Hacker News new | past | comments | ask | show | jobs | submit login
PhpMyAdmin Turns 15 (phpmyadmin.net)
171 points by jentulman on Sept 9, 2013 | hide | past | favorite | 111 comments

If there is any project I'd be tempted to be snarky about, it's PhpMyAdmin (although last time I used it, it was 2006). From an administration perspective, it was often a hassle, especially in its beginnings. It is a very successful tool and for a while had the same reputation as wordpress: being a pretty remote shell.

But what PhpMyAdmin illustrates very well is how important tools can be to environments/communities. For a while, the presence of PhpMyAdmin was what gave PHP an edge over many other environments: here's a tool that gives you (and tech-savvy people in your company) insight into your database, allows you to do changes and some bit of backup visually instead of fighting with the command line. And, if you develop on PHP, you don't even have to install anything additional on your platform. It made running PHP hosting without shell access feasable.

I still use it daily on my PHP projects, out of choice and out of other peoples'/hosting companies' choices.

I dislike what happened to the UX, though; definitely a case of "if it ain't broke, don't fk with it". Still a great tool though. I'm always lost on postgre projects...

I found both phpPgAdmin and PgAdmin III superior to phpMyAdmin in many aspects. And there's always DBeaver to handle any relational database you can probably imagine.

Although I must say I've yet to see an SQL client that comes close to HeidiSQL (Windows only, MySQL+MSSQL only). (Edit: "MySQL only" was wrong.)

On Mac OS X, Sequel Pro is similar to HeidiSQL. I use it everyday and it's pretty incredible.

It's still pretty unstable, unfortunately and there are some weird issues: if the connection drops, you won't be able to retrieve your queries before reconnecting because of the reconnect dialog. And that's if you don't press on disconect and lose all the queries, because the tab will be closed. I'm currently trying to switch to MySql Workbench.

+1 for Sequel Pro. Quite the respectable client on OSX.

Note that HeidiSQL is not MySQL only, it also does MSSQL. I've yet to find a client as nice as HeidiSQL for my main db environment, Oracle. SQL Developer works, and has some great tools, but the UX is counter-intuitive and very slow.

It's easy to dump on PMA, but what it was built for, it did (and mostly, does) excellently.

When I used PMA for the first time I was a very young programmer, and it really amazed me that such a tool could exist. Oddly enough, this was a really inspirational piece of software for me.

What do you use for MySQL development then? I usually find handwriting SQL queries to be obnoxiously verbose and I don't like the security implications of letting mysql listen on non-localhost interfaces (i.e. for an OSX administration tool).

For simpler tasks, I find adminer works very well: http://www.adminer.org/ Installation is as easy as uploading a single file. One advantage of that is you can mitigate any security risk by simply adding "die;" to the top of the file when you don't need it.

SSH tunneling from your desktop to your MySQL host and connecting you admin client through that should alleviate the concerns around exposing 3306 to the world.

The most secure setup for administrative services is to whitelist their ports by IP address. For example port 22 (SSH) on our servers can only be hit by known-good IP addresses. You can do the same for MySQL's port, or use an SSH tunnel to hit MySQL through localhost.

Restricting SSH to "known-good" IP addresses is less flexible and less secure than public key authentication.

(Restricting mysql access to localhost and using an SSH tunnel is fine practice, AFAIK.)

It is less flexible, but it is more secure than using public key authentication by itself (public key auth can be used in conjunction with an IP whitelist).

I'm not sure an IP whitelist gives you anything -- it provides a handy mechanism for escalating privileges, both for intrusions on a machine at the "known-good" IP and for unintended network access in general.

Um. No. Bouncing traffic through one device out of probably many at your house (when's the last time you updated the firmware on your TV? Your router?) is a lot more feasible than breaking public key encryption.

I don't use MySQL anymore and I use command line clients everywhere. But that wasn't the point.

Also, sequel (rubygem) comes with an awesome console to write SQL queries in.

personally ( = db amateur) I like this a lot: https://code.google.com/p/sqlyog/downloads/list

MySQL CLI via SSH or MySQL Workbench.

I too can hate on phpmyadmin and suggest superior alternatives. However, just let it sink in for one second how incredibly successful this tool has been, regardless of its detriments. Most of us would kill for this kind of household name recognition. It was at the right place at the right time, for sure, but I think there's probably something we can still learn from them.

Do tell about the superior alternative, I still have to use phpmyadmin sometimes.

If it's not your first time touching database, I would recommend Adminer (http://www.adminer.org/). No installation, single PHP file.

