Home/ Questions/Q 9012183
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T02:55:56+00:00

PhpMyAdmin sets the cookie path to the path PMA is installed in. So if

  • 0

PhpMyAdmin sets the cookie path to the path PMA is installed in.

  • So if it is installed in /pma/ it will set the cookie path to /pma/.

However, I have logout code which needs to access the session to be able to log the user out of PMA along with other system sessions, but it is located in /.

This of course does not work since the browser will not allow the cookie to be accessed outside of the cookie path.

Setting the default cookie path in php.ini does not work since PMA specifies its own path when setting the cookie which will override the php.ini setting.

Is there a way I can change the default cookie path set by PMA to / by setting a config option or possibly extending a PMA class? I’ve also read about a thing called monkey patching using runkit, can it do that? If so how?

Editing PMA core files is not an option as I want the change to stick between upgrades. If this can be coded into config.inc.php it would stick between upgrades.

Some things I have tried via config.inc.php :

  • setting my own cookie with same name and sessionid, does not work as cookie is overwritten by the one PMA sets further in the PHP processing.
  • Changing the value of $_SERVER[‘PHP_SELF’] which is one of the values used in determining path, does not work, not sure why.
  • I tried to extend the PMA_Config class particularly the getCookiePath() method, did not work as I don’t know how to instantiate it so it overrides the PMA_Config’s method.
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I ended up using the Signon authtype for PMA

    My PMA config then became:

    $cfg['Servers'][$i]['auth_type']     = 'signon';
$cfg['Servers'][$i]['SignonSession'] = 'YOUR_SESSION_ID'; // You can use ini_get('session_name') if you prefer
$cfg['Servers'][$i]['SignonURL']     = 'FULL_URL'; // URL it will redirect unauthenticated users
$cfg['Servers'][$i]['LogoutURL']     = 'FULL_URL'; // URL where user will be redirected after logout

    In my SSO script, I added these lines when logging into the rest of the system so it will simultaneously login to PMA as well.

    $_SESSION['PMA_single_signon_user'] = 'MY_PMA_USERNAME';
$_SESSION['PMA_single_signon_password'] = 'MY_PMA_PASSWORD';

    Now I don’t require having to access PMA cookie as it uses the SID cookie set by main system. To logout of main system and PMA I do a regular cookie logout:

    $_SESSION = array();
setcookie(session_name(), '', time() - 3600);
session_destroy();
    • 0