Limiting access in in phpMyadmin - Page 2

steveorg · June 6th, 2006, 8:45 AM

In a parrallel thread that admin has thankfully killed, David added this reply (if anyone knows how to reach David, please notify him of this reply):

Quote:

Haugland has suggested in the past that you could install another copy of PhpMyAdmin for this kind of purpose. But in a reseller enviroment, I'm not really seeing why you'd need to do that. Perhaps you could explain exactly what the instance is.

Haugland and Marlov are certainly consistent with each other. David asks a fair question. I have a reseller account, but I am using the account for something a little unusual which requires a few pieces of custom code. During the beta period, the developers need easy access to the live environment. Needless to say, I can't give a bunch of strangers access to cpanel.

Actually, I'm surprised that this problem doesn't have an easy fix, (installing multiple instances of phpMYadmin is not easy) because it must be common. Webmasters need to be good tool users, but that doesn't make them developers. Many webmasters are running the business and should be able to assign technical tasks to others without comprimising site security. In this day of Sarbanes-Oxley, any business relying on a cPanel environment would fail the access control tests.

I'll let you know how the phpMYadmin install goes.

**David** · June 6th, 2006, 8:59 AM

Haugland would be best to explain how to get it going, as I've not actually done it myself. Your scenerio makes more sense now for using phpmyadmin rather than just making a bunch of hosting accounts instead. As for the way a team of members would interact, they may use remote connections or develope locally.

steveorg · June 6th, 2006, 10:36 AM

The install is not going well. How do I get hold of Haugland?

Here's one problem: "You didn't set phpMyAdmin database, so you can not use all phpMyAdmin features." How do I set the phpMyAdmin database? Thanks.

marlov · June 6th, 2006, 10:48 AM

see the config.inc.php and look for the next code:

Quote:

$cfg['Servers'][$i]['host'] = 'localhost'; // MySQL hostname or IP address

and enter the host,

further down:

Quote:

$cfg['Servers'][$i]['auth_type'] = 'config'; // Authentication method (config, http or cookie based)?
$cfg['Servers'][$i]['user'] = ''; // MySQL user
$cfg['Servers'][$i]['password'] = ''; // MySQL password (only needed with 'config' auth_type)

enter the kind of authentication, user and if needed password

and even further down you could try adding the database here:

Quote:

$cfg['Servers'][$i]['only_db'] = ''; // If set to a db-name, only
// this db is displayed in left frame
// It may also be an array of db-names, where sorting order is relevant.

Hope it helps.

steveorg · June 6th, 2006, 11:58 AM

Thanks Marlov,

Thats a big step in the right direction. The config.inc.php was empty, so I entered the lines that you listed including the db. However, that does not seem to be enough. I get the fllowing on the index page:

Quote:

Probably reason of this is that you did not create configuration file. You might want to use setup script to create one.
Error

MySQL said:

#1045 - Access denied for user 'root'

'localhost' (using password: NO)

The top of the setup page looks like this:
Host localhost -- MySQL
extension -- mysql
Authentication type -- config:root
phpMyAdmin advanced features -- disabled

Configuration overview button provides the following results:
Servers (1) -- localhost (config:root) [1]
SQL files upload -- disabled
Exported files on server --disabled
Charset conversion --disabled

Configuration display button yields:

PHP Code:


			
<?php
*
 * Generated configuration file
 * Generated by: phpMyAdmin 2.8.1 setup script by Michal &#268;ihař <michal@cihar.com>
 * Version: $Id: setup.php,v 1.23.2.8.2.2 2006/05/15 07:57:09 nijel Exp $
 * Date: Tue, 06 Jun 2006 15:38:53 GMT
 *

* Servers configuration *
$i = 0;

* Server localhost (config:root) [1] *
$i++;
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
$cfg['Servers'][$i]['controluser'] = 'prefix_userb';
$cfg['Servers'][$i]['controlpass'] = 'pwordb';
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = 'pworda';
$cfg['Servers'][$i]['only_db'] = 'resumer_template';

* End of servers configuration *
?>

This output is surprising since it reflects content from prior attempts to create the config file through setup. The controluser and user info should be swapped. What file is producing this output?

