______________________________________________________________________ Top - Requirements - Introduction - Installation - Configuration Transformations - FAQ - Developers - Credits - Translators ______________________________________________________________________ phpMyAdmin 2.6.3-pl1 Documentation * SourceForge phpMyAdmin project page [ http://www.phpmyadmin.net/ ] * Local documents: + Version history: ChangeLog + General notes: README + License: LICENSE * Documentation version: $Id: Documentation.html,v 2.131.2.4 2005/07/04 21:50:18 lem9 Exp $ Requirements * PHP + You need PHP 4.1.0 or newer (*) + If you want to display inline thumbnails of JPEGs with the original aspect ratio, you also need GD2 support in PHP + Starting with phpMyAdmin 2.6.1, MIME-based transformations that use an external program need PHP 4.3.0 or newer * MySQL 3.23.32 or newer (details); * Not really a requirement but a strong suggestion: if you are using th e "cookie" authentication method, having the mcrypt PHP extension on your web server accelerates not only the login phase but every other action that you do in phpMyAdmin. * a web-browser (doh!). Introduction phpMyAdmin can manage a whole MySQL server (needs a super-user) as well a s a single database. To accomplish the latter you'll need a properly set up MySQL user who can read/write only the desired database. It's up to you to look up the appropriate part in the MySQL manual. Currently phpMyAdmin can: * create and drop databases * create, copy, drop, rename and alter tables * do table maintenance * delete, edit and add fields * execute any SQL-statement, even batch-queries * manage keys on fields * load text files into tables * create (*) and read dumps of tables * export (*) data to CSV, XML and Latex formats * administer multiple servers * manage MySQL users and privileges * check referential integrity in MyISAM tables * using Query-by-example (QBE), create complex queries automatically co nnecting required tables * create PDF graphics of your Database layout * search globally in a database or a subset of it * transform stored data into any format using a set of predefined funct ions, like displaying BLOB-data as image or download-link or ... * support InnoDB tables and foreign keys (see FAQ 3.6) * support mysqli, the improved MySQL extension (see FAQ 1.17) * communicate in 50 different languages (*) phpMyAdmin can compress (Zip, GZip -RFC 1952- or Bzip2 formats) dump s and CSV exports if you use PHP4 >= 4.0.4 with Zlib support (--with-zli b) and/or Bzip2 support (--with-bz2). Installation NOTE: phpMyAdmin does not apply any special security methods to the MySQL database server. It is still the system administrator's job to grant pe rmissions on the MySQL databases properly. phpMyAdmin's "Privileges" pag e can be used for this. Warning for Mac users:if you are on a MacOS version before OS X, StuffIt unstuffs with Mac formats. So you'll have to resave as in BBEdit to Unix style ALL phpMyAdmin script s before uploading them to your server, as PHP seems not to like Mac-sty le end of lines character ("\r"). Quick Install 1. Untar or unzip the distribution (be sure to unzip the subdirectories) : tar -xzvf phpMyAdmin_x.x.x.tar.gz in your webserver's document root. If you don't have direct access to your document root, put the files in a directory on your local machine, and, after step 3, transfer the directory on your web server using, for example, ftp. 2. Ensure that all the scripts have the appropriate owner (if PHP is run ning in safe mode, having some scripts with an owner different from the owner of other scripts will be a problem). See FAQ 4.2 for suggestions. 3. Open the file config.inc.php in your favorite editor and change the v alues for host, user, password and authentication mode to fit your environment. Here, "host" means the MySQL server. Have a look at Configuration section for an explanation of all values. Please also read the remaining of this Installation section for information about authentication modes and the linked-tables infrastructure. 4. It is recommended that you protect the directory in which you install ed phpMyAdmin (unless it's on a closed intranet, or you wish to use HTTP or cookie authentication), for example with HTTP-AUTH (in a .htaccess file). See the multi-user sub-section of the FAQ for additional information, especially FAQ 4.4. 5. Open the file //index.php in you r browser. phpMyAdmin should now display a welcome screen and your databases, or a login dialog if using HTTP or cookie authentication mode. Linked-tables infrastructure For a whole set of new features (bookmarks, comments, SQL-history, PDF-ge neration, field contents transformation, etc.) you need to create a set of special tables. Those tables can be located in your own database, or in a central database for a multi-user installation (this database would then be accessed by the controluser, so no other user should have right s to it). Please look at your scripts/ directory, where you should find a file call ed create_tables.sql. (If you are using a Windows server, pay special at tention to FAQ 1.23). If your MySQL server's version is 4.1.2 or later, please use create_table s_mysql_4_1_2+.sql instead, for a new installation. If you already had this infrastructure and upgraded to MySQL 4.1.2 or lat er, please use upgrade_tables_mysql_4_1_2+.sql. You can use your phpMyAdmin to create the tables for you. Please be aware that you may need special (administrator) privileges to create the data base and tables, and that the script may need some tuning, depending on the database name. After having imported the create_tables.sql file, you should specify the table names in your config.inc.php file. The directives used for that ca n be found in the Configuration section. You will also need to have a co ntroluser with the proper rights to those tables (see section Using auth entication modes below). Upgrading from an older version * You can safely copy your older config.inc.php over a new one, if you can live with default values for possible new parameters (you can check release notes to see what new features were added). This compatibility will stay for long time, current version supports importing config files from 2.2 and maybe even older (nobody has tried that). Using authentication modes * HTTP and cookie authentication modes are recommended in a multi-user environment where you want to give users access to their own database and don't want them to play around with others. Nevertheless be aware that MS Internet Explorer seems to be really buggy about cookies, at least till version 6. And PHP 4.1.1 is also a bit buggy in this area! Even in a single-user environment, you might prefer to use HTTP or cookie mode so that your user/password pair are not in clear in the configuration file. * HTTP and cookie authentication modes are more secure: the MySQL login information does not need to be set in the phpMyAdmin configuration file (except possibly for the controluser). However, keep in mind that the password travels in plain text, unless you are using the HTTPS protocol. In cookie mode, the password is stored, encrypted with the blowfish algorithm, in a temporary cookie. * Note: starting with phpMyAdmin 2.6.1, configuring the controluser to enable HTTP and cookie authentication applies only to MySQL servers older than 4.1.2. For 'HTTP' and 'cookie' modes, phpMyAdmin needs a controluser that has only the SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns), mysql.host (all columns) and mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables. You must specify the details for the controluser in the config.inc.php file under the $cfg['Servers'][$i]['controluser']& $cfg['Servers'][$i]['controlpass'] settings. The following example assumes you want to use pma as the controluser and pmapass as the controlpass, but this is only an example: use something else in your file! Of course you have to replace localhost by the webserver's host if it's not the same as the MySQL server's one. GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass'; GRANT SELECT ( Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv, Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv, Execute_priv, Repl_slave_priv, Repl_client_priv ) ON mysql.user TO 'pma'@'localhost'; GRANT SELECT ON mysql.db TO 'pma'@'localhost'; GRANT SELECT ON mysql.host TO 'pma'@'localhost'; GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv) ON mysql.tables_priv TO 'pma'@'localhost'; If you are using an old MySQL version (below 4.0.2), please replace the first GRANT SELECT query by this one: GRANT SELECT ( Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv ) ON mysql.user TO 'pma'@'localhost'; ... and if you want to use the many new relation and bookmark features: GRANT SELECT, INSERT, UPDATE, DELETE ON .* TO 'pma'@'localhost'; (this of course requires you to have a special DB for phpMyAdmin, the contents will be explained later) Of course, the above queries only work if your MySQL version supports the GRANT command. This is the case since 3.22.11. * Then each of the true users should be granted a set of privileges on a set of particular databases. Normally you shouldn't give global privileges to an ordinary user, unless you understand the impact of those privileges (for example, you are creating a superuser). For example, to grant the user real_user with all privileges on the database user_base: GRANT ALL PRIVILEGES ON user_base.* TO 'real_user'@localhost IDENTIFIED BY 'real_password'; What the user may now do is controlled entirely by the MySQL user management system. With HTTP or cookie authentication mode, you don't need to fill the user/password fields inside the $cfg['Servers'] array. 'http' authentication mode * Was called 'advanced' in versions before 2.2.3. * Introduced in 1.3.0, it uses Basic HTTP authentication method and all ows you to login as any valid MySQL user. * Is supported with PHP running as an Apache module. For IIS (ISAPI) su pport using CGI PHP, see FAQ 1.32. * See also FAQ 4.4 about not using the .htaccess mechanism along with ' http' authentication mode. 'cookie' authentication mode * You can use this method as a replacement for the HTTP authentication (for example, if you're running IIS). * Obviously, the user must enable cookies in the browser. * With this mode, the user can truly logout of phpMyAdmin and login bac k with the same username. * If you want to login to arbitrary server see $cfg['AllowArbitraryServ er'] directive. * See also the requirements section for a way to improve the interface speed while using this mode. 'config' authentication mode * This mode is the less secure one because it requires you to fill the $cfg['Servers'][$i]['user'] and $cfg['Servers'][$i]['password'] fields. But you don't need to setup a "controluser" here: using the $cfg['Servers'][$i]['only_db'] might be enough. * In the ISP FAQ section, there is an entry explaining how to protect y our configuration file. * For additional security in this mode, you may wish to consider the Ho st authentication $cfg['Servers'][$i]['AllowDeny']['order'] and $cfg['Servers'][$i]['AllowDeny']['rules'] configuration directives. Configuration Warning for Mac users: PHP seems not to like Mac end of lines character ( "\r"). So ensure you choose the option that allows to use the *nix end o f line character ("\n") in your text editor before registering a script you have modified. Configuration note: Almost all configurable data is placed in config.inc. php. The parameters which relate to design (like colors) are placed in t hemes/themename/layout.inc.php. You might also want to modify config.foo ter.inc.php and config.header.inc.php files to add your site specific co de to be included on start and end of each page. $cfg['PmaAbsoluteUri'] string Sets here the complete URL (with full path) to your phpMyAdmin installation's directory. E.g. http://www.your_web.net/path_to_your_phpMyAdmin_directory/. Starting with version 2.3.0, it is advisable to try leaving this blank. In most cases phpMyAdmin automatically detects the proper setting. Additional details are in the configuration file. If you leave it blank, see the notes for $cfg['PmaAbsoluteUri_DisableWarning']; you probably want to change that to TRUE. Don't forget the slash at the end of your URL. The URL must contain characters that are valid for a URL, and on some servers, the path is case-sensitive. $cfg['PmaAbsoluteUri_DisableWarning'] boolean By default, when you leave $cfg['PmaAbsoluteUri'] empty, and the system detects your absolute URI automatically, we display a warning to remind you. If you have tested the automatic detection, and it works perfectly for your setup, then you can set this variable to squelch the warning. $cfg['PmaNoRelation_DisableWarning'] boolean Starting with version 2.3.0 phpMyAdmin offers a lot of features to work with master / foreign - tables (see $cfg['Servers'][$i]['pmadb']). If you tried to set this up and it does not work for you, have a look on the "Structure" page of one database where you would like to use it. You will find a link that will analyze why those features have been disabled. If you do not want to use those features set this variable to TRUE to stop this message from appearing. $cfg['blowfish_secret'] string Starting with version 2.5.2, the 'cookie' auth_type uses blowfish algorithm to encrypt the password. If you are using the 'cookie' auth_type, enter here a random passphrase of your choice. It will be used internally by the blowfish algorithm: you won't be prompted for this passphrase. The maximum number of characters for this parameter seems to be 46. $cfg['Servers'] array Since version 1.4.2, phpMyAdmin supports the administration of multiple MySQL servers. Therefore, a $cfg['Servers']-array has been added which contains the login information for the different servers. The first $cfg['Servers'][$i]['host'] contains the hostname of the first server, the second $cfg['Servers'][$i]['host'] the hostname of the second server, etc. If you have only one server to administer, simply leave free the hostname of the other $cfg['Server']-entries. $cfg['Servers'][$i]['host'] string The hostname or IP address of your $i-th MySQL-server. E.g. localhost. $cfg['Servers'][$i]['port'] string The port-number of your $i-th MySQL-server. Default is 3306 (leave blank). If you use "localhost" as the hostname, MySQL ignores this port number and connects with the socket, so if you want to connect to a port different from the default port, use "127.0.0.1" or the real hostname in $cfg['Servers'][$i]['host']. $cfg['Servers'][$i]['socket'] string The path to the socket to use. Leave blank for default. To use the socket feature you must run PHP 3.0.10 or more. $cfg['Servers'][$i]['connect_type'] string What type connection to use with the MySQL server. Your options are 'socket' & 'tcp'. It defaults to 'tcp' as that is nearly guaranteed to be available on all MySQL servers, while sockets are not supported on some platforms. To use the socket mode, your MySQL server must be on the same machine as the Web server. $cfg['Servers'][$i]['extension'] string What php MySQL extension to use for the connection. Valid options are: mysql : The classic MySQL extension. This is the recommended and default method at this time. mysqli : The improved MySQL extension. This extension became available with php 5.0.0 and is the recommended way to connect to a server running MySQL 4.1.x. Note: phpMyAdmin's MySQL 4.1 support is experimental! $cfg['Servers'][$i]['compress'] boolean Whether to use a compressed