From 4ae7912983a4c5f30ff04d5736dc84ca991df7d9 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Thu, 7 Mar 2002 13:34:24 +0000 Subject: [PATCH] controluser --- ChangeLog | 4 +++ Documentation.html | 61 +++++++++++++++++++++++++++------------------- 2 files changed, 40 insertions(+), 25 deletions(-) diff --git a/ChangeLog b/ChangeLog index dae284b8a..824298e5c 100755 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,10 @@ phpMyAdmin - Changelog $Id$ $Source$ +2002-03-07 Marc Delisle + * Documentation.html, config.inc.php3, libraries/common.lib.php3: + stduser/stdpass are now controluser/controlpass + 2002-03-04 Marc Delisle * libraries/display_tbl.lib.php3, undefined variable diff --git a/Documentation.html b/Documentation.html index 5aeec62f2..fea286e21 100755 --- a/Documentation.html +++ b/Documentation.html @@ -209,8 +209,17 @@ before uploading them to your server.

+

+ Documentation warning: when you see in this + document a .php3 file extension, please transpose to .php + if you are using a kit with files having this extension. +

+

Quick Install:

    +
  1. Use a distribution kit with the files having the extension + (.php3 or .php) depending on the way your web/PHP server interprets + those extensions.
  2. Untar or unzip the distribution (be sure to unzip the subdirectories): tar xzvf phpMyAdmin_x.x.x.tar.gz in your webserver's document root.
    3. @@ -250,33 +259,32 @@
  3. Http and cookie authentication modes are secure: the MySQL password does not need to be set in the phpMyAdmin configuration file. (except - for the "standard user" -see the Configuration section-). + for the "controluser" -see the Configuration section-).
    In cookie mode, we send the password in a temporary cookie, so most browsers should not store the password in their cookie file.

  4. - For 'http' and 'cookie' modes, phpMyAdmin needs a stduser that has + For 'http' and 'cookie' modes, phpMyAdmin needs a controluser that has only the SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns) & mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables.
    - You must specify the details for the stduser in the + You must specify the details for the controluser in the config.inc.php3 file under the - $cfgServers[n]['stduser'] & - $cfgServers[n]['stdpass'] settings.
    - To create the control account (<stduser> and - <stdpass> have to be replaced by your own values, of - course):
    + $cfgServers[n]['controluser'] & + $cfgServers[n]['controlpass'] settings.
    + This example assumes you want to use pma as the controluser + and pmapass as the controlpass:
    @@ -287,7 +295,7 @@
        - GRANT USAGE ON mysql.* TO '<stduser>'@'localhost' IDENTIFIED BY '<stdpass>';
    - GRANT SELECT (Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) ON mysql.user TO '<stduser>'@'localhost';
    - GRANT SELECT ON mysql.db TO '<stduser>'@'localhost';
    - GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv) ON mysql.tables_priv TO '<stduser>'@'localhost'; + GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';
    + GRANT SELECT (Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) ON mysql.user TO 'pma'@'localhost';
    + GRANT SELECT ON mysql.db TO 'pma'@'localhost';
    + GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv) ON mysql.tables_priv TO 'pma'@'localhost';
        - GRANT SELECT, INSERT, DELETE ON <bookmark_db>.<bookmark_table> TO '<stduser>'@'localhost'; + GRANT SELECT, INSERT, DELETE ON <bookmark_db>.<bookmark_table> TO 'pma'@'localhost';
    @@ -330,7 +338,7 @@
  5. This mode is the less secure one because it requires you to fill the $cfgServers[n]['user'] and $cfgServers[n]['password'] fields.
    - But usually you don't need to setup a "standard user" here: + But you don't need to setup a "controluser" here: using the $cfgServers[n]['only_db'] might be enough.
    In the ISP FAQ section, there is an entry explaining how to protect your configuration file.
    6. @@ -416,8 +424,8 @@
    - $cfgServers[n]['stduser'] string
    - $cfgServers[n]['stdpass'] string + $cfgServers[n]['controluser'] string
    + $cfgServers[n]['controlpass'] string
    When using http or cookie authentication modes (or 'config' @@ -431,10 +439,12 @@ Please see the install section on "Using http authentication" for more information.

    - Note that if you try login to phpMyAdmin with this "stduser", + Note that if you try login to phpMyAdmin with this "controluser", you could get some errors, depending the exact privileges you gave to - the "stduser". phpMyAdmin does not support a direct login - with the "stduser". + the "controluser". phpMyAdmin does not support a direct login + with the "controluser". +

    + In versions before 2.2.5, those were called stduser/stdpass.

    @@ -538,10 +548,11 @@
    - Note that stduser must have SELECT, INSERT + Note that controluser must have SELECT, INSERT and DELETE privileges on the bookmark table. - Here is a query to set up those privileges:
    - GRANT SELECT,INSERT,DELETE ON <bookmarkdb>.<bookmarktable> to 'stduser'@localhost; + Here is a query to set up those privileges (using "pma" as + the controluser:
    + GRANT SELECT,INSERT,DELETE ON <bookmarkdb>.<bookmarktable> to 'pma'@localhost;

    @@ -633,7 +644,7 @@
    $cfgAllowUserDropDatabase boolean
    - Defines whether standard users (non administrator) are allowed to + Defines whether normal users (non-administrator) are allowed to delete their own database or not. If set as FALSE, the link "Drop Database" will not be shown, and even a "DROP DATABASE mydatabase" will be rejected. Quite practical for ISP's with many @@ -1238,8 +1249,8 @@

    • - $cfgServers[n]['stduser'] and/or - $cfgServers[n]['stdpass'] are wrong. + $cfgServers[n]['controluser'] and/or + $cfgServers[n]['controlpass'] are wrong.
    • The username/password you specify in the login-dialog are invalid.