I've installed phpPgAdmin in my PostgreSQL server, and configured it on Apache to access through HTTP. The point is that, although it works OK, I see a security issue.
As of now, I see only one server called "PostgreSQL" in the "Servers" side, behind the "phpPgAdmin" image (talking about the web front-end), so I get to that server, and it asks me for a user and password, which I've set up before through PostgreSQL CLI, but here's the issue. I've a user called "megver83", with a password (say e.g. "myPassword"), so if I put "megver83" in the username and "myPassword" in the password, it works, but any password works! So I put "123" instead of "myPassword", I can log in, and with anything I put, except if I leave it in blank :P
I've set up a password when created the user with createuser -P megver83 and even tried to change that passwd with ALTER ROLE, but same thing. This is quite strange, but well, I'm a newbie with PostgreSQL and haven't found a solution to this.
I'm running Parabola GNU/Linux-libre (Arch-based) for ARMv7.
Thanks in advance.
This is likely related to your pg_hba.conf . Check the entries in there for the word "trust", change it to "md5" and reload Postgres.