protocol for the MySQL server connection or not (experimental). This feature requires PHP >= 4.3.0. $cfg['Servers'][$i]['controluser'] string $cfg['Servers'][$i]['controlpass'] string Note: starting with phpMyAdmin 2.6.1, configuring the controluser to enable HTTP and cookie authentication applies only to MySQL servers older than 4.1.2. This special account is used for 2 distinct purposes: to make possible all relational features (see $cfg['Servers'][$i]['pmadb']) and, for a MySQL server older than 4.1.2, to enable a multi-user installation (http or cookie authentication mode). When using HTTP or cookie authentication modes (or 'config' authentication mode since phpMyAdmin 2.2.1), you need to supply the details of a MySQL account that has SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns) & mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables. This account is used to check what databases the user will see at login. Please see the install section on "Using authentication modes" for more information. Note that if you try login to phpMyAdmin with this "controluser", you could get some errors, depending the exact privileges you gave to the "controluser". phpMyAdmin does not support a direct login with the "controluser". In phpMyAdmin versions before 2.2.5, those were called "stduser/stdpass". $cfg['Servers'][$i]['auth_type'] string ['http'|'cookie'|'config'] Whether config or cookie or http authentication should be used for this server. + 'config' authentication ($auth_type = 'config') is the plain old way: username and password are stored in config.inc.php. + 'cookie' authentication mode ($auth_type = 'cookie') as introduced in 2.2.3 allows you to log in as any valid MySQL user with the help of cookies. Log name and password are stored in cookies during the session and password is deleted when it ends. This can also allow you to login in arbitrary server if $cfg['AllowArbitraryServer'] enabled. + 'http' authentication (was called 'advanced' in older versions) ($auth_type = 'http') as introduced in 1.3.0 allows you to log in as any valid MySQL user via HTTP-Auth. Please see the install section on "Using authentication modes" for more information. $cfg['Servers'][$i]['user'] string $cfg['Servers'][$i]['password'] string The user/password-pair which phpMyAdmin will use to connect to this MySQL-server. This user/password pair is not needed when HTTP or cookie authentication is used, and should be empty. $cfg['Servers'][$i]['only_db'] string or array If set to a (an array of) database name(s), only this (these) database(s) will be shown to the user. Since phpMyAdmin 2.2.1, this/these database(s) name(s) may contain MySQL wildcards characters ("_" and "%"): if you want to use literal instances of these characters, escape them (I.E. use 'my\_db' and not 'my_db'). This setting is an efficient way to lower the server load since the latter does not need to send MySQL requests to build the available database list. But it does not replace the privileges rules of the MySQL database server. If set, it just means only these databases will be displayed but not that all other databases can't be used. An example of using more that one database: $cfg['Servers'][$i]['only_db'] = array('db1', 'db2'); As of phpMyAdmin 2.5.5 the order inside the array is used for sorting the databases in the left frame, so that you can individually arrange your databases. If you want to have certain databases at the top, but don't care about the others, you do not need to specify all other databases. Use: $cfg['Servers'][$i]['only_db'] = array('db3', 'db4', '*'); instead to tell phpMyAdmin that it should display db3 and db4 on top, and the rest in alphabetic order. $cfg['Servers'][$i]['verbose'] string Only useful when using phpMyAdmin with multiple server entries. If set, this string will be displayed instead of the hostname in the pull-down menu on the main page. This can be useful if you want to show only certain databases on your system, for example. $cfg['Servers'][$i]['pmadb'] string The name of the database containing the linked-tables infrastructure. See the Linked-tables infrastructure section in this document to see the benefits of this infrastructure, and for a quick way of creating this database and the needed tables. If you are the only user of this phpMyAdmin installation, you can use your current database to store those special tables; in this case, just put your current database name in $cfg['Servers'][$i]['pmadb']. For a multi-user installation, set this parameter to the name of your central database containing the linked-tables infrastructure. $cfg['Servers'][$i]['bookmarktable'] string Since release 2.2.0 phpMyAdmin allows to bookmark queries. This can be useful for queries you often run. To allow the usage of this functionality: + set up pmadb and the linked-tables infrastructure + enter the table name in $cfg['Servers'][$i]['bookmarktable'] $cfg['Servers'][$i]['relation'] string Since release 2.2.4 you can describe, in a special 'relation' table, which field is a key in another table (a foreign key). phpMyAdmin currently uses this to + make clickable, when you browse the master table, the data values that point to the foreign table; + display in an optional tool-tip the "display field" when browsing the master table, if you move the mouse to a column containing a foreign key (use also the 'table_info' table); (see FAQ 6.7) + in edit/insert mode, display a drop-down list of possible foreign keys (key value and "display field" are shown) (see FAQ 6.21) + display links on the table properties page, to check referential integrity (display missing foreign keys) for each described key; + in query-by-example, create automatic joins (see FAQ 6.6) + enable you to get a PDF schema of your database (also uses the table_coords table). The keys can be numeric or character. To allow the usage of this functionality: + set up pmadb and the linked-tables infrastructure + put the relation table name in $cfg['Servers'][$i]['relation'] + now as normal user open phpMyAdmin and for each one of your tables where you want to use this feature, click "Structure/Relation view/" and choose foreign fields. Please note that in the current version, master_db must be the same as foreign_db. Those fields have been put in future development of the cross-db relations. $cfg['Servers'][$i]['table_info'] string Since release 2.3.0 you can describe, in a special 'table_info' table, which field is to be displayed as a tool-tip when moving the cursor over the corresponding key. This configuration variable will hold the name of this special table. To allow the usage of this functionality: + set up pmadb and the linked-tables infrastructure + put the table name in $cfg['Servers'][$i]['table_info'] + then for each table where you want to use this feature, click "Structure/Relation view/Choose field to display" to choose the field. Usage tip: Display field. $cfg['Servers'][$i]['table_coords'] string $cfg['Servers'][$i]['pdf_pages'] string Since release 2.3.0 you can have phpMyAdmin create PDF pages showing the relations between your tables. To do this it needs two tables "pdf_pages" (storing information about the available PDF pages) and "table_coords" (storing coordinates where each table will be placed on a PDF schema output). You must be using the "relation" feature. To allow the usage of this functionality: + set up pmadb and the linked-tables infrastructure + put the correct table names in $cfg['Servers'][$i]['table_coords'] and $cfg['Servers'][$i]['pdf_pages'] Usage tips: PDF output. $cfg['Servers'][$i]['column_info'] string Since release 2.3.0 you can store comments to describe each column for each table. These will then be shown on the "printview". Starting with release 2.5.0, comments are consequently used on the table property pages and table browse view, showing up as tool-tips above the column name (properties page) or embedded within the header of table in browse view. They can also be shown in a table dump. Please see the relevant configuration directives later on. Also new in release 2.5.0 is a MIME-transformation system which is also based on the following table structure. See Transformations for further information. To use the MIME-transformation system, your column_info table has to have the three new fields 'mimetype', 'transformation', 'transformation_options'. To allow the usage of this functionality: + set up pmadb and the linked-tables infrastructure + put the table name in $cfg['Servers'][$i]['column_info'] + to update your PRE-2.5.0 Column_comments Table use this: ALTER TABLE `pma_column_comments` ADD `mimetype` VARCHAR( 255 ) NOT NULL , ADD `transformation` VARCHAR( 255 ) NOT NULL , ADD `transformation_options` VARCHAR( 255 ) NOT NULL ; and remember that the Variable in config.inc.php has been renamed from $cfg['Servers'][$i]['column_comments'] to $cfg['Servers'][$i]['column_info'] $cfg['Servers'][$i]['history'] string Since release 2.5.0 you can store your SQL history, which means all queries you entered manually into the phpMyAdmin interface. If you don't want to use a table- based history, you can use the JavaScript-based history. Using that, all your history items are deleted when closing the window. Using $cfg['QueryHistoryMax'] you can specify an amount of history items you want to have on hold. On every login, this list gets cut to the maximum amount. The query history is only available if you use the JavaScript-based query window, see $cfg['QueryFrame']. To allow the usage of this functionality: + set up pmadb and the linked-tables infrastructure + put the table name in $cfg['Servers'][$i]['history'] $cfg['Servers'][$i]['verbose_check'] boolean Because release 2.5.0 introduced the new MIME-transformation support, the column_info table got enhanced with three new fields. If the above variable is set to TRUE (default) phpMyAdmin will check if you have the latest table structure available. If not, it will emit a warning to the superuser. You can disable this checking behavior by setting the variable to false, which should offer a performance increase. Recommended to set to FALSE, when you are sure, your table structure is up to date. $cfg['Servers'][$i]['AllowRoot'] boolean Whether to allow root access, This is just simplification of rules below. $cfg['Servers'][$i]['AllowDeny']['order'] string If your rule order is empty, then IP authentication is disabled. If your rule order is set to 'deny,allow' then the system applies all deny rules followed by allow rules. Access is allowed by default. Any client which does not match a Deny command or does match an Allow command will be allowed access to the server. If your rule order is set to 'allow,deny' then the system applies all allow rules followed by deny rules. Access is denied by default. Any client which does not match an Allow directive or does match a Deny directive will be denied access to the server. If your rule order is set to 'explicit', the authentication is performed in a similar fashion to rule order 'deny,allow', with the added restriction that your host/username combination must be listed in the allow rules, and not listed in the deny rules. This is the most secure means of using Allow/Deny rules, and was available in Apache by specifying allow and deny rules without setting any order. $cfg['Servers'][$i]['AllowDeny']['rules'] array of strings The general format for the rules is as such: <'allow' | 'deny'> [from] If you wish to match all users, it is possible to use a '%' as a wildcard in the username field. There are a few shortcuts you can use in the ipmask field as well: 'all' -> 0.0.0.0/0 'localhost' -> 127.0.0.1/8 Having an empty rule list is equivalent to either using 'allow % from all' if your rule order is set to 'deny,allow' or 'deny % from all' if your rule order is set to 'allow,deny' or 'explicit'. For the IP matching system, the following work: xxx.xxx.xxx.xxx (an exact IP address) xxx.xxx.xxx.[yyy-zzz] (an IP address range) xxx.xxx.xxx.xxx/nn (CIDR, Classless Inter-Domain Routing type IP addresses) But the following does not work: xxx.xxx.xxx.xx[yyy-zzz] (partial IP address range) $cfg['ServerDefault'] integer If you have more than one server configured, you can set $cfg['ServerDefault'] to any one of them to autoconnect to that server when phpMyAdmin is started, or set it to 0 to be given a list of servers without logging in. If you have only one server configured, $cfg['ServerDefault'] MUST be set to that server. $cfg['OBGzip'] string/boolean Defines whether to use GZip output buffering for increased speed in HTTP transfers. Set to true/false for enabling/disabling. When set to 'auto' (string), phpMyAdmin tries to enable output buffering and will automatically disable it, if your browser has some problems with buffering. IE6 with a certain patch is known to cause data corruption having enabled buffering. $cfg['PersistentConnections'] boolean Whether persistent connections should be used or not (mysql_connect or mysql_pconnect). $cfg['ExecTimeLimit'] integer [number of seconds] Set the number of seconds a script is allowed to run. If seconds is set to zero, no time limit is imposed. This setting is used while importing/exporting dump files but has no effect when PHP is running in safe mode. $cfg['SkipLockedTables'] boolean Mark used tables and make it possible to show databases with locked tables (since 3.23.30). $cfg['ShowSQL'] boolean Defines whether SQL-queries generated by phpMyAdmin should be displayed or not. $cfg['AllowUserDropDatabase'] boolean Defines whether normal users (non-administrator) are allowed to delete their own database or not. If set as FALSE, the link "Drop Database" will not be shown, and even a "DROP DATABASE mydatabase" will be rejected. Quite practical for ISP's with many customers. $cfg['Confirm'] boolean Whether a warning ("Are your really sure...") should be displayed when you're about to lose data. $cfg['LoginCookieRecall'] boolean Define whether the previous login should be recalled or not in cookie authentication mode. $cfg['UseDbSearch'] boolean Define whether the "search string inside database" is enabled or not. $cfg['IgnoreMultiSubmitErrors'] boolean Define whether phpMyAdmin will continue executing a multi-query statement if one of the queries fails. Default is to abort execution. $cfg['VerboseMultiSubmit'] boolean Define whether phpMyAdmin will output the results of each query of a multi-query statement embedded into the SQL output as inline comments. Defaults to TRUE. $cfg['AllowArbitraryServer'] boolean If enabled allows you to login to arbitrary server using cookie auth. NOTE: Please use this carefully, as this may allow to access MySQL servers behind firewall where your http server is placed. $cfg['LeftFrameLight'] boolean Defines whether to use select-based menu and display only the current tables in the left frame (smaller page). Only in Non-Lightmode you can use the feature to display nested folders using $cfg['LeftFrameTableSeparator'] $cfg['LeftFrameTableSeparator'] string Defines a string to be used to nest table spaces. Defaults to '__'. This means if you have tables like 'first__second__third' this will be shown as a three-level hierarchie like: first > second > third. If set to FALSE or empty, the feature is disabled. NOTE: You shall not use this Separator in a table name at the beginning or end of a table name, or multiple times after another without any other characters in between. $cfg['LeftFrameTableLevel'] string Defines how many sublevels should be displayed when splitting up tables by the above