7 Aug
2007
7 Aug
'07
8:53 a.m.
Hi, even if it is a good feature to run phpMyAdmin out of the box on a dev system with root and no pw i think we should limit this ... possible we could add an config switch and/or version check if version is dev, from svn or forced by config ($cfg['allow_root_with_no_pw']) allow root with no pass if version is release deny root with no password (except it is forced by config switch to be allowed) and phpMyAdmin should trigger_error to log this error and report a generic security error message to the user 'security error, please check php errror log for further details' what do you think about? -- Sebastian