i've recently been ramping up security on my server and i realised that
phpmyadmin sends the username and password in plaintext accross the http
connection from client to server when loging in. this seems like quite a
security hole, so i just thought i'd see if there are any other options to
use encryption on the username and password for the login page? i've had a
bit of a look though the code but i couldnt see any options to 'turn on' a
higher level of security so i'm guessing there currently isnt one. that
being the case i'd be keen to implement a more secure login.
what are everyone's thoughts on this?
I was trying to solve this bug..I found out what actually is wrong..
When AJAX message is sent after creating the DB..it has success string that
the database has been created..and nothing is specified inside
PMA_Ajaxresponse() to reload the left frame and just it exits the script
execution as soon as it reaches the "exit" of PMA_Ajaxresponse() ... so the
files included after that has no meaning in case of AJAX requests...
type of AJAX headers sent is application/json so i think we should embed
reload the frame..
I've just set up another database to demo server - Drizzle. At first
attempt phpMyAdmin did not work at all, but after few fixes (basically
disabling all charsets/collation handling we do on connect), we're at
least able to connect and show the interface with some databases and
However there is much more things to fix (for example phpMyAdmin does
not see all tables for some reason) and definitely more to test.
However the question is if we want to officially support Drizzle and
put some effort into it.
You can try phpMyAdmin with Drizzle here:
More information about Drizzle: http://drizzle.org/
Michal Čihař | http://cihar.com | http://blog.cihar.com
Is there any kind of Debigger available to use while understanding the code
fo phpmyadmin so as to understand which line gets executed where..?
or the varible used here is from which included file?
Do some developer uses debuggers for their uses?
I had a look at the latest Ankit's repo. In pmd_general.php there is a
form calling "pmd_general" as an action, this should be replaced by
Any progress on this repo? Last commit is Aug 17, but the last message
on this list from Ankit is Aug 30 when Ankit wrote he would integrate
Michael's new icons.
I was trying to solve a bug..that involves some misfunctionality in master
(3.4-dev) and was working fine in (in QA_3_3, 3.3.8-dev)...as stated by the
I just wanted to ask how can i get the source code of 3.3.8-dev....so as to
check the discrepency why the thing is not working in this version...
I suggest removing this option for 3.4 and always assume it's "true". I
don't see a reason why someone would like to set this to "false".
Enable Ctrl+Arrows (Option+Arrows in Safari) moving between fields