Separator. $cfg['ShowTooltip'] boolean Defines whether to display table comment as tool-tip in left frame or not. $cfg['ShowTooltipAliasDB'] boolean If tool-tips are enabled and a DB comment is set, this will flip the comment and the real name. That means, if you have a table called 'user0001' and add the comment 'MyName' on it, you will see the name 'MyName' used consequently in the left frame and the tool-tip shows the real name of the DB. $cfg['ShowTooltipAliasTB'] boolean/string Same as $cfg['ShowTooltipAliasDB'], except this works for table names. When setting this to 'nested', the Alias of the Tablename is only used to split/nest the tables according to the $cfg['LeftFrameTableSeparator'] directive. So only the folder is called like the Alias, the tablename itself stays the real tablename. $cfg['LeftDisplayLogo'] boolean Defines whether to display the phpMyAdmin logo at the top of the left frame or not. Defaults to TRUE. $cfg['LeftDisplayServers'] boolean Defines whether to display a server choice at the top of the left frame or not. Defaults to FALSE. $cfg['DisplayServersList'] boolean Defines whether to display this server choice as links instead of in a drop-down. Defaults to FALSE (drop-down). $cfg['ShowStats'] boolean Defines whether to display space usage and statistics about databases and tables or not. Note that statistics requires at least MySQL 3.23.3 and that, at this date, MySQL doesn't return such information for Berkeley DB tables. $cfg['ShowMysqlInfo'] boolean $cfg['ShowMysqlVars'] boolean $cfg['ShowPhpInfo'] boolean $cfg['ShowChgPassword'] boolean Defines whether to display the "MySQL runtime information", "MySQL system variables", "PHP information" and "Change password " links or not for simple users at the starting main (right) frame. This setting does not check MySQL commands entered directly. Please note that to block the usage of phpinfo() in scripts, you have to put this in your php.ini: disable_functions = phpinfo() Also note that enabling the "Change password " link has no effect with "config" authentication mode: because of the hard coded password value in the configuration file, end users can't be allowed to change their passwords. $cfg['SuggestDBName'] boolean Defines whether to suggest a database name on the "Create Database" form or to keep the textfield empty. $cfg['ShowBlob'] boolean Defines whether BLOB fields are shown when browsing a table's content or not. $cfg['NavigationBarIconic'] boolean Defines whether navigation bar buttons contain text or symbols only. $cfg['ShowAll'] boolean Defines whether an user should be displayed a "show all (records)" button in browse mode or not. $cfg['MaxRows'] integer Number of rows displayed when browsing a result set. If the result set contains more rows, Previous/Next links will be shown. $cfg['Order'] string [DESC|ASC|SMART] Defines whether fields are displayed in ascending (ASC) order, in descending (DESC) order or in a "smart" (SMART) order - I.E. descending order for fields of type TIME, DATE, DATETIME & TIMESTAMP, ascending order else- by default. $cfg['ProtectBinary'] boolean or string Defines whether BLOB or BINARY fields are protected from edition when browsing a table's content or not. Valid values are: - FALSE to allow edition of all fields; - blob to allow edition of all fields except BLOBS; - all to disallow edition of all BINARY or BLOB fields. $cfg['ShowFunctionFields'] boolean Defines whether MySQL functions fields should be displayed or not in edit/insert mode. $cfg['CharEditing'] string Defines which type of editing controls should be used for CHAR and VARCHAR fields. Possible values are: + input - this allows to limit size of text to size of field in MySQL, but has problems with newlines in fields + textarea - no problems with newlines in fields, but also no length limitations Default is old behavior so input. $cfg['ZipDump'] boolean $cfg['GZipDump'] boolean $cfg['BZipDump'] boolean Defines whether to allow the use of zip/GZip/BZip2 compression when creating a dump file or not. $cfg['CompressOnFly'] boolean Defines whether to allow on the fly compression for GZip/BZip2 compressed exports. This doesn't affect smaller dumps and allows to create larger dumps, that won't fit otherwise in memory due to php memory limit. Produced files contain more GZip/BZip2 headers, but all normal programs handle this correctly. $cfg['LightTabs'] string If set to True, do use less graphically intense tabs on the top of the mainframe. $cfg['PropertiesIconic'] string If set to True, will display icons instead of text for db and table properties links (like 'Browse', 'Select', 'Insert', ...). Can be set to 'both' if you want icons AND text. When set to False, will only show text. $cfg['PropertiesNumColumns'] integer How many columns will be utilized to display the tables on the database property view? Default is 1 column. When setting this to a value larger than 1, the type of the database will be omitted for more display space. $cfg['DefaultTabServer'] string Defines the tab displayed by default on server view. Possible values: "main.php" (recommended for multi-user setups), "server_databases.php","server_status.php","server_variables.php", "server_privileges.php" or "server_processlist.php". $cfg['DefaultTabDatabase'] string Defines the tab displayed by default on database view. Possible values: "db_details_structure.php", "db_details.php" or "db_search.php". $cfg['DefaultTabTable'] string Defines the tab displayed by default on table view. Possible values: "tbl_properties_structure.php", "tbl_properties.php", "tbl_select.php" or "tbl_change.php". $cfg['MySQLManualBase'] string If set to an URL which points to the MySQL documentation (type depends on $cfg['MySQLManualType']), appropriate help links are generated. See MySQL Documentation page for more information about MySQL manuals and their types. $cfg['MySQLManualType'] string Type of MySQL documentation: + old - old style used in phpMyAdmin 2.3.0 and earlier + searchable - "Searchable, with user comments" + chapters - "HTML, one page per chapter" + big - "HTML, all on one page" + none - do not show documentation links $cfg['DefaultLang'] string Defines the default language to use, if not browser-defined or user-defined. See the select_lang.lib.php script to know the valid values for this setting. $cfg['Lang'] string Force: always use this language (must be defined in the select_lang.lib.php script). $cfg['DefaultCharset'] string Default character set to use for recoding of MySQL queries. This must be enabled and it's described by $cfg['AllowAnywhereRecoding'] option. You can give here any character set which is in $cfg['AvailableCharsets'] array and this is just default choice, user can select any of them. $cfg['AllowAnywhereRecoding'] boolean Allow character set recoding of MySQL queries. You need recode or iconv support (compiled in or module) in PHP to allow MySQL queries recoding and used language file must have it enabled (by default only these which are in Unicode, just to avoid losing some characters). $cfg['RecodingEngine'] string You can select here which functions will be used for character set conversion. Possible values are: + auto - automatically use available one (first is tested iconv, then recode) + iconv - use iconv or libiconv functions + recode - use recode_string function Default is auto. $cfg['IconvExtraParams'] string Specify some parameters for iconv used in charset conversion. See iconv documentation for details. $cfg['AvailableCharsets'] array Available character sets for MySQL conversion. You can add your own (any of supported by recode/iconv) or remove these which you don't use. Character sets will be shown in same order as here listed, so if you frequently use some of these move them to the top. $cfg['GD2Available'] string Specifies whether GD >= 2 is available. If yes it can be used for MIME transformations. Possible values are: + auto - automatically detect, this is a bit expensive operation for php < 4.3.0 so it is preferred to change this according to your server real possibilities + yes - GD 2 functions can be used + no - GD 2 function cannot be used Default is auto. $cfg['LeftWidth'] integer Left frame width in pixel. See themes/themename/layout.inc.php. $cfg['LeftBgColor'] string [HTML color] $cfg['RightBgColor'] string [HTML color] The background colors (HTML) used for both the frames. See themes/themename/layout.inc.php. $cfg['RightBgImage'] string The URI of the background image used for the right frame. It must be an absolute URI. See themes/themename/layout.inc.php. $cfg['LeftPointerColor'] string [HTML color] The color (HTML) used for the pointer in the left frame (does not work with Netscape 4). See themes/themename/layout.inc.php. $cfg['LeftPointerEnable'] boolean A value of TRUE activates the left pointer (when LeftFrameLight is FALSE). $cfg['Border'] integer The size of a table's border. See themes/themename/layout.inc.php. $cfg['ThBgcolor'] string [HTML color] The color (HTML) used for table headers. See themes/themename/layout.inc.php. $cfg['BgcolorOne'] string [HTML color] The color (HTML) #1 for table rows. See themes/themename/layout.inc.php. $cfg['BgcolorTwo'] string [HTML color] The color (HTML) #2 for table rows. See themes/themename/layout.inc.php. $cfg['BrowsePointerColor'] string [HTML color] $cfg['BrowseMarkerColor'] string [HTML color] The colors (HTML) uses for the pointer and the marker in browse mode (does not work with Netscape 4). The former feature highlights the row over which your mouse is passing and the latter lets you visually mark/unmark rows by clicking on them. See themes/themename/layout.inc.php. $cfg['BrowsePointerEnable'] boolean Whether to activate the browse pointer or not. $cfg['BrowseMarkerEnable'] boolean Whether to activate the browse marker or not. $cfg['TextareaCols'] integer $cfg['TextareaRows'] integer $cfg['CharTextareaCols'] integer $cfg['CharTextareaRows'] integer Number of columns and rows for the textareas. This value will be emphasized (*2) for SQL query textareas and (*1.25) for SQL textareas inside the query window. The Char* values are used for CHAR and VARCHAR editing (if configured via $cfg['CharEditing']). $cfg['LongtextDoubleTextarea'] boolean Defines whether textarea for LONGTEXT fields should have double size. $cfg['TextareaAutoSelect'] boolean Defines if the whole textarea of the query box will be selected on click. $cfg['CtrlArrowsMoving'] boolean Enable Ctrl+Arrows (Option+Arrows in Safari) moving between fields when editing? $cfg['LimitChars'] integer Maximal number of Chars showed in any non-numeric field on browse view. Can be turned off by a toggle button on the browse page. $cfg['ModifyDeleteAtLeft'] boolean $cfg['ModifyDeleteAtRight'] boolean Defines the place where modify and delete links would be put when tables contents are displayed (you may have them displayed both at the left and at the right). "Left" and "right" are parsed as "top" and "bottom" with vertical display mode. $cfg['DefaultDisplay'] string $cfg['HeaderFlipType'] string There are 3 display modes: horizontal, horizontalflipped and vertical. Define which one is displayed by default. The first mode displays each row on a horizontal line, the second rotates the headers by 90 degrees, so you can use descriptive headers even though fields only contain small values and still print them out. The vertical mode sorts each row on a vertical lineup. The HeaderFlipType can be set to 'css' or 'faked'. When using 'css' the rotation of the header for horizontalflipped is done via CSS. If set to 'faked' PHP does the transformation for you, but of course this does not look as good as CSS. $cfg['DefaultPropDisplay'] string When editing/creating new columns in a table all fields normally get lined up one field a line. (default: 'horizontal'). If you set this to 'vertical' you can have each field lined up vertically beneath each other. You can save up a lot of place on the horizontal direction and no longer have to scroll. $cfg['ShowBrowseComments'] boolean $cfg['ShowPropertyComments'] boolean By setting the corresponding variable to TRUE you can enable the display of column comments in Browse or Property display. In browse mode, the comments are show inside the header. In property mode, comments are displayed using a CSS-formatted dashed-line below the name of the field. The comment is shown as a tool-tip for that field. $cfg['UploadDir'] string The name of the directory, where SQL files have been uploaded by other means than phpMyAdmin (for example, ftp). Those files are available under a drop-down box when you click the database name, then the SQL tab. Please note that the file names must have the suffix ".sql" (or ".sql.bz2" or ".sql.gz" if support for compressed formats is enabled). This feature is useful when your file is too big to be uploaded via HTTP, or when file uploads are disabled in PHP. Please note that if PHP is running in safe mode, this directory must be owned by the same user as the owner of the phpMyAdmin scripts. See also FAQ 1.16 for alternatives. $cfg['docSQLDir'] string The name of the directory, where docSQL files can be uploaded for import into phpMyAdmin. Please note that if PHP is running in safe mode, this directory must be owned by the same user as the owner of the phpMyAdmin scripts. $cfg['SaveDir'] string The name of the directory, where dumps can be saved. Please note that the directory has to be writable for user running webserver. Please note that if PHP is running in safe mode, this directory must be owned by the same user as the owner of the phpMyAdmin scripts. $cfg['TempDir'] string The name of the directory, where temporary files can be stored. This is needed for native MS Excel export, see FAQ 6.23 $cfg['Export'] array In this array are defined default parameters for export, names of items are similar to texts seen on export page, so you can easily identify what they mean. $cfg['RepeatCells'] integer Repeat the headers every X cells, or 0 to deactivate. $cfg['QueryFrame'] boolean $cfg['QueryFrameJS'] boolean $cfg['QueryWindowWidth'] integer $cfg['QueryWindowHeight'] integer $cfg['QueryHistoryDB'] boolean $cfg['QueryWindowDefTab'] string $cfg['QueryHistoryMax'] integer All those variables affect the query box feature. When $cfg['QueryFrame'] is set to true, a link or icon is displayed on the left panel. Clicking on it opens the query box, a direct interface to enter SQL queries. When $cfg['QueryFrameJS'] is set to true, clicking on that link opens the query box, a new custom sized browser window ($cfg['QueryWindowWidth'], $cfg['QueryWindowWidth'] - both integers for the size in pixels). Also, a click on [Edit] from the results page (in the "Showing Rows" section) opens the query box and puts the current query inside it. If set to false, clicking on the link only opens the SQL input in the main frame. The usage of the JavaScript query window is recommended if you have a JavaScript enabled browser. Basic functions are used to exchange quite a few variables, so most 4th generation browsers should be capable to use that feature. It currently is only tested with Internet Explorer 6 and Mozilla 1.x. If $cfg['QueryHistoryDB'] is set to TRUE, all your Queries are logged to a table, which has to be created by you (see $cfg['Servers'][$i]['history']). If set to FALSE, all your queries will be appended to the form, but only as long as your window is opened they remain saved. When using the JavaScript based query window, it will always get updated when you click on a new table/db to browse and will focus if you click on "Edit