#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2001
    Posts
    3
    Rep Power
    0

    Unhappy phpMyAdmin Problems!


    Great tool - but hit two problems now I've upgraded my Pair account and tried using it 'for real':

    1.
    I'm getting a "Warning: You haven't enabled magic_quotes_gpc in your PHP configuration" error message on loading the main phpMyAdmin page. I still get a list of DB's, and can create tables (all using basic authorisation).

    I've removed any traces of .htaccess right down to the home directory. phpMyAdmin is version 2.1.0 so everything has a .php (not .php3) extension.

    If I do run a phpinfo(), it does show magic quotes as being 'off'. Pair don't provide user access to php.ini - and I understand magic quotes are normally 'on' for Pair servers anyway, so I'm not entirely convinced this is telling me the truth!

    2. (This may be related to 1?)
    Using advanced authentication - i.e. a read only user in the phpMyAdmin config, then a full access user in the browser popup login box - I immediately get an error of "MySQL said: Access denied for user: '<user>@<ipaddress>' to database 'mysql'" (user/ipaddress masked - user mentioned is the read only user, not the full access user). Perhaps my 'read only' user hasn't got enough access??

    Any pointers appreciated.

    Martin
  2. #2
  3. No Profile Picture
    The Dude Abides
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Feb 2000
    Location
    grass valley,ca
    Posts
    1,062
    Rep Power
    19
    I get the same error about magic quotes, different hosting company. I've yet to see what phpmyadmin needs them for, all the features seem to work exactly as they should. I wouldn't worry about it.

    Don't bother using the advanced authentication, it doesn't really apply to normal phpmyadmin usage. I haven't found it to be necessary at all.
    The Dude
    I'm the Dude. So that's what you call me.
    That, or Duder, His Dudeness, Or El Duderino.
    If, you know, you're not into the whole brevity thing
  4. #3
  5. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2001
    Posts
    3
    Rep Power
    0
    1. OK! I hadn't noticed it preventing me doing anything so far - but haven't delved very deep yet!

    2. If I don't use advanced authentication, how best to secure use of phpMyAdmin? (I get nervous about leaving a full access password in plain text)

    Martin
  6. #4
  7. No Profile Picture
    The Dude Abides
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Feb 2000
    Location
    grass valley,ca
    Posts
    1,062
    Rep Power
    19
    Your password isn't in plain view. The config.inc.php file isn't visible to the world unless php on your server croaks. The file is parsed so you can't view it from the browser. You could move it out of your www accessible area and then repoint all the scripts to its new location.
    The Dude
    I'm the Dude. So that's what you call me.
    That, or Duder, His Dudeness, Or El Duderino.
    If, you know, you're not into the whole brevity thing
  8. #5
  9. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2001
    Posts
    3
    Rep Power
    0
    To the outside world perhaps - but shouldn't I be nervous about fellow account holders on a shared server (or is paranoia setting in!?)

    Martin
  10. #6
  11. No Profile Picture
    The Dude Abides
    Devshed Beginner (1000 - 1499 posts)

    Join Date
    Feb 2000
    Location
    grass valley,ca
    Posts
    1,062
    Rep Power
    19
    Fellow account holders should not be able to navigate into your directory if your server is setup properly. If you can navigate out of your directory and get into others, then you should switch hosting companies. Because yours doesn't have a clue
    The Dude
    I'm the Dude. So that's what you call me.
    That, or Duder, His Dudeness, Or El Duderino.
    If, you know, you're not into the whole brevity thing

IMN logo majestic logo threadwatch logo seochat tools logo