PhpMyAdmin is vulnerable to attacks or cannot be used properly. phpMyAdmin has three authorization modes: COOKIE: A Web login page is displayed. Enter the MySQL user name and password and enter the management interface. HTTP: A Windows logon box is displayed. Enter the MySQL user name and password. Config: Enter the MySQL user name and password directly in config. Inc. php. If the logon interface is not displayed, go to the management interface. The configuration file name of phpMyAdmin is config. Inc. php. The methods for changing config. Inc. php in different versions are as follows: Versions earlier than 2.6: Change config. Inc. sample. php to config. Inc. php. Version 2.7: Change config. Default. php to config. Inc. php. Version 2.8: Use the configuration script '/script/setup. php' to generate a configuration file, copy the generated file, and manually save it as config. Inc. php. [Img] src = http://bbs.fyjy.net/attachment.php? Attachmentid = 3466 & STC = 1 [/img] Configuration script provided by version 2.8 and later 1. Use cookie authorization Mode Change 'auth _ type' to 'cooker', and then modify 'blowfish _ secret' to use an arbitrary string as the Cookie's encrypted string. If no encryption key exists, the system displays "the configuration file currently requires a top secret phrase password (blowfish_secret)". The configuration file is as follows: $ Cfg ['servers'] [$ I] ['auth _ type'] = 'cooker '; $ Cfg ['blowfish _ secret'] = '44e2f5aece2855. 8080 '; After the modification is completed, enter the logon window [Img] http://bbs.fyjy.net/attachment.php? Attachmentid = 3467 & STC = 1 [/img] Web login page in HTTP Authorization Mode Ii. Use the config authorization Mode Config requires these parameters: $ Cfg ['servers'] [$ I] ['auth _ type'] = 'config'; // authorization Mode $ Cfg ['servers'] [$ I] ['user'] = 'root'; // MySQL Login User $ Cfg ['servers'] [$ I] ['Password'] = '000000'; // MySQL Login User Password 3. Use HTTP Authorization Mode $ Cfg ['servers'] [$ I] ['auth _ type'] = 'http '; [Img] http://bbs.fyjy.net/attachment.php? Attachmentid = 3468 & STC = 1 [/img] HTTP Authorization mode logon window Note: If the MySQL server uses version 4.1 or later and the client connection uses the mysql4.1 version, use the old_password function when setting the password for the user. For example: Mysql> SET Password = old_password ('20140901 ') Mysql>/g [/img] |