SQL" after using a query. You can suppress updating the query window by checking the box "Do not overwrite this query from outside the window" below the query textarea. Then you can browse tables/databases in the background without losing the contents of the textarea, so this is especially useful when composing a query with tables you first have to look in. The checkbox will get automatically checked whenever you change the contents of the textarea. Please uncheck the button whenever you definitely want the query window to get updated even though you have made alterations. If $cfg['QueryHistoryDB'] is set to TRUE you can specify the amount of saved history items using $cfg['QueryHistoryMax']. The query window also has a custom tabbed look to group the features. Using the variable $cfg['QueryWindowDefTab'] you can specify the default tab to be used when opening the query window. It can be set to either 'sql', 'files', 'history' or 'full'. $cfg['BrowseMIME'] boolean Enable MIME-transformations. $cfg['MaxExactCount'] integer Determines for how large tables phpMyAdmin should get exact row count by SELECT COUNT. If approximate row count is smaller than this value, SELECT COUNT will be used, otherwise only value returned by SHOW TABLE STATUS. This has currently an impact only on InnoDB tables. $cfg['WYSIWYG-PDF'] boolean Utilizes a WYSIWYG editing control to easily place elements of a PDF page. By clicking on the button 'toggle scratchboard' on the page where you edit x/y coordinates of those elements you can activate a scratchboard where all your elements are placed. By clicking on an element, you can move them around in the pre-defined area and the x/y coordinates will get updated dynamically. Likewise, when entering a new position directly into the input field, the new position in the scratchboard changes after your cursor leaves the input field. You have to click on the 'OK'-button below the tables to save the new positions. If you want to place a new element, first add it to the table of elements and then you can drag the new element around. By changing the paper size and the orientation you can change the size of the scratchboard as well. You can do so by just changing the dropdown field below, and the scratchboard will resize automatically, without interfering with the current placement of the elements. If ever an element gets out of range you can either enlarge the paper size or click on the 'reset' button to place all elements below each other. NOTE: You have to use a recent browser like IE6 or Mozilla to get this control to work. The basic Drag&Drop script functionality was kindly borrowed from www.youngpup.net and is underlying so specific license. $cfg['NaturalOrder'] boolean Sorts database and table names according to natural order (for example, t1, t2, t10). Currently implemented in the left panel (Light mode) and in Database view, for the table list. $cfg['ShowHttpHostTitle'] boolean Shows the HTTP host name in window's title bar. $cfg['SetHttpHostTitle'] string If $cfg['ShowHttpHostTitle'] is TRUE, it shows the real HTTP host name, unless an alternate name is set here. $cfg['ErrorIconic'] boolean Uses icons for warnings, errors and informations. $cfg['MainPageIconic'] boolean Uses icons on main page in lists, on right panel top menu and menu tabs. $cfg['ReplaceHelpImg'] boolean Shows a help button instead of the "Documentation" message. $cfg['ThemePath'] string If theme manager is active, use this as the path of the subdirectory containing all the themes. $cfg['ThemeManager'] boolean Enables user-selectable themes. See FAQ 2.7. $cfg['ThemeDefault'] string The default theme (a subdirectory under cfg['ThemePath']). $cfg['DefaultQueryTable'] string $cfg['DefaultQueryDatabase'] string Default queries that will be displayed in query boxes when user didn't specify any. Use %d for database name, %t for table name and %f for a comma separated list of field names. Note that %t and %f are only applicable to $cfg['DefaultQueryTable']. $cfg['SQP']['fmtType'] string [html|none] The main use of the new SQL Parser is to pretty-print SQL queries. By default we use HTML to format the query, but you can disable this by setting this variable to 'none'. $cfg['SQP']['fmtInd'] float $cfg['SQP']['fmtIndUnit'] string [em|px|pt|ex] For the pretty-printing of SQL queries, under some cases the part of a query inside a bracket is indented. By changing $cfg['SQP']['fmtInd'] you can change the amount of this indent. Related in purpose is $cfg['SQP']['fmtIndUnit'] which specifies the units of the indent amount that you specified. This is used via stylesheets. $cfg['SQP']['fmtColor'] array of string tuples This array is used to define the colours for each type of element of the pretty-printed SQL queries. The tuple format is class => [HTML colour code | empty string] If you specify an empty string for the color of a class, it is ignored in creating the stylesheet. You should not alter the class names, only the colour strings. Class name key: + comment Applies to all comment sub-classes + comment_mysql Comments as "#...\n" + comment_ansi Comments as "-- ...\n" + comment_c Comments as "/*...*/" + digit Applies to all digit sub-classes + digit_hex Hexadecimal numbers + digit_integer Integer numbers + digit_float Floating point numbers + punct Applies to all punctuation sub-classes + punct_bracket_open_round Opening brackets"(" + punct_bracket_close_round Closing brackets ")" + punct_listsep List item Separator "," + punct_qualifier Table/Column Qualifier "." + punct_queryend End of query marker ";" + alpha Applies to all alphabetic classes + alpha_columnType Identifiers matching a column type + alpha_columnAttrib Identifiers matching a database/table/column attribute + alpha_functionName Identifiers matching a MySQL function name + alpha_reservedWord Identifiers matching any other reserved word + alpha_variable Identifiers matching a SQL variable "@foo" + alpha_identifier All other identifiers + quote Applies to all quotation mark classes + quote_double Double quotes " + quote_single Single quotes ' + quote_backtick Backtick quotes ` $cfg['SQLValidator']['use'] boolean phpMyAdmin now supports use of the Mimer SQL Validator service, as originally published on Slashdot. For help in setting up your system to use the service, see the FAQ #6.14. $cfg['SQLValidator']['username'] string $cfg['SQLValidator']['password'] string The SOAP service allows you to login with anonymous and any password, so we use those by default. Instead, if you have an account with them, you can put your login details here, and it will be used in place of the anonymous login. $cfg['DBG']['enable'] boolean DEVELOPERS ONLY! Enable the DBG extension for debugging phpMyAdmin. Required for profiling the code. For help in setting up your system to this, see the Developers section. $cfg['DBG']['profile']['enable'] boolean DEVELOPERS ONLY! Enable profiling support for phpMyAdmin. This will append a chunk of data to the end of every page displayed in the main window with profiling statistics for that page. You may need to increase the maximum execution time for this to complete successfully. $cfg['DBG']['profile']['threshold'] float (units in milliseconds) DEVELOPERS ONLY! When profiling data is displayed, this variable controls the threshold of display for any profiling data, based on the average time each time has taken. If it is over the threshold it is displayed, otherwise it is not displayed. This takes a value in milliseconds. In most cases you don't need to edit this. $cfg['ColumnTypes'] array All possible types of a MySQL column. In most cases you don't need to edit this. $cfg['AttributeTypes'] array Possible attributes for fields. In most cases you don't need to edit this. $cfg['Functions'] array A list of functions MySQL supports. In most cases you don't need to edit this. $cfg['RestrictColumnTypes'] array Mapping of column types to meta types used for preferring displayed functions. In most cases you don't need to edit this. $cfg['RestrictFunctions'] array Functions preferred for column meta types as defined in $cfg['RestrictColumnTypes']. In most cases you don't need to edit this. $cfg['DefaultFunctions'] array Functions selected by default when insering/changing row, Functions are defined for meta types from $cfg['RestrictColumnTypes'] and for first_timestamp, which is used for first timestamp column in table. $cfg['NumOperators'] array Operators available for search operations on numeric and date fields. $cfg['TextOperators'] array Operators available for search operations on character fields. Note that we put LIKE by default instead of LIKE %...%, to avoid unintended performance problems in case of huge tables. $cfg['EnumOperators'] array Operators available for search operations on enum fields. $cfg['NullOperators'] array Additionnal operators available for search operations when the field can be null. Transformations Introduction - Usage - File structure [1. Introduction] To enable transformations, you have to setup the column_info table and th e proper directives. Please see the Configuration section on how to do s o. You can apply different transformations to the contents of each field. Th e transformation will take the content of each field and transform it wi th certain rules defined in the selected transformation. Say you have a field 'filename' which contains a filename. Normally you w ould see in phpMyAdmin only this filename. Using transformations you can transform that filename into a HTML link, so you can click inside of th e phpMyAdmin structure on the field's link and will see the file display ed in a new browser window. Using transformation options you can also sp ecify strings to append/prepend to a string or the format you want the o utput stored in. For a general overview of all available transformations and their options , you can consult your //libraries/ transformations/overview.php installation. For a tutorial on how to effectively use transformations, see our Link se ction on the official phpMyAdmin-homepage. [2. Usage] Go to your tbl_properties.inc.php page (i.e. reached through clicking on the 'properties' link for a table). There click on "Change" (or change i con) and there you will see three new fields at the end of the line. The y are called 'MIME-type', 'Browser transformation' and 'Transformation o ptions'. * The field 'MIME-type' is a dropdown field. You have the options to le ave that field empty or to use 'auto' [this feature is not yet available]. Please note that transformations are inactive as long as no MIME-type is selected. * The field 'Browser transformation' is a drop-down field. You can choo se from a hopefully growing amount of pre-defined transformations. See below for information on how to build your own transformation. There are global transformations and mimetype-bound transformations. Global transformations can be used for any mimetype. They will take the mimetype, if necessary, into regard. Mimetype-bound transformations usually only operate on a certain mimetype. There are transformations which operate on the main mimetype (like 'image'), which will most likely take the subtype into regard, and those who only operate on a specific subtype (like 'image/jpeg'). You can use transformations on mimetypes for which the function was not defined for. There is no security check for you selected the right transformation, so take care of what the output will be like. * The field 'Transformation options' is a free-type textfield. You have to enter transform-function specific options here. Usually the transforms can operate with default options, but it is generally a good idea to look up the overview to see which options are necessary. Much like the ENUM/SET-Fields, you have to split up several options using the format 'a','b','c',...(NOTE THE MISSING BLANKS). This is because internally the options will be parsed as an array, leaving the first value the first element in the array, and so forth. If you want to specify a MIME character set you can define it in the transformation_options. You have to put that outside of the pre-defined options of the specific mime-transform, as the last value of the set. Use the format "'; charset=XXX'". If you use a transform, for which you can specify 2 options and you want to append a character set, enter "'first parameter','second parameter','charset=us-ascii'". You can, however use the defaults for the parameters: "'','','charset=us-ascii'". [3. File structure] All mimetypes and their transformations are defined through single files in the directory 'libraries/transformations/'. They are stored in files to ease up customization and easy adding of new transformations. Because the user cannot enter own mimetypes, it is kept sure that transfo rmations always work. It makes no sense to apply a transformation to a m imetype, the transform-function doesn't know to handle. One can, however, use empty mime-types and global transformations which s hould work for many mimetypes. You can also use transforms on a differen t mimetype they where built for, but pay attention to option usage as we ll as what the transformation does to your field. There is a basic file called 'global.inc.php'. This function can be inclu ded by any other transform function and provides some basic functions. There are 5 possible file names: 1. A mimetype+subtype transform: [mimetype]_[subtype]__[transform].inc.php Please not that mimetype and subtype are separated via '_', which shall not be contained in their names. The transform function/filename may contain only characters which cause no problems in the file system as well as the PHP function naming convention. The transform function will the be called 'PMA_transform_[mimetype]_[subtype]__[transform]()'. Example: text_html__formatted.inc.php PMA_transform_text_html__formatted() 2. A mimetype (w/o subtype) transform: [mimetype]__[transform].inc.php Please note that there are no single '_' characters. The transform function/filename may contain only characters which cause no problems in the file system as well as the PHP function naming convention. The transform function will the be called 'PMA_transform_[mimetype]__[transform]()'. Example: text__formatted.inc.php PMA_transform_text__formatted() 3. A mimetype+subtype without specific transform function [mimetype]_[subtype].inc.php Please note that there are no '__' characters in the filename. Do not use special characters in the filename causing problems with the file system. No transformation function is defined in the file itself. Example: text_plain.inc.php (No function) 4. A mimetype (w/o subtype) without specific transform function [mimetype].inc.php Please note that there are no '_' characters in the filename. Do not use special characters in the filename causing problems with the file system. No transformation function is defined in the file itself. Example: text.inc.php (No function) 5. A global transform function with no specific mimetype global__[transform].inc.php The transform function will the be called 'PMA_transform_global__[transform]()'. Example: global__formatted PMA_transform_global__formatted() So generally use '_' to split up mimetype and subtype, and '__' to provid e a transform function. All filenames containing no '__' in themselves are not shown as valid tra nsform functions in the dropdown. Please see the libraries/transformations/TEMPLATE file for adding your ow n transform function. See the libraries/transformations/TEMPLATE_MIMETYP E for adding a mimetype without a transform function. Also note the intr oduction of a function description in the language files. For each funct ion a $strTransformation_[filename without .inc.php] has to exist. You can use the template generator to generate new functions and entries in the language file. To create a new transform function please see libraries/transformations/t emplate_generator.sh. To create a new, empty mimetype please see librari es/transformations/template_generator_mimetype.sh. A transform function always gets passed three variables: 1. $buffer - Contains the text inside of the column. This is the text, y ou want to transform. 