Error with phpMyAdmin 3.5.4 showing Blank Screen

Earlier this week, I was going to update some database tables and attempted to log in to phpMyAdmin when I got a blank screen. If you’ve ever programed much in PHP, a blank screen almost always means one of two things:

  1. You never accessed the PHP file
  2. The PHP Script had a fatal error and error codes are set to off

After some debugging (detailed below) it turns out phpMyAdmin v3.5.4 has a fatal error where the script files are loaded in the wrong order. With PHP errors fully on, PHP kicked “Fatal error: Call to undefined function PMA_sanitize() in /usr/share/phpMyAdmin/libraries/Message.class.php on line 540″. All it took to fix was adding a line to call the sanitizing libraries before allowing the message class to be loaded. Hopefully Amazon’s repository will be updated with v3.5.5 soon, so no one else encounters this problem.

Debugging Blank Screen

Accessing the PHP Issue

For me, I found out after the fact that this step was not even necessary, but that is how debugging goes.

  1. Log into your AWS via SCP (like WinSCP)
  2. Find you installation of phpMyAdmin (the default YUM installed phpMyAdmin on an AWS Linux system is /usr/share/phpMyAdmin)
  3. Open the file “index.php” and add the following two lines on two new lines directly after the “<?php” at the beginning of the document. (‘echo “I AM phpMyAdmin”;’ and ‘exit;’) and save the file.
    • <?php
    • echo “I AM phpMyAdmin”;
    • exit;
    • /* vim: set expandtab sw=4 ts=4 sts=4: */
    • /**
  4. Attempt to access phpMyAdmin as you normally would. You should see a white screen with “I AM phpMyAdmin” on it. If you do, delete the two lines you just added, save the file and try to access phpMyAdmin again. If you get a blank screen this time then skip to the next section, since the web server is accessing phpMyAdmin.
  5. Log into your AWS server via a SSH client (like PUTTY)
  6. Type “sudo su” to transfer to the root user
  7. Restart the Apache2 web server (type “service httpd restart”). You should get two “OK”s
  8. Attempt to access phpMyAdmin as you normally would. You should see a white screen with “I AM phpMyAdmin” on it. If you do, delete the two lines you just added, save the file and try to access phpMyAdmin again. If you get a blank screen this time then skip to the next section, since the web server is accessing phpMyAdmin.
  9. Open the “phpMyAdmin.conf” file for apache2. The default AWS Linux location is /etc/httpd/conf.d/phpMyAdmin.conf.
  10. The default installation prevents everything but the localhost from accessing phpMyAdmin. Most likely you will add an exception for your computer’s IP address, or that of your VPN system. DO NOT, as per phpMyAdmin’s instructions, add the line “Require 0.0.0.0″ or “Allow All” or “Allow 0.0.0.0″. All three of these settings create significant security holes. The resilience to brute force attacks is minimal and you will be hacked eventually.
  11. Restart the Apache2 web server (type “service httpd restart”). You should get two “OK”s
  12. Attempt to access phpMyAdmin as you normally would. You should see a white screen with “I AM phpMyAdmin” on it. If you do, delete the two lines you just added, save the file and try to access phpMyAdmin again. If you get a blank screen this time then skip to the next section, since the web server is accessing phpMyAdmin.
  13. Remove phpMyAdmin and reinstall it.

Identifying Fatal PHP Error

These steps identified the real problem and allowed for the quick patch.

  1. Log into your AWS server via a SCP client (like WinSCP)
  2. Open the apache2 configuration file for phpMyAdmin (“/etc/httpd/conf.d/phpMyAdmin.conf”) and add the following lines to the “<Directory /usr/share/phpMyAdmin/>” then save the file.

        <IfModule mod_php5.c>
    php_admin_flag engine on
    php_admin_value display_errors on
    php_admin_value error_reporting 30711
    php_admin_flag ini_set on
    </IfModule>

  3. Log in to your AWS server via SSH and restart apache2 (“service httpd restart”)
  4. Attempt to access phpMyAdmin as you normally would. Instead of a blank screen, you should get an error message along the lines of “Fatal error: Call to undefined function PMA_sanitize() in /usr/share/phpMyAdmin/libraries/Message.class.php on line 540″
  5. Open the file “/usr/share/phpMyAdmin/libraries/Message.class.php”
  6. At the top of the header comments, add the line “require_once(‘./libraries/sanitizing.lib.php’);”
  7. Save the Message.class.php file.
  8. Attempt to access phpMyAdmin as you normally would. It should work fine now. If you want to, you can go back to the apache2 phpMyAdmin configuration file (/etc/httpd/conf.d/phpMyAdmin.conf) and remove the lines you entered. If you have a public installation of phpMyAdmin, then you should remove them for security reasons.
About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s