And I agree - when pMA is runned in a multihosting environment with perhaps 100's or 1000's of databases it's really important only to show allowed databases... So in my opinion - the use of only_db would be far more correct if it's a TRUE/FALSE variable - that tells pMA to check for permissions and only show allowed databases of the authenticated user. (and actually I think that MySQL has a feature that enables the same thing - that MySQL only shows allowed databases and tables to the client based on the authenticated user - I just can't find it in the documentation at this moment - but I'll keep searching :o)) ).
That a solution, but each time the left frame is refreshed, should we list again all the 1000 database and build only the one we have right to see (I see load on the server coming ;-) ). 'only db' is not so bad maybe with a smarter way a checking rights.