2. $options - Contains any user-passed options to a transform function a s an array. 3. $meta - Contains an object with field information to your column. The data is drawn from the output of the mysql_fetch_field() function. This means, all object properties described on the manual page are available in this variable and can be used to transform a field accordingly to unsigned/zerofill/not_null/... properties. The $meta->mimetype variable contains the original MIME-type of the field (i.e. 'text/plain', 'image/jpeg' etc.) FAQ - Frequently Asked Questions Server - Configuration - Limitations - Multi-user - Browsers - Usage tips - Project - Security Please have a look at our Link section on the official phpMyAdmin homepag e for in-depth coverage of phpMyAdmin's features and/or interface. [1. Server] [1.1] I'm running PHP 4+ and my server is crashing each time a specific action is required or phpMyAdmin sends a blank page or a page full of cryptic characters to my browser, what can I do? There are some known PHP bugs with output buffering and compression. Try to set the $cfg['OBGzip'] directive to FALSE in your config.inc.php f ile and the zlib.output_compression directive to Off in your php configu ration file. Furthermore, we know about such problems connected to the release candida tes of PHP 4.2.0 (tested with PHP 4.2.0 RC1 to RC4) together with MS Int ernet Explorer. Please upgrade to the release version PHP 4.2.0. [1.2] My Apache server crashes when using phpMyAdmin. You should first try the latest versions of Apache (and possibly MySQL). See also the other FAQ entry about PHP bugs with output buffering. If your server keeps crashing, please ask for help in the various Apache support groups. [1.3] I'm running phpMyAdmin with "cookie" authentication mode under PHP 4.2.0 or 4.2.1 loaded as an Apache 2+ module but can't enter the script: I'm always displayed the login screen. This is a known PHP bug (see this bug report) from the official PHP bug d atabase. It means there is and won't be any phpMyAdmin fix against it be cause there is no way to code a fix. [1.4] Using phpMyAdmin on IIS, I'm displayed the error message: "The specified CGI application misbehaved by not returning a complete set of HTTP headers...". You just forgot to read the install.txt file from the php distribution. H ave a look at the last message in this bug report from the official PHP bug database. [1.5] Using phpMyAdmin on IIS, I'm facing crashes and/or many error messages with the HTTP or advanced authentication mode. This is a known problem with the PHP ISAPI filter: it's not so stable. Fo r some more information and complete testings see the messages posted by André B. aka "djdeluxe76" in this thread from the phpWizard forum. Please use instead the cookie authentication mode. [1.6] I can't use phpMyAdmin on PWS: nothing is displayed! This seems to be a PWS bug. Filippo Simoncini found a workaround (at this time there is no better fix): remove or comment the DOCTYPE declaration s (2 lines) from the scripts header.inc.php, header_printview.inc.php, i ndex.php, left.php and libraries/common.lib.php. [1.7] How can I GZip or Bzip a dump or a CSV export. It does not seem to work. These features are based on the gzencode() and bzcompress() PHP functions to be more independent of the platform (Unix/Windows, Safe Mode or not, and so on). So, you must have PHP4 >= 4.0.4 and Zlib/Bzip2 support (--w ith-zlib and --with-bz2). We faced PHP crashes when trying to download a dump with MS Internet Expl orer when phpMyAdmin is run with a release candidate of PHP 4.2.0. In th is case you should switch to the release version of PHP 4.2.0. [1.8] I cannot insert a text file in a table, and I get an error about safe mode being in effect. Your uploaded file is saved by PHP in the "upload dir", as defined in php .ini by the variable upload_tmp_dir (usually the system default is /tmp) . We recommend the following setup for Apache servers running in safe mode, to enable uploads of files while being reasonably secure: * create a separate directory for uploads: mkdir /tmp/php * give ownership to the Apache server's user.group: chown apache.apache /tmp/php * give proper permission: chmod 600 /tmp/php * put upload_tmp_dir = /tmp/php in php.ini * restart Apache [1.9] I'm having troubles when uploading files. In general file uploads don't work on my system and uploaded files have a Content-Type: header in the first line. It's not really phpMyAdmin related but RedHat 7.0. You have a RedHat 7.0 and you updated your PHP RPM to php-4.0.4pl1-3.i386.rpm, didn't you? So the problem is that this package has a serious bug that was corrected ages ago in PHP (2001-01-28: see PHP's bug tracking system for more deta ils). The problem is that the bugged package is still available though i t was corrected (see RedHat's BugZilla for more details). So please download the fixed package (4.0.4pl1-9) and the problem should go away. And that fixes the \r\n problem with file uploads! [1.10] I'm having troubles when uploading files with phpMyAdmin running on a secure server. My browser is Internet Explorer and I'm using the Apache server. As suggested by "Rob M" in the phpWizard forum, add this line to your htt pd.conf: SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown It seems to clear up many problems between Internet Explorer and SSL. [1.11] I get an 'open_basedir restriction' while uploading a file from the query box. Since version 2.2.4, phpMyAdmin supports servers with open_basedir restri ctions. Assuming that the restriction allows you to open files in the cu rrent directory ('.'), all you have to do is create a 'tmp' directory un der the phpMyAdmin install directory, with permissions 777 and the same owner as the owner of your phpMyAdmin directory. The uploaded files will be moved there, and after execution of your SQL commands, removed. [1.12] I have lost my MySQL root password, what can I do? The MySQL manual explains how to reset the permissions. [1.13] I get an error 'No SQL query' when trying to execute a bookmark. If PHP does not have read/write access to its upload_tmp_dir, it cannot a ccess the uploaded query. [1.14] I get an error 'No SQL query' when trying to submit a query from the convenient text area. Check the post_max_size directive from your PHP configuration file and tr y to increase it. [1.15] I have problems with mysql.user field names. In older MySQL versions, the User and Password fields were named user and password. Please modify your field names to align with current standard s. [1.16] I cannot upload big dump files (memory, http or timeout problems). The first things to check (or ask your host provider to check) are the va lues of upload_max_filesize, memory_limit and post_max_size in the php.i ni configuration file. All of these three settings limit the maximum siz e of data that can be submitted and handled by PHP. One user also said t hat post_max_size and memory_limit need to be larger than upload_max_fil esize. There exist several workarounds if your upload is too big or your hosting provider is unwilling to change the settings: * Look at the $cfg['UploadDir'] feature. This allows one to upload a fi le to the server via scp, ftp, or your favorite file transfer method. PhpMyAdmin is then able to import the files from the temporary directory. More information is available in the Configuration section of this document. * Using a utility (such as BigDump) to split the files before uploading . We cannot support this or any third party applications, but are aware of users having success with it. * If you have shell (command line) access, use MySQL to import the file s directly. You can do this by issuing the "source" command from within MySQL: source filename.sql. [1.17] Which MySQL versions does phpMyAdmin support? All MySQL versions from 3.23.32 till 5.0 (except for 4.1.0 and 4.1.1) are fully supported. Please note that the older your MySQL version is, the more limitations you will have to face. phpMyAdmin may connect to your MySQL server using php's classic MySQL ext ension as well as the improved MySQL extension (MySQLi) that is availabl e in php 5.0. Either way, the developers of both extensions recommend to use the classi c extension for MySQL 4.0 and below and MySQLi for MySQL 4.1 and newer. When compiling php, we strongly recommend that you manually link the MySQ L extension of your choice to a MySQL client library of at least the sam e minor version since the one that is bundled with some php distribution s is rather old and might cause problems (see also FAQ 1.17a). MySQL 5.1 is not yet supported. [1.17a] I cannot connect to the MySQL server. It always returns the error message, "Client does not support authentication protocol requested by server; consider upgrading MySQL client" You tried to access MySQL with an old MySQL client library. The version o f your MySQL client library can be checked in your phpinfo() output. In general, it should have at least the same minor version as your server - as mentioned in FAQ 1.17. The only way to fix this problem is manually compiling php and its MySQL extension against a current MySQL client library. If you still face this problem, please compile your MySQL client library against the same or a newer MySQL release. [1.18] I'm running MySQL <= 4.0.1 having lower_case_table_names set to 1. If I create a new table with a capital letter in its name it is changed to lowercase as it should. But if I try to DROP this table MySQL is unable to find the corresponding file. This is a bug of MySQL <= 4.0.1. Please upgrade to at least MySQL 4.0.2 o r turn off your lower_case_table_names directive. [1.19] I can't run the "display relations" feature because the script seems not to know the font face I'm using! The "FPDF" library we're using for this feature requires some special fil es to use font faces. Please refers to the FPDF manual to build these files. [1.20] I receive the error "cannot load MySQL extension, please check PHP Configuration". To connect to a MySQL server, PHP needs a set of MySQL functions called " MySQL extension". This extension may be part of the PHP distribution (co mpiled-in), otherwise it needs to be loaded dynamically. Its name is pro bably mysql.so or php_mysql.dll. phpMyAdmin tried to load the extension but failed. Usually, the problem is solved by installing a software package called "P HP-MySQL" or something similar. [1.21] I am running the CGI version of PHP under Unix, and I cannot login using cookie auth. In php.ini, set mysql.max_links higher than 1. [1.22] I don't see the "Location of text file" field, so I cannot upload. This is most likely because in php.ini, your file_uploads parameter is no t set to "on". [1.23] I'm running MySQL on a Win32 machine. Each time I create a new table the table and field names are changed to lowercase! This happens because the MySQL directive lower_case_table_names defaults to 1 (ON) in the Win32 version of MySQL. You can change this behavior by simply changing the directive to 0 (OFF): Just edit your my.ini file that should be located in your Windows directo ry and add the following line to the group [mysqld]: set-variable = lower_case_table_names=0 Next, save the file and restart the MySQL service. You can always check t he value of this directive using the query SHOW VARIABLES LIKE 'lower_case_table_names'; [1.24] Some characters are being truncated in my queries, or I get characters randomly added. I am running PHP 4.2.3. This is a PHP 4.2.3 bug. [1.25] I am running Apache with mod_gzip-1.3.26.1a on Windows XP, and I get problems, such as undefined variables when I run a SQL query. A tip from Jose Fandos: put a comment on the following two lines in httpd .conf, like this: # mod_gzip_item_include file \.php$ # mod_gzip_item_include mime "application/x-httpd-php.*" as this version of mod_gzip on Apache (Windows) has problems handling PHP scripts. Of course you have to restart Apache. [1.26] I just installed phpMyAdmin in my document root of IIS but I get the error "No input file specified" when trying to run phpMyAdmin. This is a permission problem. Right-click on the phpmyadmin folder and ch oose properties. Under the tab Security, click on "Add" and select the u ser "IUSR_machine" from the list. Now set his permissions and it should work. [1.27] I get empty page when I want to view huge page (eg. db_details_structure.php with plenty of tables). This is a PHP bug that occur when GZIP output buffering is enabled. If yo u turn off it (by $cfg['OBGzip'] = FALSE in config.inc.php), it should w ork. This bug will be fixed in PHP 5.0.0. [1.28] My MySQL server sometimes refuses queries and returns the message 'Errorcode: 13'. What does this mean? This can happen due to a MySQL bug when having database / table names wit h upper case characters although lower_case_table_names is set to 1. To fix this, turn off this directive, convert all database and table names to lower case and turn it on again. Alternatively, there's a bug-fix ava ilable starting with MySQL 3.23.56 / 4.0.11-gamma. [1.29] When I create a table or modify a field, I get an error and the fields are duplicated. It is possible to configure Apache in such a way that PHP has problems in terpreting .php files. The problems occur when two different (and conflicting) set of directives are used: SetOutputFilter PHP SetInputFilter PHP & AddType application/x-httpd-php .php In the case we saw, one set of directives was in /etc/httpd/conf/httpd.co nf, while the other set was in /etc/httpd/conf/addon-modules/php.conf. The recommended way is with AddType, so just comment out the first set of lines and restart Apache: #SetOutputFilter PHP #SetInputFilter PHP [1.30] I get the error "left.php: Missing hash". This problem is known to happen when the server is running Turck MMCache but upgrading MMCache to version 2.3.21 solves the problem. [1.31] Does phpMyAdmin support php5? Yes. However, phpMyAdmin needs to be backwards compatible to php4. This is why you won't be able to run phpMyAdmin having enabled E_STRICT in your err or_reporting settings. [1.32] Can I use HTTP authentication with IIS? Yes. This procedure was tested with phpMyAdmin 2.6.1, PHP 4.3.9 in ISAPI mode under IIS 5.1. 