phpMyAdmin 2.x.x- Documentation

http://www.htmlwizard.net/phpMyAdmin/
Tobias Ratschiller

Version history: ChangeLog
Installation instructions: INSTALL
General notes: README

Configuration

All configurable data is placed in config.inc.php3.

$cfgServers array
Since version 1.4.2, phpMyAdmin supports the adminstration of multiple MySQL-server. Therefore, a $cfgServers-array has been added which contains the login information for the different servers. $cfgServers[1]['host'] contains the hostname of the first server, $cfgServers[2]['host'] the hostname of the second server, etc. If you have only one server to administer, simply leave free the hostname of the other $cfgServer-entries.

$cfgServers[n]['port'] string
The port-number of your n-th MySQL-server. Default is 3300 (leave blank).

$cfgServers[n]['host'] string
The hostname of your n-th MySQL-server. E.g. localhost.

$cfgServers[n]['adv_auth'] boolean
Whether basic or advanced authentication should be used for this server. Basic authentication ($adv_auth = false) is the plain old way: username and password are stored in config.inc.php3. Advanced authentication $adv_auth = true) as introduced in 1.3.0 allows you to log in as any valid MySQL user via HTTP-Auth. All you have to provide in config.inc is a standard user which can connect to MySQL and read the mysql user/db table (see $cfgServers[n]['stduser']).
Using advanced authentication is recommended:

• when phpMyAdmin is running in a multi-user environment where people have shell-access that you don't want to know the username/password for MySQL.
• when you want to give users access to their own database and don't want them to play around with others.

Advanced authentication is secure as the standard user needs just read-only-access to the mysql database. MySQL passwords cannot be decrypted easily, so there's no chance for a normal user to look at other users' plaintext passwords.

$cfgServers[n]['user'] string
$cfgServers[n]['password'] string
The user/password-pair which phpMyAdmin will use to connect to this MySQL-server when using basic authentification. Not needed when using advanced authentification.

$cfgServers[n]['stduser'] string
$cfgServers[n]['stdpass'] string
A user/pasword pair used to verify the real user/password pair when using advanced authentification. This user must be able to connect to MySQL and read the mysql user table. Not needed when using basic authentification.

$cfgServers[n]['only_db'] string
If set to a database name, only this database will be shown to the user.

$cfgServers[n]['verbose'] string
Only useful when using phpMyAdmin with multiple server entries. If set, this string will be displayed instead of the hostname in the pulldown menu on the main page. This can be useful if you want to show only certain databases on your system, for example.

$cfgManualBase string
If set to an URL which points to the MySQL documentation, appropriate help links are generated.

$cfgPersistentConnections boolean
Whether persistent connections should be used or not (mysql_connect or mysql_pconnect).

$cfgConfirm boolean
Whether a warning ("Are your really sure..") should be displayed when you're about to loose data.

$cfgMaxRows integer
Number of rows displayed when browsing a resultset. If the resultset contains more rows, Previous/Next links will be shown.

$cfgMaxInputsize integer
Size of the edit-field when adding a new record to a table.

$cfgBorder integer
The size of a table's border.

$cfgThBgcolor string [HTML color]
The color (HTML) used for table headers.

$cfgBgcolorOne string [HTML color]
The color (HTML) #1 for table rows.

$cfgBgcolorTwo string [HTML color]
The color (HTML) #2 for table rows.

$cfgOrder string ["DESC"|"ASC"]
Defines whether fields are displayed in ascending ("ASC") order or in descending ("DESC") order when you click on the field-name.

$cfgShowBlob boolean
Defines whether BLOB fields are shown when browsing a table's content or not.

$cfgShowSQL boolean
Defines whether sql-queries generated by phpMyAdmin should be displayed or not.

$cfgColumnTypes array
All possible types of a MySQL column. In most cases you don't need to edit this.

$cfgFunctions array
A list of functions MySQL supports. In most cases you don't need to edit this.

$cfgAttributeTypes array
Possible attributes for fields. In most cases you don't need to edit this.

FAQ - Frequently Asked Questions

I can't insert new rows into a table - MySQL brings up a SQL-error.
Examine the SQL error with care. I've found that many programmers specifying a wrong field-type. Common errors include:

• Using VARCHAR without a size argument
• Using TEXT or BLOB with a size argument

Also, look at the syntax chapter in the MySQL manual to confirm that your syntax is correct.

phpMyAdmin can't connect to MySQL. What's wrong?
Either there is an error with your PHP setup or your username/password is wrong. Try to make a small script which uses mysql_connect and see if it works. If it doesn't, it may be you haven't even compiled MySQL support into PHP.

I cannot edit the content of a table, even if the README says this is a feature of phpMyAdmin.
phpMyAdmin allows only editing of a table's content if the table contains a primary or unique key.

phpMyAdmin always gives "Access denied" when using advanced authentification.
This could happen for some reasons:

• $stduser/$stdpassword is wrong. Try to turn off $adv_auth and use this username and password to connect to MySQL.
• The username/password your specify in the login-dialog is wrong. Try the same as above and see if it works.
• You have already setup a security mechanism for the phpMyAdmin-directory, eg. a .htaccess file. This would interfere with phpMyAdmin's authentification, so remove it.

I would like to help out with the development of phpMyAdmin. How should I proceed?
The following method is preferred for new developers:

• fetch the current CVS tree over anonymous CVS:
  cvs -d :pserver:anon@www.htmlwizard.net:/usr/local/cvsroot login
  [Password: phpMyAdmin] cvs -d :pserver:anon@www.htmlwizard.net:/usr/local/cvsroot checkout phpMyAdmin
  [This will create a new sub-directory named phpMyAdmin]
• add your stuff
• send me the modified files (tar'ed and gzip'ed) Write access to the CVS tree is granted only to experienced developers who have already contributed something useful to phpMyAdmin.
  Also, have a look at the file DEVELOPERS.

What's the preferred way of making phpMyAdmin secure against evil access?
This depends on your system. If you're running a server which cannot be accessed by other people, it's sufficient to use the directory protection bundled with your webserver (with Apache you can use .htaccess files, for example). If other people have telnet access to your server, it's not a good idea to store the MySQL password in clear text in your config.inc.php3 file. You should use phpMyAdmin's advanced authentification feature in this case.

How can I insert a null value into my table?
Enter "null", without the quotes, as the field's value. This is especially useful for Timestamp ot AutoIncrement fields.

I'm an ISP. Can I setup one central copy of phpMyAdmin or do I need to install it for each customer?
Since version 2.0.3, you can setup a central copy of phpMyAdmin for all your users. The development of this feature was kindly sponsored by NetCologne GmbH.
This requires a properly setup MySQL user management and phpMyAdmin's advanced authentication. phpMyAdmin performs these steps, when authenticating a user:

1. Select all entries from the mysql.user table where the username/password matches the challenging user. If no rows are returned, the authentication has failed. Otherwise, phpMyAdmin continues with step 2.
2. If the user's global Select_Priv is "N" (ie the user is not allowed to access all databases), phpMyAdmin searches the mysql.db table for entries with Select_Priv = "Y" belonging to the user. If no entries are found, the authentication has failed. Otherwise, phpMyAdmin shows all databases the user is allowed to view.
   If the user's global Select_Priv is "Y", all databases in the system are shown.
   

This means that you need to add a user to the mysql database as following:
INSERT INTO user (Host, User, Password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'foo', PASSWORD('bar'), 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N')
INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'foo_db', 'foo', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', '', '', '', '')
Then only the "foo_db" database will be displayed to user "foo".