I like SQL Buddy (http://sqlbuddy.com/) or Chive (http://www.chive-project.com/)

MySQL workbench is a good alternative. I wish there was one similar to it for postgresql that was also native.


workbench is not a script ,it is a desktop software , so not really an alternative for most phpmyadmin use cases.

The mysql command line client is a superior alternative IMO. Like most things on the command line you are able to more much faster instead of having to deal navigate the GUI. Don't get me wrong phpMyAdmin is definitely easier to use for the average user and if you are just so blessed with having to work on a project that's on shared hosting it might be your only option, but even then I'm usually on the SQL tab.

>The mysql command line client is a superior alternative IMO.

He asked for a real superior alternative. In the same vain. Not something completely different.

>Like most things on the command line you are able to more much faster instead of having to deal navigate the GUI.

Not really. Between limitations of the readline lib and terminals, it's a pretty shitty experience. There's a limited stuff you can do faster in the command line.

Eh, depends on the type of work you're doing and your command line skills. For maintenance work and administrative tasks, a GUI tool really shines, but during development the cli runs circles around every GUI tool available (for an experienced terminal user).

edit: Also, GUI tools are very useful when you want to familiarize yourself with a large or complex database you haven't previously worked on.

One of the main advantages of phpMyAdmin is the ability to work on the database without the need of a command line. Not all website maintainers have access to that level of control.

Sometimes I want to run one-off queries from an administration interface. Output from the MySQL CLI is unreadable if the columns extend beyond the width of the terminal. Horizontal scrolling alone makes this an unacceptable replacement for phpMyAdmin.

Try ending your queries with '\G' to display results vertically.

I use Sequel Pro, but it's an OSX app, not a php alternative to PhpMyAdmin.

I've been working on a PhpMyAdmin-like tool recently called Schema (http://github.com/timdavies/schema). It's a single-page app (Node.JS/Backbone) and I've had quite a bit of positive feedback from people testing it - much faster than PhpMyAdmin, nicer UI, etc. There's a lot left to do on it (missing critical features at the moment such as inserting rows..) however I'm unable to work on it for roughly a month as I've taken a new job and need to learn some new stuff for it. If anyone wants to help out, you'd be more than welcome (will give commit access after a few pull requests) :-)

We developed a similar thing, but for PostgreSQL [1][2]. Also a single page JavaScript app with a good UI and fairly full-featured.

[1] http://www.teampostgresql.com

[2] Demo: http://teampostgresql.herokuapp.com/ (runs on a free Heroku account so a bit slow, and demo users sometimes mess up the db)

Nice! Certainly looks to have a lot more features than mine right now ;-)

Looks quite nice. What is it built with? I also couldn't find any mention of a license on the site.

It is built with GWT. It does not have a standard FOSS license since it is not (yet) open source. The license is included with the download, it still fairly standard, the product is free no strings attached.

Looks like it could be useful, but I can't find mention of the license on the website.

OMG looks like a 90's Windows application.

Would you mind if I forked it and rewrote it in Scheme? (Seriously).

How do you write non-trivial programs in scheme? (Seriously. No really I'm actually asking.)

I use Racket which comes with a ton of features that let me build larger systems. Other more pure Scheme systems like Guile also have the capabilities to build modules/libraries, etc... and there is a decent amount of code out there to do stuff. You do have less of a choice for certain things than languages like Perl or Python, but most modern Schemes or Scheme-like languages are pretty good.

Like every other language in the world?

Most large-ish Scheme systems have a module system. You're a bit limited if you stick with straight R5RS, but even then every serious compiler/interpreter has additional features. Not unlike Python, Perl, Ruby, PHP, etc. There is also R6RS and R7RS now, which have additional features now.

Haha, of course not :-) Good luck!

It looks nice but you should add a license. Especially if you accept external contributions. (personally, I like MIT license)

Good point, thanks. I've added MIT.

how about a demo link for me to take it out on a test drive? :)

I'm planning to get one sorted soon, just very busy at the moment and don't have much time to dedicate to the project. I've got the domain getschema.com and will put something on there when I get the chance.

I prefer the extremely lightweight Adminer: http://www.adminer.org/en/

It works great for MySQL, SQLite and can be used for some basic PostgreSQL work too.

The headline says "Database management in single PHP file".

Is this correct english? Im not a native english speaker. To me it sounds like it should read "in a single PHP file".

Same with "Replace phpMyAdmin by Adminer and you will get tidier user interface"

Yes, it is a bit strange. I'm a native speaker and I would have said "in a single PHP file" too.

A lot of non-native English speakers have difficulty with articles (a, an, the, etc.).

