Re: Re: mysql_connect noob question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/21/13 3:27 PM, Stuart Dallas wrote:
On 21 Apr 2013, at 20:29, Glob Design Info <info@xxxxxxxxxxxxxx> wrote:

If that is the case then why does logging in with exactly the same params from a UNIX shell work fine? Command line login supposedly would be adding the @localhost or @IP_address as well but isn't. Only when I pass the variables to the script is that happening.

What makes you so sure it's not?

It is. I promise you it is. You're not seeing it because you're not getting an error logging in. Do it on the command line again, but use a username that doesn't exist and you will see the host it's adding in the error message.

Indeed you are correct:

Last login: Sun Apr 21 15:41:10 on ttys000
iMac-333:~ glob$ sudo mysql --host=instance43490.db.xeround.com --port=8904 --user=fakeuser --password=somepassword
Password:
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'fakeuser'@'ip70-162-142-180.ph.ph.cox.net' (using password: YES)
iMac-333:~ glob$

I am doing exactly as you stated:

mysql_connect('localhost', $_POST['username'], $_POST['password']);

Except that I am first storing $_POST['username'] in local $user and $_POST['password'] in local $pass first and then passing those to mysql_connect. And I am connecting to a remote server, not localhost.

Side note: why are you putting them in other variables first when you're only going to use them in that one place? It's a waste of memory. It's a minor niggle but it's a pet hate of mine.

I am using them in other places - printing them on the response page to see their values/show the user who logged in, etc.

I have already documented both the exact HTML and PHP code in this thread and so see no need to post it elsewhere.

And you're saying that when, instead of using $_POST variables you hard-code the username and password in the script it work? I doubt it.

I can assure you it does. However, I may have found the problem: the port. As a security measure the BaaS provider appears to have changed MySQL to a non-standard port. So............

On the command line:

sudo mysql --host=instance43490.db.xeround.com --port=8904 --user=<realuser> --password=<realpass>

WORKS perfectly - entering the MySQL Monitor.

However, on the same host, same command line:

sudo mysql --host=instance43490.db.xeround.com:8904 --user=<realuser> --password=<realpass>

Does NOT work - returning an error that the host is not found.

So it appears to be the port, which begs the obvious question: is there a way to tell mysql_connect() to use a different port?

On the command line are you simply doing "mysql -u <username> -p" and then entering the password? In that case it's using localhost. Is MySQL running on the same server as PHP? If so, try changing the remove server name to "localhost" in your script. I'm better a magnum of decent champagne that it works.

See above - I am specifying the host explicitly - as stated in a previous email the MySQL DB is running on BaaS provider xeround, but the PHP and forms are running on localhost.

It's very rare (and pretty stupid) for a web host to allow remote servers to connect to their MySQL instances, unless they have a shared MySQL instance for all of their customers. Given that you have command line access to the MySQL server, and can log in without specifying the host, I'm thinking you're trying to use it in a way they don't allow.

Again this is a test server, the deployment configuration will be different.

-Stuart

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux