Installing phpMyAdmin

Marc Delisle

October 2010


Mastering phpMyAdmin 3.3.x for Effective MySQL Management

Mastering phpMyAdmin 3.3.x for Effective MySQL Management

A complete guide to get started with phpMyAdmin 3.3 and master its features

  • The best introduction to phpMyAdmin available
  • Written by the project leader of phpMyAdmin, and improved over several editions
  • A step-by-step tutorial for manipulating data with phpMyAdmin
  • Learn to do things with your MySQL database and phpMyAdmin that you didn't know were possible!
        Read more about this book      

(For more resources on PHP, see here.)


It's time to install the product and configure it minimally for first-time use. Our reason for installing phpMyAdmin could be one of the following:

  • Our host provider did not install a central copy
  • Our provider installed it, but the version installed is not current
  • We are working directly on our enterprise's web server

Required information

Some host providers offer an integrated web panel where we can manage accounts, including MySQL accounts, and also a file manager that can be used to upload web content. Depending on this, the mechanism that we use to transfer phpMyAdmin source files to our webspace may vary. We will need some specific information (listed below) before starting the installation:

  • The web server's name or address: Here, we will assume it to be
  • Our web server's account information (username, password): This information will be used for either FTP or SFTP transfer, SSH login, or web control panel login.
  • The MySQL server's name or IP address: If this information is not available, a good alternative choice is localhost, which means that the MySQL server is located on the same machine as the web server. We will assume this to be localhost.
  • Our MySQL server's account information (username, password).

System requirements

The up-to-date requirements for a specific phpMyAdmin version are always stated in the accompanying Documentation.html file. For phpMyAdmin 3.3, the minimum PHP version required is PHP 5.2 with session support and the Standard PHP Library (SPL). Moreover, the web server must have access to a MySQL server (version 5.0 or later)—either locally or on a remote machine. It is strongly recommended that the PHP mcrypt extension be present for improved performance in cookie authentication mode. In fact, on a 64-bit server, this extension is required.

On the browser side, cookie support must be activated, whatever authentication mode we use.

Downloading the files

There are various files available in the Download section of There might be more than one version offered here, and it is always a good idea to download the latest stable version. We only need to download one file, which works regardless of the platform (browser, web server, MySQL, or PHP version). For version 3.3, there are two groups of files—english and all-languages. If we need only the English interface, we can download a file whose name contains "english"—for example, On the other hand, if we have the need for at least one other language, choosing all-languages would be appropriate.

If we are using a server supporting only PHP4—for which the PHP team has discontinued support since December 31, 2007—the latest stable version of phpMyAdmin is not a good choice for download. I recommend using version 2.11.x, which is the latest branch that supports PHP4.

The files offered have various extensions: .zip, .tar.bz2, .tar.gz, .7z. Download a file having an extension for which you have the corresponding extractor. In the Windows world, .zip is the most universal file format, although the files are bigger than .gz or .bz2 files (which are common in the Linux/Unix world). The .7z extension denotes a 7-Zip file, which is a format that achieves a higher compression ratio than the other formats offered—an extractor is available at In the following examples, we will assume that the chosen file was

After clicking on the appropriate file, the nearest mirror site will be chosen by The file will start to download, and we can save it on our computer.

Installing on different platforms

The next step depends on the platform you are using. The following sections detail the procedures for some common platforms. You may proceed directly to the relevant section.

Installing on a remote server using a Windows machine

Using the File explorer, we double-click the file that we just downloaded on the Windows machine. A file extractor will start, showing us all of the scripts and directories inside a main phpMyAdmin-3.3.2-all-languages directory.

Use whatever mechanism your file extractor offers to save all the files, including subdirectories, to some location on your workstation. Here, we have chosen C:\. Therefore, a C:\phpMyAdmin-3.3.2-all-languages directory has been created for extraction.

Now, it's time to transfer the entire directory structure C:\phpMyAdmin-3.3.2-alllanguages to the web server in our webspace. We use our favorite SFTP or FTP software, or the web control panel, for the transfer.

The exact directory under which we transfer phpMyAdmin may vary. It could be our public_html directory or another directory to which we usually transfer web documents. For further instructions about the exact directory to be used, or the best way to transfer the directory structure, we can consult our host provider's help desk.

