[Bug 187843] Review Request: phpMyAdmin - Web based MySQL browser written in php

bugzilla at redhat.com bugzilla at redhat.com
Wed Jun 21 15:21:13 UTC 2006 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: phpMyAdmin - Web based MySQL browser written in php


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187843


redhat-bugzilla at linuxnetz.de changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |redhat-bugzilla at linuxnetz.de




------- Additional Comments From redhat-bugzilla at linuxnetz.de  2006-06-21 11:13 EST -------
There are minimum requirements for phpMyAdmin as per README, changing to:
Requires: webserver, php >= 4.1.0, php-mysql >= 4.1.0, php-mbstring >= 4.1.0, 
mysql-server >= 3.23.32

I also would suggest adding the following to Source2, because of rpmlint error:
E: phpMyAdmin htaccess-file /usr/share/phpMyAdmin/libraries/.htaccess

--- snipp ---
# This directory does not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries>
    Order Deny, Allow
    Deny from All
    Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.
#
<IfModule mod_security.c>
    <LocationMatch "/phpMyAdmin/(.+)">
        SecFilterInheritance Off
    </LocationMatch>
</IfModule>
--- snapp ---

Personally I'm not happy with having phpMyAdmin restricted for localhost only. 
Of course, on the other hand I can see the security aspect, too.

Another thing is, for my personal use, I didn't allow logins at phpMyAdmin
using the "mysql" user which has normally no password. At least I changed 
authentication method to "http" to allow every mysql user a login. Just have
a look to the patch to see what I did...

Oh and there are two additional rpmlint messages:
W: phpMyAdmin incoherent-version-in-changelog 2.8.0.3-1 2.8.0.4-1
E: phpMyAdmin zero-length /usr/share/doc/phpMyAdmin-2.8.0.4/Documentation.txt

Hm, when symlinking the configuration file, you also should add a "Options 
+FollowSymLinks" or similar to Source2, otherwise there can be a Forbidden with 
having a strict Apache configuration, IIRC.

And finally, isn't phpMyAdmin 2.8.1 latest version (as per www.phpmyadmin.net)?

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

More information about the Fedora-package-review mailing list