I have been developing a plugin for Wordpress and I am stuck at point where I have to connect my plugin to a database remotely.
I know the procedural way of estabilishing the connection to a database which looks something like this $link = mysqli_connect("hostname", "username", "password", "database");
The $link variable will either return true or false depending on connection status, in my case the plugin is not allowed to connect to my MySQL server due to Administrator restrictions.
I have few questions regarding this.
What do you do in cases like these? If one enables the access via MySQL dashboard on a single database to make the connection, would that make a database vulnerable to injections or less protected?
If the previous is the right way, how do you pass the parameters properly to a function without revealing the plain credentials?
Is there any other way to implement this logic to get the needed data that plugin requires?
P.S. I have already tried looking up here for an answer without luck, the PHP documentation also did not help.
Related
I have database back-up kept in 3 different servers.
Whenever a database failure happens in the currently connected database server, I want my site to connect to the next specified database server automatically. Also the failure should be notified to the specified email.
Like that each database failure should be handled by connecting to the next available database server till the failure is handled. If all three servers fail, it can show Wordpress default message "Error establishing database connection".
Though I'd try to get to a more stable environment as well, you should be able to do this. Here's my idea:
$wpdb is set in require_wp_db() (wp-includes/load.php). If a file named "db.php" exists in WP_CONTENT_DIR (usually wp-content), it will be included before $wpdb is created.
Add a class in db.php that extends wpdb and override db_connect with custom code to change host, credentials etc depending on $this->reconnect_retries and then use parent::db_connect(). Instantiate $wpdb with your db-class.
I haven't tested this, but I don't see why it shouldn't work.
You can use many open source tools for failover, for MySQL automated failover I would recommend orchestrator
If you are trying to achieve from php side, then only thing I can tell is, implement something like load balance or kind of distributed system.
What that means ?
Assuming you have 3 database servers and they are all in sync. When you are establishing connection to database you can user different server on different user/request. This way, you can avoid database server being overloaded.
Implementation
You could maintain log of active user on each database server and according you open connection for new request/user.
This generally seems like an awkward solution, you should consider some sort of distributed system or cluster servers/databases.
But if you insist on implementing it programmatically in your codes, then you can include your connections in successive try/catch blocks.
e.g if you use PDO, you can
try {
$con = new PDO("mysql:host=$lang[dhost];dbname=$lang[db]", $lang['user'], $lang['pass']);
} catch(PDOException $e) {
try{second connection..........
......................
}
I think that this problem is bigger than you think.
I don't have any experience, but I can tell you that this kind of things affect the way your systems work currently, and a real investigation (of actual code and servers architecture) it's needed.
I don't think this is the kind of things StackOverflow should do for you.
So I'm brand spanking new to mysql and php.
I'm set up with Mysql workbench and I'm practicing building a site using Notepad++ and just run it through Chrome. All I want to do is create a sign up page, which I'm assuming I use a .php page on the site, where it would be a username and password. That's it. I can't seem to find any tutorials on how to connect mysql to the .php page, or how to create a sign in page. Any help would be appreciated!
Welcome to PHP!
Typically a connection is established on a PHP page with something along the lines of this:
$conn = mysqli_connect("localhost","[username]","[password]","[databasename]") or die("Error " . mysqli_error($conn));
The "or die" will produce an error if there's a problem establishing a connection. Also, this uses the newer "mysqli_" method for connection; make sure when you call this connection in future that you use mysqli_ methods (there are still traditional "mysql_" methods available, but are depreciated).
Hope this helps!
M
here you go you, here you can find a way to properly connect to the database as well as all the data you need to get set up with your signup form
http://mrbool.com/how-to-create-a-sign-up-form-registration-with-php-and-mysql/28675
I currently have a web pages which pull data from an SQL database and display it using php to handle the connection and query.
I am currently using this snippet in my PHP file to connect and pull data:
$conn = odbc_connect(
"DRIVER={SQL Server Native Client 10.0};Server=xxx.xxx.xxx.xxx;Database=databasename", "username", "password");
if (!($conn)) {
echo "<p>Connection to DB via ODBC failed: ";
echo odbc_errormsg ($conn );
echo "</p>\n";
}
Does anyone see vulnerability with this and is there practice I should use?
I would put code such as this into a PHP Class file, and model it after the DAO Pattern (Data Access Object). Then, use the require or require_once directive on the script(s) that need to read/write to the DB.
This cuts down on the repetition and adheres to D.R.Y (Don't repeat yourself), when other scripts/code needs to read/write to the same DB, you'll already have a method in place to do so.
I would recommend against printing the error message to the screen. By all means, log it to a file (or check the error logs to see what happened).