I'm a bit over my head here. All help is immensely appreciated.

marlov · June 6th, 2006, 4:13 PM

quick post of my default phpmyadmin config

PHP Code:


			
<?php

/* $Id: config.inc.php,v 2.48 2004/12/28 12:48:27 nijel Exp $ */

// vim: expandtab sw=4 ts=4 sts=4:



/**

 * phpMyAdmin Configuration File

 *

 * All directives are explained in Documentation.html

 */





/**

 * Sets the php error reporting - Please do not change this line!

 */

if (!isset($old_error_reporting)) {

    error_reporting(E_ALL);

    @ini_set('display_errors', '1');

}





/**

 * Your phpMyAdmin url

 *

 * Complete the variable below with the full url ie

 *    http://www.your_web.net/path_to_your_phpMyAdmin_directory/

 *

 * It must contain characters that are valid for a URL, and the path is

 * case sensitive on some Web servers, for example Unix-based servers.

 *

 * In most cases you can leave this variable empty, as the correct value

 * will be detected automatically. However, we recommend that you do

 * test to see that the auto-detection code works in your system. A good

 * test is to browse a table, then edit a row and save it.  There will be

 * an error message if phpMyAdmin cannot auto-detect the correct value.

 *

 * If the auto-detection code does work properly, you can set to TRUE the

 * $cfg['PmaAbsoluteUri_DisableWarning'] variable below.

 */

$cfg['PmaAbsoluteUri'] = '';





/**

 * Disable the default warning about $cfg['PmaAbsoluteUri'] not being set

 * You should use this if and ONLY if the PmaAbsoluteUri auto-detection

 * works perfectly.

 */

$cfg['PmaAbsoluteUri_DisableWarning'] = TRUE;



/**

 * Disable the default warning that is displayed on the DB Details Structure page if

 * any of the required Tables for the relationfeatures could not be found

 */

$cfg['PmaNoRelation_DisableWarning']  = TRUE;



/**

 * The 'cookie' auth_type uses blowfish algorithm to encrypt the password. If

 * at least one server configuration uses 'cookie' auth_type, enter here a

 * passphrase that will be used by blowfish.

 */

$cfg['blowfish_secret'] = '';



/**

 * Server(s) configuration

 */

$i = 0;

// The $cfg['Servers'] array starts with $cfg['Servers'][1].  Do not use $cfg['Servers'][0].

// You can disable a server config entry by setting host to ''.

$i++;

$cfg['Servers'][$i]['host']          = 'localhost'; // MySQL hostname or IP address

$cfg['Servers'][$i]['port']          = '';          // MySQL port - leave blank for default port

$cfg['Servers'][$i]['socket']        = '';          // Path to the socket - leave blank for default socket

$cfg['Servers'][$i]['connect_type']  = 'tcp';       // How to connect to MySQL server ('tcp' or 'socket')

$cfg['Servers'][$i]['extension']     = 'mysql';     // The php MySQL extension to use ('mysql' or 'mysqli')

$cfg['Servers'][$i]['compress']      = FALSE;       // Use compressed protocol for the MySQL connection

                                                    // (requires PHP >= 4.3.0)

$cfg['Servers'][$i]['controluser']   = '';          // MySQL control user settings

                                                    // (this user must have read-only

$cfg['Servers'][$i]['controlpass']   = '';          // access to the "mysql/user"

                                                    // and "mysql/db" tables).

                                                    // The controluser is also

                                                    // used for all relational

                                                    // features (pmadb)

$cfg['Servers'][$i]['auth_type']     = 'config';    // Authentication method (config, http or cookie based)?

$cfg['Servers'][$i]['user']          = 'root';      // MySQL user

$cfg['Servers'][$i]['password']      = 'blubberboot';          // MySQL password (only needed

                                                    // with 'config' auth_type)

$cfg['Servers'][$i]['only_db']       = '';          // If set to a db-name, only

                                                    // this db is displayed in left frame

                                                    // It may also be an array of db-names, where sorting order is relevant.

