Freedomware <mailto:[EMAIL PROTECTED]> on Friday, January 23, 2004 3:19 AM said:
> HOWEVER, it said the better method was to type in either "http" or (I > can't remember the second choice offhand). I think I did it on line > 133 (see below. Just to clarify. The difference between the two methods is that in the case where you specify your username/password within the config file, phpMyAdmin will use that data to connect to the db REGARDLESS of who accesses the phpMyAdmin url. If you put the mysql root username/password in there you'll give root access to anyone that knows the url. On the other hand if you choose http and leave the username/password blank you force the person trying to use phpMyAdmin to enter a valid username and password each time they try to use it. And of course this includes you too. Also the http setting is being ignored because you've defined a username/password within the config file. I imagine that when it's loading it's first page and doing it's checks it sees that you've got those values defined and it just skips the other part because it's not even worth thinking about (the http part that is). HTH, Chris. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
