mukoya wrote on Wednesday, March 23, 2011:
I have run into several compatibility issues with with XAMPP 1.7.4 including mysql syntax. If you are considering bundling OEMR 4.0 with XAMPP like 3.2, please use 1.7.3 or if we use 1.7.4, lets test the combination and satisfy ourselves that they are working alright.
Mukoya
bradymiller wrote on Thursday, March 24, 2011:
Please log this into the tracker as a bug (XAMPP 1.7.4 not working etc) so we don’t lose track of this.
-brady
drbowen wrote on Tuesday, April 19, 2011:
Dear Mukoya:
I am going to build an install script and would like to know what issues are known with XAMPP 1.73 and/or 1.74. It has always bugged my that XAMPP is so unsecure out of the box but as explained on the Friends of Apache Web page the base install is a developers tool and is meant for ease of use not security:
http://www.apachefriends.org/en/xampp-windows.html#522
The most basic security issues are:
* The MySQL administrator (root) has no password.
* The MySQL daemon is accessible via network.
* phpMyAdmin is accessible via network.
* The XAMPP demopage is accessible via network.
* The default users of Mercury and FileZilla are known.
The main options would be
1) to set a default password for “mysql root” and add .htaccess files to some of the web pages. These can be pre-configured before compressing the package.
2) allow the end user to set password for “mysql root” at install time etc.
3) Execute additional security scripts as recommended by Friends of Apache.
I would recommend deleting or disabling “Filezilla” and Mercuy web mail." As unecessary for most installations and not necessary to install for admins who want this.
This should work new installs.
Upgrades from earlier versions of OpenEMR:
1) It will be necessary to check the registry for prior installations of XAMPP.
2) If present, check for which version of OpenEMR is installed.
3) Backup the existing web page and OpenEMR tables.
4) Execute the upgrade script(s) for the detected version of OpenEMR
Sam Bowen, MD
http://oemr.org