After the transfer is complete, these files can be removed from our Windows machine as they are no longer needed.

Installing on a local Linux server

Let's say we chose phpMyAdmin-3.3.2-all-languages.tar.gz and downloaded it directly to some directory on the Linux server. We move it to our web server's document root directory (for example, /var/www/html) or to one of its subdirectories (for example, /var/www/html/utilities). We then extract it by issuing the following shell command or by using any graphical file extractor that our window manager offers:

tar -xzvf phpMyAdmin-3.3.2-all-languages.tar.gz

We must ensure that the permissions and ownership of the directory and files are appropriate for our web server. The web server user or group must be able to read them.

Installing on local Windows servers (Apache, IIS)

The procedure here is similar to that described in the Installation on a remote server using a Windows machine section, except that the target directory will be under our DocumentRoot (for Apache) or our wwwroot (for IIS). Of course, we do not need to transfer anything after modifications are made to (described in the next section), as the directory is already on the webspace.

Apache is usually run as a service. Hence, we have to ensure that the user under whom the service is running has normal read privileges to access our newly-created directory. The same principle applies to IIS, which uses the IUSR_machinename user. This user must have read access to the directory. You can adjust permissions in the Security/permissions tab of the directory's properties.

Configuring phpMyAdmin

Here, we will learn how to prepare and use the configuration file containing the parameters to connect to MySQL, and which can be customized as per our requirements.

Before configuring, we can rename the directory phpMyAdmin-3.3.2-all-languages to something like phpMyAdmin or just something easier to remember. This way, we and our users can visit an easily-remembered URL to start phpMyAdmin. On most servers, the directory part of URLs is case-sensitive, so we should communicate the exact URL to our users. We can also use a symbolic link if our server supports this feature.

The file

This file contains valid PHP code that defines the majority of the parameters (expressed by PHP variables) that we can change in order to tune phpMyAdmin to our own needs. There are also normal PHP comments in it, and we can comment our changes.

Be careful not to add any blank lines at the beginning or end of the file; doing so would hamper the execution of phpMyAdmin.

Note that phpMyAdmin looks for this file in the first level directory—the same one where index.php is located.

In versions before 2.8.0, a generic file was included in the downloaded kit. Since 2.8.0, this file is no longer present in the directory structure. Since version 2.9.0, a file is included, and this can be copied and renamed to to act as a starting point. However, it is recommended that you use the web-based setup script instead, for a more comfortable configuration interface.

There is another file——that contains some configuration information. Because phpMyAdmin offers theme management, this file contains the theme-specific colors and settings. There is one file per theme, located in themes/themename, for example, themes/original.

Avoiding false error messages about permissions on

In its normal behavior, phpMyAdmin verifies that the permissions on this file do not allow everyone to modify it. This means that the file should not be writable to the world. Also, it displays a warning if the permissions are not correct. However, in some situations (for example, an NTFS file system mounted on a non-Windows server), the permission detection fails. In these cases, you should set the followingparameter to false:

$cfg['CheckConfigurationPermissions'] = false;

The following sections explain various methods for adding or changing a parameter in the file.

Configuration principles

phpMyAdmin's behavior, given that no configuration file is present, has changed in version 3.1.0. In versions 3.0 and earlier, the application used its default settings as defined in libraries/config.default.php and tried to connect to a MySQL server on localhost—the same machine where the web server is running—with user as root and no password. This is the default set-up produced by most MySQL installation procedures, even though it is not really secure. Therefore, if our freshly installed MySQL server were still to have the default root account, we would have logged on automatically and would have seen a warning given by phpMyAdmin about such lack of security.

If the notion of a MySQL root user eludes you, now might be the time to browse, in order to learn the basics about MySQL's privilege system.

Since version 3.1.0, the development team has wanted to promote a more flexible login panel. This is why, with the lack of a configuration file, phpMyAdmin displays the cookie-based login panel by default

We can verify this fact by visiting and substituting the appropriate values for the domain part and the directory part. If we are able to log in, it means that there is a MySQL server running on the same host as the web server (localhost) and we've just made a connection to it. However, not having created a configuration file means that we would not be able to manage other hosts via our installation of phpMyAdmin. Moreover, many advanced phpMyAdmin features (for example, query bookmarks, full relational support, column transformation, and so on) would not be activated.

The cookie-based authentication method uses Blowfish encryption for storing credentials in browser cookies. If no configuration file exists, a Blowfish secret key is generated and stored in session data, which can open the door to security issues. This is why the following warning message is displayed: The configuration file now needs a secret passphrase (blowfish_secret).

At this point, we have some choices:

  • Use phpMyAdmin without a configuration file
  • Use the web-based setup script to generate a file
  • Create a file manually

These options are presented in the following sections. We should note that even if we use the web-based setup script, we should familiarize ourselves with the file format, because the setup script does not cover all of the possible configuration options.

        Read more about this book      

(For more resources on PHP, see here.)

Web-based setup script

The web-based setup mechanism is strongly recommended in order to avoid syntax errors that could result from the manual creation of the configuration file. Also, because this file must respect PHP's syntax, it's common for new users to experience problems in this phase of the installation.

A warning is in order here: The current version has only a limited number of translation languages for the setup interface.

To access the setup script, we must visit setup. Here is what appears upon initial execution:

In most cases, the icons beside each parameter point to the respective phpMyAdmin official wiki and to their documentation, providing you with more information about this parameter and its possible values.

If Show hidden messages appears and we click on this link, messages that might have been displayed earlier are revealed:

There are three warnings here. As taking care of the first message will require more manipulations, we will handle it in a moment. Let's cover the second message—Insecure connection. This message appears if we are accessing the web server over HTTP—an insecure protocol. As we are possibly going to input confidential information, such as the username and password, in the setup phase, it's recommended that you communicate over HTTPS, at least for this phase. HTTPS uses Secure Socket Layer (SSL) to encrypt the communication and make eavesdropping on the line impossible. If our web server supports HTTPS, we can simply follow the proposed link. This will restart the setup process, this time over HTTPS. We have made this assumption in our example.

The third warning encourages you to use the ForceSSL option, which will automatically switch to HTTPS when using phpMyAdmin (not related to the setup phase).

The first warning tells us that phpMyAdmin did not find a writable directory with the name config. This is normal as it was not present in the downloaded kit. Also, as the directory is not yet there, we observe that the Save, Load, and Delete buttons in the interface are gray. In this config directory, we can:

  • Save the working version of the configuration file during the setup process
  • Load a previously-prepared file

It's not absolutely necessary that we create this configuration directory, as we can download the file produced by the setup procedure to our client machine. We can then upload it to phpMyAdmin in the first-level directory via the same mechanism (say FTP) that we used to upload phpMyAdmin. In any case, we'll create this directory.

The principle here is that the web server must be able to write to this directory. There is more than one way to achieve this. Here is one that would work on a Linux server—adding read, write, and execute permissions for everyone on this directory:

cd phpMyAdmin
mkdir config
chmod 777 config

Having done that, we refresh the page in our browser and we see:

In the configuration dialog, a drop-down menu permits the user to choose the proper end-of-line format. We should choose the format that corresponds to the platform (UNIX/Linux or Windows) on which we will open later, with a text editor, the file.

A single copy of phpMyAdmin can be used to manage many MySQL servers, but for now we will define parameters describing our first MySQL server. We click New server, and the server configuration panel is shown.

For now, we notice that the setup process has detected that PHP also supports the mysqli extension. Therefore, this is the one that is chosen by default. This extension is the programming library used by PHP to communicate with MySQL.

It's recommended you to abide by the philosophy proposed by the interface, and keep cookie as the Authentication type. We assume that our MySQL server is located on localhost. Hence, we keep this value, and all of the proposed values intact, except for the following:


  • Verbose name of this server: We enter my server
  • User for config auth: We remove root and leave it empty

You can see that any parameter that is changed from its default value appears in a different color. Moreover, a small arrow becomes available, the purpose of which is to restore a field to its default value. Hence, you can feel free to experiment with changing parameters, knowing that you can easily revert to the proposed value. At this point, the panel should look like this:

We then click on Save and are brought back to the Overview panel. This save operation did not yet save anything to disk; changes were saved in memory. We are warned that a Blowfish secret key was generated. However, we don't have to remember it, as it's not keyed in during login process, but is used internally. For the curious, you can switch to the Features panel and click on the Security tab to see which secret key was generated. Back to the Overview panel. Now our setup process knows about one MySQL server, and there are links that enable us to Edit or Delete these server settings:

We can have a look at the generated configuration lines by using the Display button; and then we can analyze these parameters using the explanations given in the Description of some configuration parameters section later in this article.

