user?
>
It's a rather nifty little auth mechanism that you should use instead.

> Is it a UNIX or mysql user?
>
It's a MySQL user with strictly limited read-only access to the 'mysql'
database. When you go to the phpMyAdmin url, it prompts you for a username
and password, and then checks whether you've given a valid MySQL username
and password. If you have, it gives you access only to the resources that
MySQL user has access to. In other words, it falls through to the MySQL
permissions system. Quite clever really, and a fantastic mechanism for
giving hosting users access to their own databases without compromising
security.

> If it's a mysql user, how can I find out whether it exists, or how can
> I add it?
>
You RTFM, dear boy. :)

It's all explained in the file Documentation.html in the tarball, and that
includes queries to set up the control user. The easiest way to go about it
is to set it up with the 'config' auth_type first, run your queries to set
up the control user through the interface, and then switch it over in the
config again.

If you have any more problems, and this is on a public server, I can pop in
and set it up for you if you wish. (Done it hundreds of times at this stage.
Where's me blindfold?)

adam