Databases Reference
In-Depth Information
These mechanisms do not replace the MySQL privilege system. Users'
rights on other databases still apply, but they cannot use phpMyAdmin's
left panel to navigate to their other databases or tables.
Protecting In-Transit Data
HTTP is not inherently immune to network sniffing (grabbing sensitive data off the
wire), so if we want to protect not only our username and password but all the data
that travels between our web server and browser, we have to use HTTPS.
To do so, assuming that our web server supports HTTPS, we just have to start
phpMyAdmin by putting
https
instead of
http
in the URL as follows:
https://www.mydomain.com/phpMyAdmin
If we are using
PmaAbsoluteUri
auto-detection:
$cfg['PmaAbsoluteUri'] = '';
phpMyAdmin will see that we are using HTTPS in the URL and react accordingly. If
not, we must put the
https
part in this parameter as follows:
$cfg['PmaAbsoluteUri'] = 'https://www.mydomain.com/phpMyAdmin';
Also, since phpMyAdmin 2.7.0, we can
automatically
switch users to an HTTPS
connection with this setting:
$cfg['ForceSSL'] = TRUE;
Upgrading phpMyAdmin
Normally, upgrading is just a matter of installing the newer version into a separate
directory and copying the previous version's
config.inc.php
to the new directory.
If the previous version is phpMyAdmin 2.6.0 or older, we cannot copy its
config.
inc.php
to the new version because the file format has changed too much.
An upgrade—or first-installation—path that
should not
be taken is to copy
libraries/config.default.php
to
config.inc.php
, since this
default configuration file is version-specific and is not guaranteed to work
for future versions.
Search WWH ::
Custom Search