Running phpMyAdmin in SSL? Please read!

[Vin DSL]

I was bored, and surfing around phpMyAdmin's CVS when... Lo' and behold!

http://phpmyadmin.cvs.sourceforge.ne...1=1.35&r2=1.36

This is in response to...

http://sourceforge.net/tracker/index...67&atid=377408

That woke me up!

I don't know if anybody else here runs phpMyAdmin in a secure socket, especially on a public computer, but if you do, here's the patch...

Edit /libraries/Config.class.php. Around line 500:

Change

Code:

        // Setup a default value to let the people and lazy syadmins work anyway,
        // they'll get an error if the autodetect code doesn't work
        $pma_absolute_uri = $this->get('PmaAbsoluteUri');
        if ( strlen($pma_absolute_uri) < 1 ) {
            $url = array();

            // At first we try to parse REQUEST_URI, it might contain full URI

To

Code:

        // Setup a default value to let the people and lazy syadmins work anyway,
        // they'll get an error if the autodetect code doesn't work
        $pma_absolute_uri = $this->get('PmaAbsoluteUri');
        // by recomputing $pma_absolute_uri when is_https, we ensure
        // that a user switching from http to https stays in https
        if (strlen($pma_absolute_uri) < 1 || $this->get('is_https')) {
            $url = array();

            // At first we try to parse REQUEST_URI, it might contain full URI

Better safe than sorry!

[Vin DSL]

Heh! I submitted a cosmetic bug fix while I was over there...

http://sourceforge.net/tracker/index...67&atid=377408

Supposedly they've fixed it in version 2.9.0, but I can't find it in their CVS.

[phpbbviet]

thanks for your post