$cfg['Servers'][$i]['verbose']       = '';          // Verbose name for this host - leave blank to show the hostname



$cfg['Servers'][$i]['pmadb']         = '';          // Database used for Relation, Bookmark and PDF Features

                                                    // (see scripts/create_tables.sql)

                                                    //   - leave blank for no support

                                                    //     DEFAULT: 'phpmyadmin'

$cfg['Servers'][$i]['bookmarktable'] = '';          // Bookmark table

                                                    //   - leave blank for no bookmark support

                                                    //     DEFAULT: 'pma_bookmark'

$cfg['Servers'][$i]['relation']      = '';          // table to describe the relation between links (see doc)

                                                    //   - leave blank for no relation-links support

                                                    //     DEFAULT: 'pma_relation'

$cfg['Servers'][$i]['table_info']    = '';          // table to describe the display fields

                                                    //   - leave blank for no display fields support

                                                    //     DEFAULT: 'pma_table_info'

$cfg['Servers'][$i]['table_coords']  = '';          // table to describe the tables position for the PDF schema

                                                    //   - leave blank for no PDF schema support

                                                    //     DEFAULT: 'pma_table_coords'

$cfg['Servers'][$i]['pdf_pages']     = '';          // table to describe pages of relationpdf

                                                    //   - leave blank if you don't want to use this

                                                    //     DEFAULT: 'pma_pdf_pages'

$cfg['Servers'][$i]['column_info']   = '';          // table to store column information

                                                    //   - leave blank for no column comments/mime types

                                                    //     DEFAULT: 'pma_column_info'

$cfg['Servers'][$i]['history']       = '';          // table to store SQL history

                                                    //   - leave blank for no SQL query history

                                                    //     DEFAULT: 'pma_history'

$cfg['Servers'][$i]['verbose_check'] = TRUE;        // set to FALSE if you know that your pma_* tables

                                                    // are up to date. This prevents compatibility

                                                    // checks and thereby increases performance.

$cfg['Servers'][$i]['AllowRoot']     = TRUE;        // whether to allow root login

$cfg['Servers'][$i]['AllowDeny']['order']           // Host authentication order, leave blank to not use

                                     = '';

$cfg['Servers'][$i]['AllowDeny']['rules']           // Host authentication rules, leave blank for defaults

                                     = array();





$i++;

$cfg['Servers'][$i]['host']            = '';

$cfg['Servers'][$i]['port']            = '';

$cfg['Servers'][$i]['socket']          = '';

$cfg['Servers'][$i]['connect_type']    = 'tcp';

$cfg['Servers'][$i]['extension']       = 'mysql';

$cfg['Servers'][$i]['compress']        = FALSE;

$cfg['Servers'][$i]['controluser']     = '';

$cfg['Servers'][$i]['controlpass']     = '';

$cfg['Servers'][$i]['auth_type']       = 'config';

$cfg['Servers'][$i]['user']            = 'root';

$cfg['Servers'][$i]['password']        = '';

$cfg['Servers'][$i]['only_db']         = '';

$cfg['Servers'][$i]['verbose']         = '';

$cfg['Servers'][$i]['pmadb']           = ''; // 'phpmyadmin' - see scripts/create_tables.sql

$cfg['Servers'][$i]['bookmarktable']   = ''; // 'pma_bookmark'

$cfg['Servers'][$i]['relation']        = ''; // 'pma_relation'

$cfg['Servers'][$i]['table_info']      = ''; // 'pma_table_info'

$cfg['Servers'][$i]['table_coords']    = ''; // 'pma_table_coords'

$cfg['Servers'][$i]['pdf_pages']       = ''; // 'pma_pdf_pages'

$cfg['Servers'][$i]['column_info']     = ''; // 'pma_column_info'

$cfg['Servers'][$i]['history']         = ''; // 'pma_history'

$cfg['Servers'][$i]['verbose_check']   = TRUE;

$cfg['Servers'][$i]['AllowRoot']       = TRUE;

$cfg['Servers'][$i]['AllowDeny']['order']

                                       = '';

$cfg['Servers'][$i]['AllowDeny']['rules']

                                       = array();



$i++;

$cfg['Servers'][$i]['host']            = '';

$cfg['Servers'][$i]['port']            = '';