I'd say the word 'single' is redundant as it a PHP file. How about "Database management in a PHP file"?

But then it doesn't have as much impact emphasising the simplicity of it.

It is odd. "a file" almost feels less specific than "a single file", even though the latter is technically redundant.

I've added "a" between "in" and "single", it started sounding weird to me some time ago as well. Thanks for the suggestion. Can you please propose a correct wording for the second sentence?

It's from Jakub Vrána, a Czech developer. Czenglish sucks.

Adminer is a huge upgrade from phpMyAdmin.

The "single file" feature makes installation and updating easy, but the features and usability improvements over phpMyAdmin seal the deal.

It basically fixes every annoyance of phpMyAdmin. Zero config, saved logins, no iframes, consistent and predictable UI. Love this program.

adminer rocks. Drop 1 file and you can manage your DB. Especially useful when you quickly want to look at a client's site's DB before getting your hands dirty.

I don't use PhpMyAdmin a lot, only when there is no other option available (I prefer SQLyog). But lately I got very frustrated by the interface changes.

Then I discovered the option to enable the old theme again. A great tool!

+1 for Sequel Pro - it's amazing. Makes it far too easy to edit the DB directly instead of using migrations :)

Edit: 'to' => 'too'

Amazing indeed, too bad it doesn't have Windows and Linux versions too, since I often change environments so I always need my laptop next to me. I tried many MySQL GUIs but not a single one was awesome like SequelPro :(

Is there a Windows SQL GUI even remotely as nice/efficient as Sequel Pro? I love using it on the Mac, but whenever I switch to windows, I use one of the kludgy apps like MySQL Workbench, which requires a ton of clicking, right clicking, and double-clicking to do anything.

Well I'm biased since it's our product but I think JackDB[1] is both nice and efficient. It runs entirely in your browser so it's naturally cross platform.

[1]: http://www.jackdb.com/

Editing the schema directly instead of using migrations (where you get your changes source-controlled) is a good thing why exactly?

It's not. Thats why they said it makes it "to[sic] easy."

I use SequelPro (OS X, Free). It's fast and lightweight, it can tunnel through SSH.

Tunneling is my favorite feature. Being able to keep both unnecessary services from running (phpMyAdmin) and disabling SSH passwords make me a happy solo sysadmin. Not that I wouldn't run phpMyAdmin if I had to, but since it's just me and people I administer on my boxes, I can use the tools I want, and keep active code to a minimum.

I'm a big fan too, not only is it a nice mysql interface it's a really nice example of generally well designed software. Lot's of lovely little touches in the way it remembers the state of various views as you're working with it make it really hassle free.

I wish SequelPro could have multiple SQL Query tabs open.

There's another free alternative called HeidiSQL which is pretty good. http://www.heidisql.com/

Thanks for the tip! This seems to be an interesting alternative to MSSQL Server Studio.

I'd appreciate it more if they'd just stop doing

on innodb tables (which do not handle that query well with many rows). Yes there is a workaround but it is flawed.

What should you use on InnoDB tables instead?

Get a quick estimate out of SHOW TABLE STATUS

I think phpMyAdmin v4 is a backward move. They got rid of frames in favor of a more ajaxified UI but it is running many times slower than the <3.5 versions. I understand using Frames is supposed to be bad but in this case they offered a better user experience.

Not only is it slower, but it breaks down massively for those of us with good numbers of databases and tables. It feels like it was developed and tested with someone's single database, three table blog engine.

phpMyAdmin gets dumped on a lot but it was a big help for me when I was just learning to write my own queries. The way it shows you the query that powers each action you run is a great learning tool.

I use it a lot for local development, but wouldn't install it on a production server for security reasons. However, if you run commands in phpMyAdmin, it actually gives you the SQL code for your desired action, which you can then copy and paste to the command line on your production server.

The new AJAXified interface is slower and more inconsistent. The inline edit feature never works and has a very subtle feedback. But hey, it's ubiquitous and it gets the job done. However, I've started using SequelPro on OS X as a replacement which works pretty great.

It may be just me, but I personally would not mention the lines of code as a success story metric.

I feel like lots of line of code usually means bloat.

That aside, I often use phpMyAdmin and it is a great tool for those quick little edits! And if you know already about SQL then it is really easy to use.

>if you know already about SQL then it is really easy to use.

If you already know SQL then its much faster to type a line into the CLI than click the mouse 50000 times in a web gui. However, I do use it so when I'm on call I can walk someone thru a simple password reset, or something of similar level, over the phone rather than spend 45 minutes find and plug in the laptop, VPN in, do 15 seconds of work, then shut down everything and put it away until next time. Someone completely incapable of finding the semicolon key on a keyboard can usually none the less be successfully talked thru clicking the mouse 5000 times on a web page.