At this point, this configuration is still just in memory, so we need to save it. This is done via the Save button on the Overview panel. It saves in the special config directory that we created previously. This is a directory strictly used for configuration purposes. If, for any reason, it was not possible to create this config directory, you just have to Download the file and upload it to the web server directory where phpMyAdmin is installed.

The last step is to copy from the config directory to the top-level directory—the one that contains index.php. By copying this file, it becomes owned by the user instead of by the web server, ensuring that further modifications are possible. This copy can be done via FTP or through commands such as:

cd config
cp ..

As a security measure and until the configuration steps are completed, it's recommended that you change the permission on the config directory—for example, with the chmod ugo-rwx config command. This is to block any unauthorized reading and writing in this directory.

Other configuration parameters can be set with these web-based setup pages. To do so, we would have to:

  1. Enable read and write access to the config directory
  2. Copy the to this directory
  3. Ensure that read and write access are provided to this file for the web server
  4. Start the web-based setup tool

After the configuration steps are done, it's recommended that you completely remove the config directory, as this directory is only used by the web-based setup script. Since version 3.2.0, phpMyAdmin displays the following warning on the home page if it detects that this directory still exists:

Directory config, which is used by the setup script, still exists in your phpMyAdmin directory. You should remove it once phpMyAdmin has been configured.

You are invited to peruse the remaining menus to get a sense of the available configuration possibilities, either now or later when we cover a related subject.

Manually creating

We can create this text file from scratch by using our favorite text editor, or by using as a starting point. The exact procedure depends upon which client operating system we are using. We can refer to the next section for further information.

The default values for all possible configuration parameters that can be located inside are defined in libraries/config.default.php. We can take a look at this file to see the syntax used, as well as further comments about configuration.

Tips for editing on a Windows client

This file contains special characters (Unix-style end of lines). Hence, we must open it with a text editor that understands this format. If we use the wrong text editor, this file will be displayed with very long lines. The best choice is a standard PHP editor such as NetBeans or Zend Studio for Eclipse. Another choice would be WordPad, metapad, or UltraEdit.

Every time the file is modified, it will have to be transferred to our webspace again. This transfer is done via an FTP or an SFTP client. You have the option to use a standalone FTP/SFTP client such as FileZilla, or save it directly via FTP/SFTP, if your PHP editor supports this feature.

Description of some configuration parameters

In this article and the next one, we will concentrate on the parameters that deal with connection and authentication.


The first parameter we will look at is: $cfg['PmaAbsoluteUri'] = '';.

PMA is a familiar abbreviation for phpMyAdmin. For configuration parameters, the chosen convention is to capitalize the first letter, producing Pma in this case. At some places in its code, phpMyAdmin sends an HTTP Location header and must know the absolute URI of its installation point. Using an absolute URI in this case is required by RFC 2616, section 14.30.

In most cases, we can leave this one empty, as phpMyAdmin tries to auto-detect the correct value. If we browse a table later, and then edit a row and click on Save, we will receive an error message from our browser saying, for example, This document does not exist. This means that the absolute URI that phpMyAdmin built in order to reach the intended page was wrong, indicating that we must manually put the correct value in this parameter.

For example, we would change it to:

$cfg['PmaAbsoluteUri'] = '';

Server-specific sections

The next section of the file contains server-specific configurations, each starting with:

$cfg['Servers'][$i]['host'] = '';

If we examine only the normal server parameters, we see a section that looks like the following for each server:

$cfg['Servers'][$i]['host'] = '';
$cfg['Servers'][$i]['port'] = '';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['extension'] = 'mysqli';
$cfg['Servers'][$i]['compress'] = FALSE;
$cfg['Servers'][$i]['controluser'] = '';
$cfg['Servers'][$i]['controlpass'] = '';
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = '';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['only_db'] = '';
$cfg['Servers'][$i]['hide_db'] = '';
$cfg['Servers'][$i]['verbose'] = '';

In this section, we have to enter in $cfg['Servers'][$i]['host'], either the hostname or IP address of the MySQL server—for example, or localhost. If this server is running on a non-standard port or socket, we need to enter the correct values in $cfg['Servers'][$i]['port'] or $cfg['Servers'] [$i]['socket']. See the section on connect_type for more details about sockets.