$cfg['Servers'][$i]['socket']          = '';

$cfg['Servers'][$i]['connect_type']    = 'tcp';

$cfg['Servers'][$i]['extension']       = 'mysql';

$cfg['Servers'][$i]['compress']        = FALSE;

$cfg['Servers'][$i]['controluser']     = '';

$cfg['Servers'][$i]['controlpass']     = '';

$cfg['Servers'][$i]['auth_type']       = 'config';

$cfg['Servers'][$i]['user']            = 'root';

$cfg['Servers'][$i]['password']        = '';

$cfg['Servers'][$i]['only_db']         = '';

$cfg['Servers'][$i]['verbose']         = '';

$cfg['Servers'][$i]['pmadb']           = ''; // 'phpmyadmin' - see scripts/create_tables.sql

$cfg['Servers'][$i]['bookmarktable']   = ''; // 'pma_bookmark'

$cfg['Servers'][$i]['relation']        = ''; // 'pma_relation'

$cfg['Servers'][$i]['table_info']      = ''; // 'pma_table_info'

$cfg['Servers'][$i]['table_coords']    = ''; // 'pma_table_coords'

$cfg['Servers'][$i]['pdf_pages']       = ''; // 'pma_pdf_pages'

$cfg['Servers'][$i]['column_info']     = ''; // 'pma_column_info'

$cfg['Servers'][$i]['history']         = ''; // 'pma_history'

$cfg['Servers'][$i]['verbose_check']   = TRUE;

$cfg['Servers'][$i]['AllowRoot']       = TRUE;



$cfg['Servers'][$i]['AllowDeny']['order']

                                       = '';

$cfg['Servers'][$i]['AllowDeny']['rules']

                                       = array();



// If you have more than one server configured, you can set $cfg['ServerDefault']

// to any one of them to autoconnect to that server when phpMyAdmin is started,

// or set it to 0 to be given a list of servers without logging in

// If you have only one server configured, $cfg['ServerDefault'] *MUST* be

// set to that server.

$cfg['ServerDefault'] = 1;              // Default server (0 = no default server)

$cfg['Server']        = '';

unset($cfg['Servers'][0]);





/**

 * Other core phpMyAdmin settings

 */

$cfg['OBGzip']                  = 'auto'; // use GZIP output buffering if possible (TRUE|FALSE|'auto')

$cfg['PersistentConnections']   = FALSE;  // use persistent connections to MySQL database

$cfg['ExecTimeLimit']           = 300;    // maximum execution time in seconds (0 for no limit)

$cfg['SkipLockedTables']        = FALSE;  // mark used tables, make possible to show

                                          // locked tables (since MySQL 3.23.30)

$cfg['ShowSQL']                 = TRUE;   // show SQL queries as run

$cfg['AllowUserDropDatabase']   = FALSE;  // show a 'Drop database' link to normal users

$cfg['Confirm']                 = TRUE;  &n

June 5th, 2006, 4:22 PM	#10 (permalink)
marlov Registered User Comfy Contributor Joined in Oct 2004 124 posts Gave thanks: 1 Thanked 0 times	Yes __________________ de-uitgeverij.com SH105 72.29.93.156

June 6th, 2006, 10:36 AM	#13 (permalink)
steveorg Registered User Seasoned Poster Joined in May 2004 Lives in Wrong Coast Hosted on pass77 58 posts Gave thanks: 0 Thanked 1 Time in 1 Post	The install is not going well. How do I get hold of Haugland? Here's one problem: "You didn't set phpMyAdmin database, so you can not use all phpMyAdmin features." How do I set the phpMyAdmin database? Thanks. __________________ Steve

June 6th, 2006, 8:59 AM	#12 (permalink)
David I'm Dope as Crack Resident. Joined in Mar 2004 Lives in Asheboro, NC Hosted on Pass 7 13,032 posts Gave thanks: 7 Thanked 29 times	Haugland would be best to explain how to get it going, as I've not actually done it myself. Your scenerio makes more sense now for using phpmyadmin rather than just making a bunch of hosting accounts instead. As for the way a team of members would interact, they may use remote connections or develope locally.