As Adam T suggests, this type of code should definitely be captured in a separate file that is re-usable across your application (perhaps this is already the case - not clear from the details given).
If you look at any CMS system eg. WordPress, Joomla or Drupal, you will see they all store the DB credentials in plain text in a config.php file or similar, that gets read in early in the request processing cycle.
With respect to vulnerabilities though, ultimately, you have to place the login credentials somewhere that the PHP code can access it, so either it has to be stored in clear text in a PHP or text file that gets included or read in, or else obfuscated in some way, though generally this is a waste of time and effort.
Your best bet is to ensure the file containing the login credentials is suitably protected via filesystem permissions to prevent access from unauthorised prying eyes.
I am still new in HTML5 and barely starting out. I did HTML for awhile as a module for my school and did a simple "online-shopping" site where I can use JSP files to communicate with my server. However HTML5 is an entirely whole new ball game for me, I hope the Stackoverflow community would be able to help me out with my queries.
So, I did some reading up on websockets however I am really lost in this area. I know what websockets does but I am not entirely sure what it is. For example, in the examples I have read, they only taught me how to create a new websocket object or how to have a connection between this websocket object, and there is supposed to be a url. An example of the code is this,
var Socket = new WebSocket(url, [protocal] );
So what exactly do I fill in the "url" area? Do I simply put the IP of my server or do I have to direct it to some php or html file, etc? I have downloaded WAMP and I would like to use apache as my server. Is this possible or do I have to use something like node.js? In a way I have no idea what "websocket" really means. Is a "server" or a feature within the "server" or a package which bridges the connection between the server?
And also are there other alternatives to using something similar to JSP in HTML5 for server data storage?
Thanks in advance for any replies.
The most basic way to connect to any database is by using MySQL which is a range of functions built into PHP.
Here is a function database_connect()
public function database_connect($database_location, $database_user, $database_password, $database_name) {
mysql_connect($database_location, $database_user, $database_password) or die(mysql_error());
mysql_select_db($database_name) or die(mysql_error());
}
Just paste this function at the top of your page or in an include file, and then connect to your database by calling it in one line:
database_connect('localhost', 'username', 'password', 'database');
This is the simplest way to connect to an SQL database, I hope this is what you were looking for! Remember that this code is in PHP
I would like to clear my doubts in hooking up of MySQL database with XCode.
My application would need to retrieve data from MySQL as there would be a login screen.
As such, in order for me to retrieve data from my database, there is a need for me to create a database using MySQL and connect it using PHP and then connect PHP to XCode?
I am a greenhorn in application developing but I am tasked to do it for my school.
I would need great help in creating a PHP in connecting MySQL(it would be good if its steps-by-steps guide). I would really truly appreciate your kind generous reply.
Thank you in advance!
It is very simple to connect to a MySQL database with PHP. There are a couple of APIs for this, mysql and mysqli. Mysqli is probably the better one to use, but mildly denser. The Mysql one works like this:
$db = mysql_connect("host:port", "username", "paswword");
mysql_select_db("my_db", $db);
# say we want to select everything from the table Persons
$result = mysql_query("SELECT * FROM Persons");
while ($row = mysql_fetch_array($result))
{
# do your magic
# columns are accessed in a zero based array
# such as $row[0], $row[1], etc.
# look at mysql_fetch_assoc to see how to access
# using the column names
}
mysql_close($db);
There's what looks like an older but still valid W3c tutorial here and the MySQL PHP API reference there. To learn about the API differences read the Overview of the MySQL PHP drivers.
As the other answers have stated you'll want the PHP to output something like JSON or XML to communicate with your app and the XCode.
This tutorial follows the whole process through step by step from creating a web service to implementing the web service in your app. I found it super easy to follow.
Part 1:
http://www.raywenderlich.com/2941/how-to-write-a-simple-phpmysql-web-service-for-an-ios-app
Part 2:
http://www.raywenderlich.com/2965/how-to-write-an-ios-app-that-uses-a-web-service
It sounds like you need some sort of WebService. What you can do is just create your PHP pages and let them output a set format (say JSON or XML). Then in your Obj-C application just do the webrequests and parse the results.
There might be some existing solutions which you can use, Webservice is the keyword here.
Here what sounds better to connect to a mysql database, your best bet is to use JSON/SOAP/XML/PHP websevices to talk between your database and your app..
The reason database connection directly from the device is a bad idea, is that you have to enable global external access to it for it to work. You can keep your data safer by having scripts on your server do the communication to the database.
One example of how to do this is create PHP pages that export XML data as your mysql data export , and use GET POST methods to post data to PHP pages to write to your database..