1. In your php.ini file, set cgi.rfc2616_headers = 0 2. In Web Site Properties -> File/Directory Security -> Anonymous Access dialog box, check the Anonymous access checkbox and uncheck any other checkboxes (i.e. uncheck Basic authentication, Integrated Windows authentication, and Digest if it's enabled.) Click OK. 3. In Custom Errors, select the range of 401;1 through 401;5 and click t he Set to Default button. [2. Configuration] [2.1] The error message "Warning: Cannot add header information - headers already sent by ..." is displayed, what's the problem? Edit your config.inc.php or .php file and ensure there is nothing (I.E. n o blank lines, no spaces, no characters...) neither before the tag at the end. [2.2] phpMyAdmin can't connect to MySQL. What's wrong? Either there is an error with your PHP setup or your username/password is wrong. Try to make a small script which uses mysql_connect and see if i t works. If it doesn't, it may be you haven't even compiled MySQL suppor t into PHP. [2.3] The error message "Warning: MySQL Connection Failed: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (111)..." is displayed. What can I do? For RedHat users, Harald Legner suggests this on the mailing list: On my RedHat-Box the socket of MySQL is /var/lib/mysql/mysql.sock. In you r php.ini you will find a line mysql.default_socket = /tmp/mysql.sock change it to mysql.default_socket = /var/lib/mysql/mysql.sock Then restart apache and it will work. Here is a fix suggested by Brad Ummer in the phpwizard forum: * First, you need to determine what socket is being used by MySQL. To do this, telnet to your server and go to the MySQL bin directory. In this directory there should be a file named mysqladmin. Type ./mysqladmin variables, and this should give you a bunch of info about your MySQL server, including the socket (/tmp/mysql.sock, for example). * Then, you need to tell PHP to use this socket. Assuming you are using PHP 3.0.10 or better, you can specify the socket to use when you open the connection. To do this in phpMyAdmin, you need to complete the socket information in the config.inc.php. For example: $cfg['Servers'][$i]['socket'] = '/tmp/mysql.sock'; Please also make sure that the permissions of this file allow to be readable by your webserver (i.e. '0755'). Have also a look at the corresponding section of the MySQL documentation. [2.4] Nothing is displayed by my browser when I try to run phpMyAdmin, what can I do? Try to set the $cfg['OBGZip'] directive to FALSE in the phpMyAdmin config uration file. It helps sometime. Also have a look at your PHP version number: if it contains "4.0b..." it means you're running a beta version of PHP. That's not a so good idea, p lease upgrade to a plain revision. [2.5] Each time I want to insert or change a record or drop a database or a table, an error 404 (page not found) is displayed or, with HTTP or cookie authentication, I'm asked to login again. What's wrong? Check the value you set for the $cfg['PmaAbsoluteUri'] directive in the p hpMyAdmin configuration file. [2.6] I get an "Access denied for user: 'root@localhost' (Using password: YES)"-error when trying to access a MySQL-Server on a host which is port-forwarded for my localhost. When you are using a port on your localhost, which you redirect via port- forwarding to another host, MySQL is not resolving the localhost as expe cted. Erik Wasser explains: The solution is: if your host is "localhost" MySQL (the commandline tool 'mysql' as well) always tries to use the socket co nnection for speeding up things. And that doesn't work in this configura tion with port forwarding. If you enter "127.0.0.1" as hostname, everything is right and MySQL uses the TCP connection. [2.7] Using and creating themes Themes are configured with $cfg['ThemePath'], $cfg['ThemeManager'] and $c fg['ThemeDefault']. Under $cfg['ThemePath'], you should not delete the directory "original" o r its underlying structure, because this is the system theme used by php MyAdmin. "original" contains all images and styles, for backwards compat ibility and for all themes that would not include images or css-files. If $cfg['ThemeManager'] is enabled, you can select your favorite theme on the main page. Your selected theme will be stored in a cookie. To create a theme: * make a new subdirectory (for example "your_theme_name") under $cfg['T hemePath'] (by default themes) * copy the files and directories from "original" to "your_theme_name" * edit the css-files in "your_theme_name/css" * put your new images in "your_theme_name/img" * edit layout.inc.php in "your_theme_name" * edit info.inc.php in "your_theme_name" to contain your chosen theme n ame, that will be visible in user interface * make a new screenshot of your theme and save it under "your_theme_nam e/screen.png" In theme directory there is file info.inc.php which contains theme verbos e name, theme generation and theme version. These versions and generatio ns are enumerated from 1 and do not have any direct dependance on phpMyA dmin version. Themes within same generation should be backwards compatib le - theme with version 2 should work in phpMyAdmin requiring version 1. Themes with different generation are incompatible. If you do not want to use your own symbols and buttons, remove the direct ory "img" in "your_theme_name". phpMyAdmin will use the default icons an d buttons (from the system-theme "original"). [2.8] I get "Missing parameters" errors, what can I do? Here are a few points to check: * In config.inc.php, try to leave the $cfg['PmaAbsoluteUri']directive e mpty. See also FAQ 4.7. * Maybe you have a broken PHP installation or you need to upgrade your Zend Optimizer. See http://bugs.php.net/bug.php?id=31134. * If you are using Hardened PHP with the ini directive varfilter.max_re quest_variables set to the default (200) or another low value, you could get this error if your table has a high number of columns. Adjust this setting accordingly. (Thanks to Klaus Dorninger for the hint). [3. Known limitations] [3.1] When using HTTP authentication, an user who logged out can not relogin in with the same nick. This is related to the authentication mechanism (protocol) used by phpMyA dmin. To bypass this problem: just close all the opened browser windows and then go back to phpMyAdmin. You should be able to log in again. [3.2] When dumping a large table in compressed mode, I get a memory limit error or a time limit error. Compressed dumps are built in memory and because of this are limited to p hp's memory limit. For GZip/BZip2 exports this can be overcome since 2.5 .4 using $cfg['CompressOnFly'] (enabled by default). Zip exports can not be handled this way, so if you need Zip files for larger dump, you have to use another way. [3.3] With InnoDB tables, I lose foreign key relationships when I rename or alter a table. This seems to be a InnoDB bug (fixed in MySQL 3.23.50?). [3.4] I am unable to import dumps I created with the mysqldump tool bundled with the MySQL server distribution. The problem is that mysqldump creates invalid comments like this: -- MySQL dump 8.22 -- -- Host: localhost Database: database --------------------------------------------------------- -- Server version 3.23.54 The invalid part of the code is the horizontal line made of dashes that a ppears once in every dump created with mysqldump. If you want to run you r dump you have to turn it into valid MySQL. This means, you have to add a whitespace after the first two dashes of the line or add a # before i t: -- ------------------------------------------------------- or #--------------------------------------------------------- [3.5] When using nested folders ($cfg['LeftFrameTableSeparator']) there are some multiple hierarchies displayed in a wrong manner?! Please note that you should not use the separating string multiple times without any characters between them, or at the beginning/end of your tab le name. If you have to, think about using another TableSeparator or dis abling that feature [3.6] What is currently not supported in phpMyAdmin about InnoDB? In Relation view, being able to choose a table in another database, or ha ving more than one index field in the foreign key. In Query-by-example (Query), automatic generation of the query LEFT JOIN from the foreign table. In PDF schema editing, automatic layout. [3.7] I have table with many (100+) fields and when I try to browse table I get series of errors like "Warning: unable to parse url". How can this be fixed? Your table neither have a primary key nor an unique one, so we must use a long expression to identify this row. This causes problems to parse_url function. The workaround is to create a primary or unique key. [3.8] I cannot use (clickable) HTML-forms in fields where I put a MIME-Transformation onto! Due to a surrounding form-container (for multi-row delete checkboxes), no nested forms can be put inside the table where phpMyAdmin displays the results. You can, however, use any form inside of a table if keep the pa rent form-container with the target to tbl_row_delete.php and just put y our own input-elements inside. If you use a custom submit input field, t he form will submit itself to the displaying page again, where you can v alidate the $HTTP_POST_VARS in a transformation. For a tutorial on how t o effectively use transformations, see our Link section on the official phpMyAdmin-homepage. [3.9] I get error messages when using "--sql_mode=ANSI" for the MySQL server When MySQL is running in ANSI-compatibility mode, there are some major di fferences in how SQL is structured (see http://dev.mysql.com/doc/mysql/e n/ANSI_mode.html). Most important of all, the quote-character (") is int erpreted as an identifier quote character and not as a string quote char acter, which makes many internal phpMyAdmin operations into invalid SQL statements. There is no workaround to this behaviour. News to this item will be posted in Bug report #816858 [3.10] Homonyms and no primary key: When the results of a SELECT display more that one column with the same value (for example SELECT lastname from employees where firstname like 'A%' and two "Smith" values are displayed), if I click Edit I cannot be sure that I am editing the intended row. Please make sure that your table has a primary key, so that phpMyAdmin ca n use it for the Edit and Delete links. [3.11] The number of records for InnoDB tables is not correct. phpMyAdmin uses a quick method to get the row count, and this method only returns an approximate count in the case of InnoDB tables. See $cfg['Ma xExactCount'] for a way to modify those results, but this could have a s erious impact on performance. [3.12] What are the phpMyAdmin limitations for MySQL 3? The number of records in queries containing COUNT and GROUP BY is not cor rectly calculated. Also, sorting results of a query like "SELECT * from table GROUP BY" ... is problematic. [3.13] I get an error when entering USE followed by a db name containing an hyphen. The tests I have made with current MySQL 4.1.11 API shows that the API do es not accept this syntax for the USE command. Enclosing the db name wit h backquotes works. For further confusion, no backquotes are needed with command-line mysql. [4. ISPs, multi-user installations ] [4.1] I'm an ISP. Can I setup one central copy of phpMyAdmin or do I need to install it for each customer. Since version 2.0.3, you can setup a central copy of phpMyAdmin for all y our users. The development of this feature was kindly sponsored by NetCo logne GmbH. This requires a properly setup MySQL user management and php MyAdmin HTTP or cookie authentication. See the install section on "Using HTTP authentication". [4.2] What's the preferred way of making phpMyAdmin secure against evil access. This depends on your system. If you're running a server which cannot be accessed by other people, it's sufficient to use the directory protection bundled with your webserver (with Apache you can use .htaccess files, for example). If other people have telnet access to your server, you should use phpMyAd min's HTTP authentication feature. Suggestions: * Your config.inc.php file should be chmod 660. * All your phpMyAdmin files should be chown -R phpmy.apache, where phpm y is a user whose password is only known to you, and apache is the group under which Apache runs. * You should use PHP safe mode, to protect from other users that try to include your config.inc.php in their scripts. [4.3] I get errors about not being able to include a file in /lang or in /libraries. Check php.ini, or ask your sysadmin to check it. The include_path must co ntain "." somewhere in it, and open_basedir, if used, must contain "." a nd "./lang" to allow normal operation of phpMyAdmin. [4.4] phpMyAdmin always gives "Access denied" when using HTTP authentication. This could happen for several reasons: * $cfg['Servers'][$i]['controluser'] and/or $cfg['Servers'][$i]['contro lpass'] are wrong. * The username/password you specify in the login-dialog are invalid. * You have already setup a security mechanism for the phpMyAdmin-direct ory, eg. a .htaccess file. This would interfere with phpMyAdmin's authentication, so remove it. [4.5] Is it possible to let users create their own databases? Starting with 2.2.5, in the user management page, you can enter a wildcar d database name for a user (for example "joe%"), and put the privileges you want. For example, adding SELECT, INSERT, UPDATE, DELETE, CREATE, DR OP, INDEX, ALTER would let a user create/manage his/her database(s). [4.6] How can I use the Host-based authentication additions? If you have existing rules from an old .htaccess file, you can take them and add a username between the 'deny'/'allow' and 'from' strings. Using the username wildcard of '%' would be a major benefit here if your insta llation is suited to using it. Then you can just add those updated lines into the $cfg['Servers'][$i]['AllowDeny']['rules'] array. If you want a pre-made sample, you can try this fragment. It stops the 'r oot' user from logging in from any networks other than the private netwo rk IP blocks. //block root from logging in except from the private networks $cfg['Servers'][$i]['AllowDeny']['order'] = 'deny,allow'; $cfg['Servers'][$i]['AllowDeny']['rules'] = array( 'deny root from all', 'allow root from localhost', 'allow root from 10.0.0.0/8', 'allow root from 192.168.0.0/16', 'allow root from 172.16.0.0/12', ); [4.7] Authentication window is displayed more than once, why? This happens if you are using a URL to start phpMyAdmin which is differen t than the one set in your $cfg['PmaAbsoluteUri']. For example, a missin g "www", or entering with an IP address while a domain name is defined i n the config file. [5. Browsers or client OS] [5.1] I get an out of memory error, and my controls are non-functional, when trying to create a table with more than 14 fields. We could reproduce this problem only under Win98/98SE. Testing under WinN T4 or Win2K, we could easily create more than 60 fields. A workaround is to create a smaller number of fields, then come back to y our table properties and add the other fields. [5.2] With Xitami 2.5b4, phpMyAdmin won't process form fields. This is not a phpMyAdmin problem but a Xitami known bug: you'll face it w ith each script/website that use forms. Upgrade or downgrade your Xitami server. [5.3] I have problems dumping tables with Konqueror (phpMyAdmin 2.2.2). With Konqueror 2.1.1: plain dumps, zip and GZip dumps work ok, except tha t the proposed file name for the dump is always 'tbl_dump.php'. Bzip2 du mps don't seem to work. With Konqueror 2.2.1: plain dumps work; zip dumps are placed into the use r's temporary directory, so they must be moved before closing Konqueror, or else they disappear. GZip dumps give an error message. Testing needs to be done for Konqueror 2.2.2. [5.4] I can't use the cookie authentication mode because Internet Explorer never stores the cookies. MS Internet Explorer seems to be really buggy about cookies, at least til l version 6. And thanks to Andrew Zivolup we've traced also a PHP 4.1.1 bug in this area! Then, if you're running PHP 4.1.1, try to upgrade or downgrade... it may work! [5.5] In Internet Explorer 5.0, I get JavaScript errors when browsing my rows. Upgrade to at least Internet Explorer 5.5 SP2. [5.6] In Internet Explorer 5.0, 5.5 or 6.0, I get an error (like "Page not