[Phpmyadmin-devel] Re: prevent users from seeing status and variables, why?
michal at cihar.com
Fri Nov 11 02:55:31 CET 2005
On Fri 11. 11. 2005 09:02, Sebastian Mendel wrote:
> the difference of phpinfo() with the other settings below is, that
> this should depend on if the user is 'superuser' on the 'localhost'!
> if i have a local PMA installation to manage localhost(user:root),
> intra.myweb.de(user:web) and www.myweb.de(user:web) - phpinfo() is
> hidden only if i select one of the two external servers - but without
> any reason
There is no relation on being superuser in mysql and beeing able to have
information about webserver. I'd leave this only on config option.
So my suggestion:
Drop $cfg['ShowMysqlInfo'] and $cfg['ShowMysqlVars'] and show them in
all cases. Drop $is_superuser condition from showing php info.
Michal Čihař | http://cihar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the Developers