[Phpmyadmin-devel] prevent users from seeing status and variables, why?

Marc Delisle Marc.Delisle at cegepsherbrooke.qc.ca
Wed Nov 9 10:51:29 CET 2005

Sebastian Mendel a écrit :
> Hi,
> what is the reason for setting this default values to false?
> $cfg['ShowMysqlInfo']         = FALSE;  // whether to display the "MySQL 
> runtime
> $cfg['ShowMysqlVars']         = FALSE;  // information", "MySQL system 
> variables", "PHP
> $cfg['ShowPhpInfo']           = FALSE;  // information" and "change 
> password" links for
> $cfg['ShowChgPassword']       = FALSE;  // simple users or not

About the SHOW PHP info, there was a time when the cookie containing the 
password was visible there in plain text, it might explain the reason 
for this default.

For mysqlinfo and mysqlvars, I think it was determined that this is 
information useful for a system admin.

For the password change, I think that most of users, if they have the 
possibility of changing their password, will do it, then will complain
in phpMyAdmin support forums because all their other MySQL apps are now 


More information about the Developers mailing list