I wouldn't necessarily dismiss lots of lines of code as bloat, but In this case you are probably right.

Indeed, it's like measuring the quality of a plane by its weight, but it's not hard to gauge "too much" weight.

I don't use PhpMyAdmin but my servers get hit regularly from vulnerability-bots looking for holes in phpmyadmin/*.php pages.

Are there a lot of known security issues outstanding?

I don't know, but anything PHP usually does. Even if it didn't, it'd still be a good target as a lot of people are gonna put on some weak password as they don't realise how publicly visible it is.

PhpMyAdmin has been great. It's really one of the only reasons I was able to learn PHP + MySQL in high school. It's quick, simple, and convenient on Windows.

MySQL Workbench trumps the other tools for managing MySQL, but for quick web access I prefer Adminer. It's easier to set up, appears less cluttered and fast.

This is one of the (many) apps we looked at when we started working on JackDB[1]. It's a database client in your browser. Rather than just a table interface though, JackDB is a full featured query editor and even includes scrolling result sets.

Besides MySQL, we also support PostgreSQL (what we use in house), Oracle and MS SQL Server.

[1]: http://www.jackdb.com/

For Yii fans, there is a similar project called Chive [1].

[1] http://www.chive-project.com/

Chive is excellent software, Yii fan or not. It has bugs, but the few bugs I encounter with it are worth the pain to not have to fuss with phpMyAdmin.

PhpMyAdmin has turned into an utter mess. I use - and most definitely rely on it - daily. But every version since 2.X has been a step back. The AJAX in the latest version is disastrous. Everything about it is slower than the older frame versions. Worse yet, even simple tasks such as renaming a table or column will cause it to go non-responsive.

http://mywebsql.net/ ia an interesting alternative.

I remember when you were only maybe 5 or 6 years old. I was maybe 21 and I used you to get a MySQL database in shape so that I could create a submission tool for programming contest. One of my first web apps! Congrats PHPMyAdmin on turning 15!

I get quite a bit of phpMyAdmin nostalgia when I'm going through my server logs.

Yeah I think we all do. In fact not too long after posting a link to our app in this thread I got another one:

    Sep  9 12:58:29 [41.66.xxx.xxx] GET /phpMyAdmin/translators.html [1 ms]

Wow.... 15 years! Working at a hosting provider way back when I would die a little inside every time someone asked me to install phpmyadmin for their databases.

I'm sure it's come a long way (at least I hope it has).

if any one is looking for lightweight alternatives, checkout SQL Buddy (http://sqlbuddy.com/) .

PhpMyAdmin has saved my butt many times with a bad joomla install or when I need to output sql. I mostly use navicat these days when I need to touch mysql.

When I was a security auditor, finding a PHPMyAdmin instance would make my day. Somehow, the customer would not share in my joy. How peculiar.

To be fair, nowadays phpmyadmin is mostly only good for escalating privileges, not obtaining them in the first place. I don't think they've had a serious pre-auth flaw in a while.

In most cases it wasn't even PHPMyAdmin's fault per se, but the people not taking 5 minutes to harden it or upgrade it. In many cases, no offence to the makers of this tool, finding a phpmyadmin instance (especially not up-to-date) was a tell tale sign of trouble ahead. Phpmyadmin has caused trouble for people you can't even begin to imagine (ok you probably can). Oh the memories.

Is anything similar to PhpMyAdmin that's made for MongoDB? Been looking for something decent with no luck =/

Navicat is infinitely more useful for mysql database administration, especially with the option to login via ssh

Why would you need SSH login option in phpMyAdmin? It was designed for single-server setups where the interpreter sits next to the database.

You don't need it for phpMyAdmin. The comment was mentioning the ssh tunnel feature as an advantage in desktop clients like navicat, which allows you to access the database while still running it on localhost.

Yes you connect from your desktop to the server with Navicat

Also means you are more secure since PHPMYADMIN has a history of vulnerabilities and less to run on the server, so your database server can run mysql and nothing else (well maybe stunnel for encrypted connection to your app servers)

phpmyadmin is not the best mysql frontend one can have but it is simple to install, easy to use and makes many things incredibly simple.

For example for my mobile backends, I use only phpmyadmin to populate the data and use rails scaffolds to provide json outout to the mobile clients.

I used to use it a lot, but now that I got on to navicat, I never gone back to it anymore.


kill it with fire

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact