[BlueOnyx:00407] Re: phpmyadmin not working?

Rickard Osser rickard.osser at bluapp.com
Wed Jan 28 00:58:11 -05 2009 

Hi Michael,

On Wed, 2009-01-28 at 04:10 +0100, Michael Stauber wrote:
> Hi Rickard,
> 
> > First issue:
> > As the admin-user you won't be able to log out of phpmyadmin, you will
> > be thrown back in again if you click on the logout link in phpmyadmin.
> > Is this behavior desirable? If not, what should happend?
> 
> Hmm ... what happens when you end the session by "zapping" the session cookie? 
It doesn't matter, the code checks your user (ergo admin) and do a re-login automatically as you're 
logged out to the index.php script.

> > Second issue:
> > Now that phpmyadmin is integrated into sausalito, what should happen
> > with the link /phpmyadmin? As it is it doesn't work. I might find a way
> > to fix it but I don't know, because the login/signon is tied to the GUI
> > which means sausalito should be fully enabled for it to work and the
> > user should be logged in. We could always tie /phpmyadmin to /login and
> > force the user to log in to the system before being able to access
> > phpmyadmin?
> 
> Ken wrote:
> > If possible I'd rather not have a regular /phpmyadmin at the regular url.
> > It just gives another place for easy brute force password guessing attacks.
> 
> I agree with Ken on this. If "our" phpMyAdmin only works if the user is 
> authenticated to CCE (and not even accessible through /phpMyAdmin on the 
> public Apache), then we eliminate quite a bit of grief.
> 
> To sweeten things we could even throw in another gadget:
> 
> We add the capability group "phpMyAdmin" to the capabilities that can be 
> assigned to users. If the user is a siteAdmin, he gets that capability by 
> default. If the user is a regular user, the server admin or siteAdmin may  
> grant him that capability.
> 
> If the capability is present for the user, he can auto-sign in to phpMyAdmin 
> with the site's MySQL login credentials. 
> 
> I rencently rolled up some software that works similarly and adds another 
> capability like this. So if you want, I can extend your code with that.
> 
> Rickard, let me know if you want SVN access and I'll hand it out to you. 
> Should make contributing a bit easier.
SVN would be nice, caps would also be  nice. Ok, I'll wrap it up in a .mod with all I've done
so far and add locale, then we'll have to patch /etc/phpMyAdmin/config.inc.php.

Regards,

Rickard

More information about the Blueonyx mailing list