No matter which operating system you're running, once PHP is installed and the MySQL server is in operation, the very first thing you need to do is assign a "root password" for MySQL. MySQL only lets authorized users view and manipulate the information stored in its databases, so you'll need to tell MySQL who is an authorized user, and who isn't. When MySQL is first installed, it's configured with a user named "root" who has access to do pretty much any task without even entering a password. Your first task should be to assign a password to the root user so that unauthorized users can't mess around in your databases.

It's important to realize that MySQL, just like a Web server or an FTP server, can be accessed from any computer on the same network. If you're working on a computer connected to the Internet that means anyone in the world could try to connect to your MySQL server! The need to pick a hard-to-guess password should be immediately obvious!

To set a root password for MySQL, type the following command in the bin directory of your MySQL installation (include the quotes):

mysqladmin -u root password "your new password"

To make sure MySQL has registered this change, you should tell it to reload its list of authorized users and passwords:

msqladmin -u root reload

If this command returns an error message to tell you that access was denied, don't worry: this just means the password has already taken effect.

To try out your new password, request that the MySQL server tell you its current status:

mysqladmin -u root -p status

Enter your password when prompted. You should see a brief message that provides information about the server and its current status. The "-u root" argument tells the program that you want to be identified as the MySQL user called "root". The "-p" argument tells the program to prompt you for your password before it tries to connect. The "status" argument just tells it that you're interested in viewing the system status.

If at any time you want to shut down the MySQL server, you can use the command below. Notice the usage of the same "-u root" and "-p" arguments as before:

mysqladmin -u root -p shutdown

With your MySQL database system safe from intrusion, all that's left is to configure PHP. To do this, we'll use a text file called php.ini. If you installed PHP under Windows, you should already have copied php.ini into your Windows directory. If you installed PHP under Linux using the instructions above, you should already have copied php.ini into the PHP lib folder (/usr/local/php/lib), or wherever you chose to put it.

Open php.ini in your favorite text editor and have a glance through it. Most of the settings are pretty well explained, and most of the default settings are just fine for our purposes. Just check to make sure that your settings match these:

register_globals = On
magic_quotes_gpc = On
doc_root = the document root folder of your Web server
extension_dir = the PHP extension directory

Save the changes to php.ini, and then restart your Web server. To restart Apache under Linux, log in as root and type this command:

/etc/rc.d/init.d/httpd restart

You're done! Now you just need to test to make sure everything's working okay.