== link:index.html[Index] -> link:cookbook.html[Cookbook]
///////////////////////////////////////////////////////////////////
Last checked:
* Cherokee   0.99.25
* phpMyAdmin 3.1.2
///////////////////////////////////////////////////////////////////

Cookbook: Setting up phpMyAdmin
-------------------------------

Setting up link:http://www.phpmyadmin.net[phpMyAdmin] to work with
Cherokee is trivial, as Cherokee already provides everything that is
needed to work.

According to phpMyAdmin's documentation, the software requirements
are just:

  * PHP:

    - You need PHP 5.2.0 or newer, with session support and the
      Standard PHP Library (SPL) extension.

    - To support uploading of ZIP files, you need the PHP zip
      extension.

    - For proper support of multibyte strings (eg. UTF-8, which is
      currently default), you should install mbstring and ctype
      extensions.

    - You need GD2 support in PHP to display inline thumbnails of
      JPEGs ("image/jpeg: inline") with their original aspect ratio

    - When using the "cookie" authentication method, the mcrypt
      extension is strongly suggested for most users and is required
      for 64–bit machines. Not using mcrypt will cause phpMyAdmin to
      load pages significantly slower.

  * MySQL 5.0 or newer (details);

  * Web browser with cookies enabled.

This means that you don't need to modify Cherokee at all provided you
have PHP with MySQL support.

Simply use Cherokee-Admin's phpMyAdmin Wizard, located under the
`Database` category. It checks for the presence of phpMyAdmin, so you
better have the package installed prior to using the Wizard, or else
the Wizard will not let you proceed.

Express setup
~~~~~~~~~~~~~
The only thing you need to do is make phpMyAdmin accessible by
Cherokee and all the script files must have permissions suitable for
the user running Cherokee.

Most platforms provide packages with all that you need. For Debian
based Linux distributions, You can issue the following commands as
root (or through sudo) and the whole installation will take a matter
of seconds.

.Debian installation
-----
# apt-get install php5-cgi php5-mysql mysql-server-5.0 phpmyadmin
-----

Since Cherokee doesn't appear in the list of web servers provided by
the package installation script, select any of them to proceed with
phpMyAdmin's configuration.

The commands above assume you are running Cherokee as `root` and that
your web server's `document root` is `/var/www`.

If you were to run it as `www-data`, simply change the script's
owner:

.Script owner
-----
# chown -R www-data:www-data /usr/share/phpmyadmin
-----

Now point your web browser to `http://localhost/phpmyadmin`, and use
the MySQL user information to access the databases.

.phpMyAdmin in action
image::media/images/cookbook_phpmyadmin.png[phpMyAdmin in action!]

Generic setup
~~~~~~~~~~~~~

If your platform doesn't provide phpMyAdmin, download it from the
link:http://www.phpmyadmin.net/home_page/downloads.php[main download
site] and follow the `Quick Install` notes in the
link:http://www.phpmyadmin.net/documentation/[phpMyAdmin
documentation]. As before, you simply need to make the program
accessible to your web server, so simply use the Wizard and fill in
the required information. Alternatively you can either install
directly under your `document root` or make a symbolic link.

[[wizard]]
Configuring with the Wizard
~~~~~~~~~~~~~~~~~~~~~~~~~~~

There is also a wizard to assist you with your configuration. Once
phpMyAdmin is installed, simply access one of your virtual servers in
`Cherokee-Admin`. Then, access the `Behavior` tab and trigger the
`Rule panel` by clicking on the `Rule Management` button. Once in
there, use the `Add` button at the top of the panel to see the
available wizards, and choose the phpMyAdmin wizard that can be found
under the `Web Applications` category.

Considerations
~~~~~~~~~~~~~~

* Cherokee's default setup encodes the output of PHP with gzip, which
  in turn improves the server's performance. You will get garbled
  output if you also enable phpMyAdmin's gzip compression, since your
  web browser will be receiving content encoded twice.

* If you are using the auth_type `config`, it is suggested that you
  protect the phpMyAdmin installation directory because using config
  does not require a user to enter a password to access the phpMyAdmin
  installation. Use of an alternate authentication method is
  recommended, either by switching to using auth_type cookie or http,
  or alternatively by using Cherokee's authentication features.  Refer
  to the link:http://www.phpmyadmin.net/documentation/[phpMyAdmin
  documentation] for more details on the former, or to our
  link:cookbook_authentication.html[authentication recipe] for the
  latter.

* It is generally good idea to protect public phpMyAdmin installation
  against access by robots as they usually can not do anything good
  there. You can do this using robots.txt file in root.

* The Wizard already takes care of this, but if you have installed it
  manually you should deny access to the `./libraries` and `./setup/lib`
  subfolders in Cherokee's configuration. Such configuration prevents
  from possible path exposure and cross side scripting vulnerabilities
  that might happen to be found in that code. To do so, configure
  directory-type rules for those and manage them with the `HTTP Error`
  handler.

.Handler HTTP Error
image::media/images/cookbook_phpmyadmin_denied.png[Protected directories]