found") when trying to modify a row in a table with many fields, or with a text field Your table neither have a primary key nor an unique one, so we must use a long URL to identify this row. There is a limit on the length of the UR L in those browsers, and this not happen in Netscape, for example. The w orkaround is to create a primary or unique key, or use another browser. [5.7] I refresh (reload) my browser, and come back to the welcome page. Some browsers support right-clicking into the frame you want to refresh, just do this in the right frame. [5.8] With Mozilla 0.9.7 I have problems sending a query modified in the query box. Looks like a Mozilla bug: 0.9.6 was OK. We will keep an eye on future Moz illa versions. [5.9] With Mozilla 0.9.? to 1.0 and Netscape 7.0-PR1 I can't type a whitespace in the SQL-Query edit area: the page scrolls down. This is a Mozilla bug (see bug #26882 at BugZilla). [5.10] With Netscape 4.75 I get empty rows between each row of data in a CSV exported file. This is a known Netscape 4.75 bug: it adds some line feeds when exporting data in octet-stream mode. Since we can't detect the specific Netscape version, we cannot workaround this bug. [5.11] Extended-ASCII characters like German umlauts are displayed wrong. Please ensure that you have set your browser's character set to the one o f the language file you have selected on phpMyAdmin's start page. Altern atively, you can try the auto detection mode that is supported by the re cent versions of the most browsers. [5.12] Apple OS X: Safari browser changes special characters to "?". This issue has been reported by a OS X user, who adds that Chimera, Netsc ape and Mozilla do not have this problem. [5.13] With Internet Explorer 5.5 or 6, and HTTP authentication type, I cannot manage two servers: I login to the first one, then the other one, but if I switch back to the first, I have to login on each operation. This is a bug in Internet Explorer, other browsers do not behave this way . [5.14] Using Opera6, I can manage to get to the authentication, but nothing happens after that, only a blank screen. Having $cfg['QueryFrameJS'] set to TRUE, this leads to a bug in Opera6, b ecause it is not able to interpret frameset definitiions written by Java Script. Please upgrade to Opera7 at least. [5.15] I have display problems with Safari. Please upgrade to at least version 1.2.3. [5.16] With Internet Explorer, I get "Access is denied" Javascript errors. Or I cannot make phpMyAdmin work under Windows. Please check the following points: * Maybe you have defined your PmaAbsoluteUri setting in config.inc.php to an IP address and you are starting phpMyAdmin with a URL containing a domain name, or the reverse situation. * Security settings in IE and/or Microsoft Security Center are too high , thus blocking scripts execution. * The Windows Firewall is blocking Apache and MySQL. You must allow htt p ports (80 or 443) and MySQL port (usually 3306) in the "in" and "out" directions. [5.17] With Firefox, I cannot delete rows of data or drop a database. Many users have confirmed that the Tabbrowser Extensions plugin they inst alled in their Firefox is causing the problem. [6. Using phpMyAdmin] [6.1] I can't insert new rows into a table / I can't create a table - MySQL brings up a SQL-error. Examine the SQL error with care. Often the problem is caused by specifyin g a wrong field-type. Common errors include: * Using VARCHAR without a size argument * Using TEXT or BLOB with a size argument Also, look at the syntax chapter in the MySQL manual to confirm that your syntax is correct. [6.2] When I create a table, I click the Index checkbox for 2 fields and phpMyAdmin generates only one index with those 2 fields. In phpMyAdmin 2.2.0 and 2.2.1, this is the way to create a multi-fields i ndex. If you want two indexes, create the first one when creating the ta ble, save, then display the table properties and click the Index link to create the other index. [6.3] How can I insert a null value into my table? Since version 2.2.3, you have a checkbox for each field that can be null. Before 2.2.3, you had to enter "null", without the quotes, as the field 's value. Since version 2.5.5, you have to use the checkbox to get a rea l NULL value, so if you enter "NULL" this means you want a literal NULL in the field, and not a NULL value (this works in PHP4). [6.4] How can I backup my database or table? Click on a database or table name in the left frame, the properties will be displayed. Then on the menu, click "Export", you can dump the structu re, the data, or both. This will generate standard SQL statements that c an be used to recreate your database/table. You will need to choose "Save as file", so that phpMyAdmin can transmit t he resulting dump to your station. Depending on your PHP configuration, you will see options to compress the dump. See also the $cfg['ExecTimeLi mit'] configuration variable. For additional help on this subject, look for the word "dump" in this doc ument. [6.5] How can I restore (upload) my database or table using a dump? How can I run a ".sql" file. Click on a database name in the left frame, the properties will be local displayed. Then in the "Run SQL query" section, type in your dump filena me, or use the Browse button. Then click Go. For additional help on this subject, look for the word "upload" in this d ocument. [6.6] How can I use the relation table in Query-by-example? Here is an example with the tables persons, towns and countries, all loca ted in the database mydb. If you don't have a pma_relation table, create it as explained in the configuration section. Then create the example t ables: CREATE TABLE REL_countries ( country_code char(1) NOT NULL default '', description varchar(10) NOT NULL default '', PRIMARY KEY (country_code) ) TYPE=MyISAM; INSERT INTO REL_countries VALUES ('C', 'Canada'); CREATE TABLE REL_persons ( id tinyint(4) NOT NULL auto_increment, person_name varchar(32) NOT NULL default '', town_code varchar(5) default '0', country_code char(1) NOT NULL default '', PRIMARY KEY (id) ) TYPE=MyISAM; INSERT INTO REL_persons VALUES (11, 'Marc', 'S', ''); INSERT INTO REL_persons VALUES (15, 'Paul', 'S', 'C'); CREATE TABLE REL_towns ( town_code varchar(5) NOT NULL default '0', description varchar(30) NOT NULL default '', PRIMARY KEY (town_code) ) TYPE=MyISAM; INSERT INTO REL_towns VALUES ('S', 'Sherbrooke'); INSERT INTO REL_towns VALUES ('M', 'Montréal'); To setup appropriate links and display information: * on table "REL_persons" click Structure, then Relation view * in Links, for "town_code" choose "REL_towns->code" * in Links, for "country_code" choose "REL_countries->country_code" * on table "REL_towns" click Structure, then Relation view * in "Choose field to display", choose "description" * repeat the two previous steps for table "REL_countries" Then test like this: * Click on your db name in the left frame * Choose "Query" * Use tables: persons, towns, countries * Click "Update query" * In the fields row, choose persons.person_name and click the "Show" ti ckbox * Do the same for towns.description and countries.descriptions in the o ther 2 columns * Click "Update query" and you will see in the query box that the corre ct joins have been generated * Click "Submit query" [6.7] How can I use the "display field" feature? Starting from the previous example, create the pma_table_info as explaine d in the configuration section, then browse your persons table, and move the mouse over a town code or country code. See also FAQ 6.21 for an additionnal feature that "display field" enables : drop-down list of possible values. [6.8] How can I produce a PDF schema of my database? First the configuration variables "relation", "table_coords" and "pdf_pag es" have to be filled in. Then you need to think about your schema layout. Which tables will go on which pages? * Select your database in the left frame. * Choose "Operations" in the navigation bar at the top. * Choose "Edit PDF Pages" near the bottom of the page. * Enter a name for the first PDF page and click Go. If you like, you ca n use the "automatic layout," which will put all your linked tables onto the new page. * Select the name of the new page (the action choice being set to Edit) and click Go. * Select a table from the list, enter its coordinates and click Go. Coordinates are relative; your diagram will be automatically scaled to fit the page. When initially placing tables on the page, just pick any coordinates -- say, 50x50. After clicking Go, you can then use the graphical editor to position the element correctly. * When you'd like to look at your PDF, first be sure to click the Go bu tton beneath the list of tables and coordinates, to save any changes you made there. Then scroll all the way down, select the PDF options you want, and click Go. * Internet Explorer for Windows may suggest an incorrect filename when you try to save a generated PDF. When saving a generated PDF, be sure that the filename ends in ".pdf", for example "schema.pdf". Browsers on other operating systems, and other browsers on Windows, do not have this problem. [6.9] phpMyAdmin is changing the type of one of my columns! No, it's MySQL that is doing silent column type changing. [6.10] When creating a privilege, what happens with underscores in the database name? If you do not put a backslash before the underscore, this is a wildcard g rant, and the underscore means "any character". So, if the database name is "john_db", the user would get rights to john1db, john2db... If you put a backslash before the underscore, it means that the database name will have a real underscore. [6.11] What is the curious symbol ø in the statistics pages? It means "average". [6.12] I want to understand some Export options. Structure: * "Add DROP TABLE" will add a line telling MySQL to drop the table, if it already exists during the import. It does NOT drop the table after your export, it only affects the import file. * "If Not Exists" will only create the table if it doesn't exist. Other wise, you may get an error if the table name exists but has a different structure. * "Add AUTO_INCREMENT value" ensures that AUTO_INCREMENT value (if any) will be included in backup. * "Enclose table and field names with backquotes" ensures that field an d table names formed with special characters are protected. * "Add into comments" includes column comments, relations, and MIME typ es set in the pmadb in the dump as SQL comments (/* xxx */). Data: * "Complete inserts" adds the column names on every INSERT command, for better documentation (but resulting file is bigger). * "Extended inserts" provides a shorter dump file by using only once th e INSERT verb and the table name. * "Delayed inserts" are best explained in the MySQL manual. * "Ignore inserts" treats errors as a warning instead. Again, more info is provided in the MySQL manual, but basically with this selected, invalid values are adjusted and inserted rather than causing the entire statement to fail. [6.13] I would like to create a database with a dot in its name. This is a bad idea, because in MySQL the syntax "database.table" is the n ormal way to reference a database and table name. Worse, MySQL will usua lly let you create a database with a dot, but then you cannot work with it, nor delete it. [6.14] How do I set up the SQL Validator? To use it, you need a very recent version of PHP, 4.3.0 recommended, with XML, PCRE and PEAR support. On your system command line, run "pear inst all Net_Socket Net_URL HTTP_Request Mail_Mime Net_DIME SOAP" to get the necessary PEAR modules for usage. On a more recent pear version, I had problems with the state of Net_DIME being beta, so this single command "pear -d preferred_state=beta install -a SOAP" installed all the needed modules. If you use the Validator, you should be aware that any SQL statement you submit will be stored anonymously (database/table/column names, strings, numbers replaced with generic values). The Mimer SQL Validator itself, is © 2001 Upright Database Technology. We utilize it as free SOAP servic e. [6.15] I want to add a BLOB field and put an index on it, but MySQL says "BLOB column '...' used in key specification without a key length". The right way to do this, is to create the field without any indexes, the n display the table structure and use the "Create an index" dialog. On t his page, you will be able to choose your BLOB field, and set a size to the index, which is the condition to create an index on a BLOB field. [6.16] How can I simply move in page with plenty editing fields? You can use Ctrl+arrows (Option+Arrows in Safari) for moving on most page s with many editing fields (table structure changes, row editing, etc.) (must be enabled in configuration - see. $cfg['CtrlArrowsMoving']). You can also have a look at the directive $cfg['DefaultPropDisplay'] ('verti cal') and see if this eases up editing for you. [6.17] Transformations: I can't enter my own mimetype! WTF is this feature then useful for? Slow down :). Defining mimetypes is of no use, if you can't put transform ations on them. Otherwise you could just put a comment on the field. Bec ause entering your own mimetype will cause serious syntax checking issue s and validation, this introduces a high-risk false-user-input situation . Instead you have to initialize mimetypes using functions or empty mime type definitions. Plus, you have a whole overview of available mimetypes. Who knows all tho se mimetypes by heart so he/she can enter it at will? [6.18] Bookmarks: Where can I store bookmarks? Why can't I see any bookmarks below the query box? What is this variable for? Any query you have executed can be stored as a bookmark on the page where the results are displayed. You will find a button labeled 'Bookmark thi s query' just at the end of the page. As soon as you have stored a bookmark, it is related to the database you run the query on. You can now access a bookmark dropdown on each page, t he query box appears on for that database. Since phpMyAdmin 2.5.0 you are also able to store variables for the bookm arks. Just use the string /*[VARIABLE]*/ anywhere in your query. Everyth ing which is put into the value input box on the query box page will rep lace the string "/*[VARIABLE]*/" in your stored query. Just be aware of that you HAVE to create a valid query, otherwise your query won't be eve n able to be stored in the database. Also remember, that everything else inside the /*[VARIABLE]*/ string for your query will remain the way it is, but will be stripped of the /**/ c hars. So you can use: /*, [VARIABLE] AS myname */ which will be expanded to , VARIABLE as myname in your query, where VARIABLE is the string you entered in the input box. If an empty string is provided, no replacements are made. A more complex example. Say you have stored this query: SELECT Name, Address FROM addresses WHERE 1 /* AND Name LIKE '%[VARIABLE] %' */ Say, you now enter "phpMyAdmin" as the variable for the stored query, the full query will be: SELECT Name, Address FROM addresses WHERE 1 AND Name LIKE '%phpMyAdmin%' You can use multiple occurences of /*[VARIABLE]*/ in a single query. NOTE THE ABSENCE OF SPACES inside the "/**/" construct. Any spaces insert ed there will be later also inserted as spaces in your query and may lea d to unexpected results especially when using the variable expansion ins ide of a "LIKE ''" expression. Your initial query which is going to be stored as a bookmark has to yield at least one result row so you can store the bookmark. You may have tha t to work around using well