The displayed server name inside phpMyAdmin's interface will be the one entered in 'host' (unless we enter a non-blank value in the following parameter). For example:

$cfg['Servers'][$i]['verbose'] = 'Test server';

This feature can thus be used to display a different server hostname as seen by the users on the login panel and on the main page, although the real server name can be seen as part of the user definition (for example, root@localhost) on the main page.

        Read more about this book      

(For more resources on PHP, see here.)


The traditional mechanism PHP uses to communicate with a MySQL server, as available in PHP before version 5, is the mysql extension. This extension is still available in PHP 5. However, a new extension called mysqli has been developed and should be preferred for PHP 5, because of its improved performance and its support of the full functionality of the MySQL family 4.1.x. This extension is designed to work with MySQL version 4.1.3 and higher. As phpMyAdmin supports both extensions, we can choose either one for a particular server. We indicate the extension we want to use in $cfg['Servers'][$i]['extension'].

connect_type, socket, and port

Both the mysql and mysqli extensions automatically use a socket to connect to MySQL if the server is on localhost. Consider this configuration:

$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['port'] = '';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['extension'] = 'mysql';

The default value for connect_type is tcp. However, the extension will use a socket because it concludes that this is more efficient as the host is localhost. So in this case, we can use tcp or socket as the connect_type. To force a real TCP connection, we can specify instead of localhost in the host parameter. Because the socket parameter is empty, the extension will try the default socket. If this default socket, as defined in php.ini, does not correspond to the real socket assigned to the MySQL server, we have to put the socket name (for example, /tmp/mysql.sock) in $cfg['Servers'][$i]['socket'].

If the hostname is not localhost, a TCP connection will occur—here, on the special port 3307. However, leaving the port value empty would use the default 3306 port:

$cfg['Servers'][$i]['host'] = '';
$cfg['Servers'][$i]['port'] = '3307';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['extension'] = 'mysql';

compress configuration

Beginning with PHP 4.3.0 and MySQL 3.23.49, the protocol used to communicate between PHP and MySQL allows a compressed mode. Using this mode provides better efficiency. To take advantage of this mode, simply specify:

$cfg['Servers'][$i]['compress'] = TRUE;


Another important parameter (which is not server-specific but applies to all server definitions) is $cfg['PersistentConnections']. For every server we connect to using the mysql extension, this parameter, when set to TRUE, instructs PHP to keep the connection to the MySQL server open. This speeds up the interaction between PHP and MySQL. However, it is set to FALSE by default in because persistent connections are often a cause of resource depletion on servers. So you will find MySQL refusing new connections. For this reason, the option is not even available for the mysqli extension. Hence, setting it to TRUE here would have no effect if you are connecting with this extension.

Upgrading phpMyAdmin

Normally, upgrading is just a matter of installing the newer version into a separate directory and copying the previous version's to the new directory. If the previous version is phpMyAdmin 2.6.0 or earlier, we cannot copy its to the new version because the file format has changed a lot.

An upgrade path or the first-installation path, which should not be taken, is to copy libraries/config.default.php to This is because the default configuration file is version-specific and is not guaranteed to work for future versions.

New parameters appear from version to version. These are documented in Documentation.html and defined in libraries/config.default.php. If a configuration parameter is not present in, its value from libraries/config.default.php will be used. Therefore, we do not have to include it in if the default value suits us.

Special care must be taken to propagate the changes we might have made to the files, depending on the themes used. We may even have to copy our custom themes subdirectories if we added our own themes to the structure.


This article covered how the web has evolved as a means of delivering applications, and why we should use PHP/MySQL to develop these applications. The article also gave an overview of why phpMyAdmin is recognized as a leading application to interface MySQL from the Web, and provided a brief list of its features. It then discussed common reasons for installing phpMyAdmin, steps for downloading it from the main site, basic configuration, uploading phpMyAdmin to our web server, and also described how to upgrade it.

Further resources on this subject:

You've been reading an excerpt of:

Mastering phpMyAdmin 3.3.x for Effective MySQL Management

Explore Title