positioned "/**/" comments. [6.19] How can I create simple LaTeX document to include exported table? You can simply include table in your LaTeX documents, minimal sample docu ment should look like following one (assuming you have table exported in file table.tex): \documentclass{article} % or any class you want \usepackage{longtable} % for displaying table \begin{document} % start of document \include{table} % including exported table \end{document} % end of document [6.20] In MySQL 4, I see a lot of databases which are not mine, and cannot access them. Upgrading to MySQL 4 usually gives users those global privileges: CREATE TEMPORARY TABLES, SHOW DATABASES, LOCK TABLES. Those privileges also ena bles users to see all the database names, until you upgrade the grant ta bles as described in the MySQL manual. See this bug report. So if your users do not need those privileges, you can remove them and th eir databases list will shorten. [6.21] In edit/insert mode, how can I see a list of possible values for a field, based on some foreign table? You have to setup appropriate links between the tables, and also setup th e "display field" in the foreign table. See FAQ 6.6 for an example. Then , if there are 200 values or less in the foreign table, a drop-down list of values will be available. You will see two lists of values, the firs t list containing the key and the display field, the second list contain ing the display field and the key. The reason for this is to be able to type the first letter of either the key or the display field. For 200 values or more, a distinct window will appear, to browse foreign key values and choose one. [6.22] Bookmarks: Can I execute a default bookmark automatically when entering Browse mode for a table? Yes. If a bookmark has the same label as a table name, it will be execute d. [6.23] Export: I heard phpMyAdmin can export Microsoft Excel files, how can I enable that? Current version does support direct export ot Microsoft Excel and Word ve rsions 2000 and newer. If you need export older versions, you can use CS V suitable for Microsoft Excel, which works out of the box or you can tr y native experimental MS Excel exporter. This export has several problem s, most important are limitation of cell content to 255 chars and no sup port for charsets, so think carefully whether you want to enable this.. For enabling this you need to set $cfg['TempDir'] to place where web ser ver user can write (for example './tmp') and install PEAR module Spreads heet_Excel_Writer into php include path. The installation can be done by following command: pear -d preferred_state=beta install -a Spreadsheet_Excel_Writer First part of switches set we want to install beta version of that module (no stable version available yet) and then we tell pear we want to sati sfy dependencies. If you are running in PHP safe mode, you will have to set in php.ini the safe_mode_include_dir to the directory where your PEAR modules are locat ed, for example: safe_mode_include_dir = /usr/local/lib/php To create the temporary directory on a UNIX-based system, you can do: cd phpMyAdmin mkdir tmp chmod o+rwx tmp [6.24] Now that phpMyAdmin supports native MySQL 4.1.x column comments, what happens to my column comments stored in pmadb? Automatic migration of a table's pmadb-style column comments to the nativ e ones is done whenever you enter Structure page for this table. [7. phpMyAdmin project] [7.1] I have found a bug. How do I inform developers? Our Bug Tracker is located at http://sourceforge.net/projects/phpmyadmin/ under the Bugs section. But please first discuss your bug with other users: http://sourceforge.net/projects/phpmyadmin/ (and choose Forums) [7.2] I want to translate the messages to a new language or upgrade an existing language, where do I start? Always use the current CVS version of your language file. For a new langu age, start from english-iso-8859-1.inc.php. If you don't know how to get the CVS version, please ask one of the developers. Please note that we try not to use HTML entities like é in the tra nslations, since we define the right character set in the file. With HTM L entities, the text on JavaScript messages would not display correctly. However there are some entities that need to be there, for quotes ,non- breakable spaces, ampersands, less than, greater than. You can then put your translations, as a zip file to avoid losing special characters, on the sourceforge.net translation tracker. It would be a good idea to subscribe to the phpmyadmin-translators mailin g list, because this is where we ask for translations of new messages. [7.3] I would like to help out with the development of phpMyAdmin. How should I proceed? The following method is preferred for new developers: 1. fetch the current CVS tree over anonymous CVS: cvs -d:pserver:anonymous@cvs.phpmyadmin.sourceforge.net:/cvsroot/phpmyadmin login [Password: simply press the Enter key] cvs -z3 -d:pserver:anonymous@cvs.phpmyadmin.sourceforge.net:/cvsroot/phpmyadmin checkout phpMyAdmin [This will create a new sub-directory named phpMyAdmin] 2. add your stuff 3. put the modified files (tar'ed and gzip'ed) inside the patch tracker of the phpMyAdmin SourceForge account. Write access to the CVS tree is granted only to experienced developers wh o have already contributed something useful to phpMyAdmin. Also, have a look at the Developers section. [8. Security ] [8.1] Security alert, dated 2003-06-18. Last update of this FAQ: 2003-07-22. The phpMyAdmin development team received notice of this security alert: h ttp://www.securityfocus.com/archive/1/325641. The team regrets that the author did not communicate with us before sendi ng this alert. However, here is our current reply to the points mentionn ed: * "Directory transversal attack" This problem had been fixed in version 2.5.0, even if the author reports the 2.5.2 development version as vulnerable, which we could not reproduce. * "Remote local file retrieving" This is a misleading title, as the author tells in his text: "Note that you can't request files ( only dirs )". * "Remote internal directory listing" It was possible to retrieve the list of phpMyAdmin's directory (which we doubt can cause any damage), but we fixed this in the 2.5.2 version. * "XSS and Path disclosures" Most of the XSS problems have been fixed in version 2.5.0. The rest have been fixed in the 2.5.2 version. We believe that the Path disclosures problems have also been fixed in version 2.5.2. * "Information encoding weakness" We believe that an exploit for this weakness would be difficult to achieve. However version 2.5.2 now encrypts the password with the well-known blowfish algorithm. [8.2] Security alert, dated 2004-06-29. Last update of this FAQ: 2004-06-30. The phpMyAdmin development team received notice of this security alert: h ttp://securityfocus.com/archive/1/367486/2004-06-26/2004-07-02/0 We would like to put emphasis on the disappointment we feel when a bugrep orter does not contact the authors of a software first, before posting a ny exploits. The common way to report this, is to give the developers a reasonable amount of time to respond to an exploit before it is made pub lic. We acknowledge that phpMyAdmin versions 2.5.1 to 2.5.7 are vulnerable to this problem, if each of the following conditions are met: * The Web server hosting phpMyAdmin is not running in safe mode. * In config.inc.php, $cfg['LeftFrameLight'] is set to FALSE (the defaul t value of this parameter is TRUE). * There is no firewall blocking requests from the Web server to the att acking host. Version 2.5.7-pl1 was released with a fix for this vulnerability. [8.3] About new security alerts Please refer to http://www.phpmyadmin.net for the complete list of securi ty alerts. Developers Information phpMyAdmin is Open Source, so you're invited to contribute to it. Many gr eat features have been written by other people and you too can help to m ake phpMyAdmin a useful tool. If you're planning to contribute source, please read the following inform ation: * All files include header.inc.php (layout), libraries/common.lib.php ( common functions) and config.inc.php. Only configuration data should go in config.inc.php. Please keep it free from other code. Commonly used functions should be added to libraries/common.lib.php and more specific ones may be added within a library stored into the libraries sub-directory. * Obviously, you're free to use whatever coding style you want. But ple ase try to keep your code as simple as possible: beginners are using phpMyAdmin as an example application. As far as possible, we want the scripts to be XHTML1.0 and CSS2 compliant on one hand, they fit the PEAR coding standards on the other hand. Please pay attention to this. * Please try to keep up the file-naming conventions. Table-related stuf f goes to tbl_*.php, db-related code to db_*.php, server-related tools to server_*.php and so on. * Please don't use verbose strings in your code, instead add the string (at least) to english-iso-8859-1.inc.php and print() it out. * If you want to be really helpful, write an entry for the ChangeLog. * The DBG extension (PHP Debugger DBG) is now supported by phpMyAdmin f or developers to better debug and profile their code. Please see the $cfg['DBG']* configuration options for more information. This is in memoriam of the Space Shuttle Columbia (STS-107) which was lost during its re-entry into Earth's atmosphere and in memory of the brave men and women who gave their lives for the people of Earth. Credits phpMyAdmin - Credits ==================== CREDITS, in chronological order ------------------------------- - Tobias Ratschiller * creator of the phpmyadmin project * maintainer from 1998 to summer 2000 - Marc Delisle * multi-language version * various fixes and improvements * SQL analyser (most of it) * current project maintainer - Olivier Müller * started SourceForge phpMyAdmin project in March 2001 * sync'ed different existing CVS trees with new features and bugfixes * multi-language improvements, dynamic language selection * current project maintainer * many bugfixes and improvements - Loïc Chapeaux * rewrote and optimized javascript, DHTML and DOM stuff * rewrote the scripts so they fit the PEAR coding standards and generate XHTML1.0 and CSS2 compliant codes * improved the language detection system * many bugfixes and improvements - Robin Johnson * database maintenance controls * table type code * Host authentication IP Allow/Deny * DB-based configuration (Not completed) * SQL parser and pretty-printer * SQL validator * many bugfixes and improvements - Armel Fauveau * bookmarks feature * multiple dump feature * gzip dump feature * zip dump feature - Geert Lund * various fixes * moderator of the phpMyAdmin users forum at phpwizard.net - Korakot Chaovavanich * "insert as new row" feature - Pete Kelly * rewrote and fix dump code * bugfixes - Steve Alberty * rewrote dump code for PHP4 * mySQL table statistics * bugfixes - Benjamin Gandon * main author of the version 2.1.0.1 * bugfixes - Alexander M. Turek * MySQL 4.0 / 4.1 / 5.0 compatibility * abstract database interface (PMA_DBI) with MySQLi support * privileges administration * XML exports * various features and fixes * German language file updates - Mike Beck * automatic joins in QBE * links column in printview * Relation view - Michal Čihař * enhanced index creation/display feature * feature to use a different charset for HTML than for MySQL * improvements of export feature * various features and fixes * Czech language file updates - Christophe Gesché from the "MySQL Form Generator for PHPMyAdmin" (http://sourceforge.net/projects/phpmysqlformgen/) * suggested the patch for multiple table printviews - Garvin Hicking * built the patch for vertical display of table rows * built the Javascript based Query window + SQL history * Improvement of column/db comments * (MIME)-Transformations for columns * Use custom alias names for Databases in left frame * hierarchical/nested table display * PDF-scratchboard for WYSIWYG-distribution of PDF relations * new icon sets * vertical display of column properties page * some bugfixes, features, support, German language additions - Yukihiro Kawada * japanese kanji encoding conversion feature - Piotr Roszatycki and Dan Wilson * the Cookie authentication mode - Axel Sander * table relation-links feature - Maxime Delorme * PDF schema output, thanks also to Olivier Plathey for the "FPDF" library (see http://www.fpdf.org/) and Steven Wittens for the "UFPDF" library (see http://www.acko.net/node/56). - Olof Edlund * SQL validator server - Ivan R. Lanin * phpMyAdmin logo (until June 2004) - Mike Cochrane * blowfish library from the Horde project - Marcel Tschopp * mysqli support * many bugfixes and improvements - Michael Keck * redesign for 2.6.0 * phpMyAdmin sailboat logo (June 2004) - Mathias Landhäußer * Representation at conferences And also to the following people who have contributed minor changes, enhancements, bugfixes or support for a new language since version 2.1.0: Bora Alioglu, Ricardo ?, Sven-Erik Andersen, Alessandro Astarita, Péter Bakondy, Borges Botelho, Olivier Bussier, Neil Darlow, Mats Engstrom, Ian Davidson, Laurent Dhima, Kristof Hamann, Thomas Kläger, Lubos Klokner, Martin Marconcini, Girish Nair, David Nordenberg, Andreas Pauley, Bernard M. Piller, Laurent Haas, "Sakamoto", Yuval Sarna, www.securereality.com.au, Alexis Soulard, Alvar Soome, Siu Sun, Peter Svec, Michael Tacelosky, Rachim Tamsjadi, Kositer Uros, Luís V., Martijn W. van der Lee, Algis Vainauskas, Daniel Villanueva, Vinay, Ignacio Vazquez-Abrams, Chee Wai, Jakub Wilk, Thomas Michael Winningham, Vilius Zigmantas, "Manuzhai". Original Credits of Version 2.1.0 --------------------------------- This work is based on Peter Kuppelwieser's MySQL-Webadmin. It was his idea to create a web-based interface to MySQL using PHP3. Although I have not used any of his source-code, there are some concepts I've borrowed from him. phpMyAdmin was created because Peter told me he wasn't going to further develop his (great) tool. Thanks go to - Amalesh Kempf who contributed the code for the check when dropping a table or database. He also suggested that you should be able to specify the primary key on tbl_create.php3. To version 1.1.1 he contributed the ldi_*.php3-set (Import text-files) as well as a bug-report. Plus many smaller improvements. - Jan Legenhausen : He made many of the changes that were introduced in 1.3.0 (including quite significant ones like the authentication). For 1.4.1 he enhanced the table-dump feature. Plus bug-fixes and help. - Marc Delisle made phpMyAdmin language-independent by outsourcing the strings to a separate file. He also contributed the French translation. - Alexandr Bravo who contributed tbl_select.php3, a feature to display only some fields from a table. - Chris Jackson added support for MySQL functions in tbl_change.php3. He also added the "Query by Example" feature in 2.0. - Dave Walton added support for multiple servers and is a regular contributor for bug-fixes. - Gabriel Ash contributed the random access features for 2.0.6. The following people have contributed minor changes, enhancements, bugfixes or support for a new language: Jim Kraai, Jordi Bruguera, Miquel Obrador, Geert Lund, Thomas Kleemann, Alexander Leidinger, Kiko Albiol, Daniel C. Chao, Pavel Piankov, Sascha Kettler, Joe Pruett, Renato Lins, Mark Kronsbein, Jannis Hermanns, G. Wieggers. And thanks to everyone else who sent me email with suggestions, bug-reports and or just some feedback. Valid XHTML 1.0! Valid CSS!