I have only access to a source code (connect.php) from previous developer as
<?php $_F=__FILE__;$_X='Pz48P3BocA0KNG40X3M1dCgnZDRzcGwxeV81cnIycnMnLCdPZmYnKTsNCiRjMm4gPSBteXNxbF9jMm5uNWN0KCJsMmMxbGgyc3QiLCJyMjJ0IiwibW0xYWFhOSIpOw0KbXlzcWxfczVsNWN0X2RiKCJtNHRyMSIsICRjMm4pOw0KNGYgKCEkYzJuKQ0KICB7DQogIGQ0NSgnSzJuNWtzNCBnMWcxbCAhOiAnIC4gbXlzcWxfNXJyMnIoKSk7DQogIH0NCj8+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>
Then I googled there's tool to decode the above encrypted text which gives me
?><?php
ini_set('display_errors','Off');
$con = mysql_connect("localhost","root","mma2229");
mysql_select_db("mitra", $con);
if (!$con)
{
die('Koneksi gagal !: ' . mysql_error());
}
?>
All I need is just to change the password (example to "123") but I do not know where to start.
How can I set the my connect.php with my new password ?
Just replace the previous delevopers code:
<?php $_F=__FILE__;$_X='Pz48P3BocA0KNG40X3M1dCgnZDRzcGwxeV81cnIycnMnLCdPZmYnKTsNCiRjMm4gPSBteXNxbF9jMm5uNWN0KCJsMmMxbGgyc3QiLCJyMjJ0IiwibW0xYWFhOSIpOw0KbXlzcWxfczVsNWN0X2RiKCJtNHRyMSIsICRjMm4pOw0KNGYgKCEkYzJuKQ0KICB7DQogIGQ0NSgnSzJuNWtzNCBnMWcxbCAhOiAnIC4gbXlzcWxfNXJyMnIoKSk7DQogIH0NCj8+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>
With:
<?php
ini_set('display_errors','Off');
$con = mysql_connect("localhost","root","123"); // put your new password instead of 123
mysql_select_db("mitra", $con);
if (!$con)
{
die('Koneksi gagal !: ' . mysql_error());
}
?>
In your phpMyAdmin panel write query like this:
SET PASSWORD FOR 'root'#'localhost' = password('mynewpass')
Setting new user / change password in view
If you want to do it with clicking, go to phpMyAdmin, click on the top Users -> Edit Privileges and there you can change a password. In this view you can also add new user which can be used in your PHP code.
Related
I have a login.html in which the form is defined as follows:
<form method="post" action= "do_authorize.php" name="lform">
<span class="style1">First Initial Plus Last Name :</span>
<input type="text" name="user" size="25">
<input type="submit" value="login">
</form>
My do_authorize is as follows:
<?php
session_start();
require('../databaseConnectionFileFolder/dbconnection.php');
$user = $_POST["user"];
var_dump($user);
$_SESSION['username']=$user;
var_dump($user);
$sql="SELECT * FROM $table_name_users WHERE username = \"$user\"";
var_dump($sql);
$result=#mysql_query($sql,$connection) or die("couldn't execute query");
$num=mysql_numrows($result);
if ($num != 0) {
/*$cookie_name="$user";
$cookie_value="ok";
$cookie_expire=time()+86400;
$cookie_domain=".columbia.edu";
setcookie($cookie_name, $cookie_value, $cookie_expire, "/", $cookie_domain, 0);
*/
print "<script>";
print "self.location='somethingelse.php';";
print "</script>";
} else {
echo "<p>you're not authorized";
}
?>
My dbconnection.php file is as follows:
<?php
$db_server = "localhost";
$db_name = "DailyExerciseDB";
$db_user = "abc5"; //the database username
//$db_password = "123"; // the database user pasword
$connection=#mysql_connect($db_server,$db_user) or die("Could Not Connect to the Database : ". mysql_error());
var_dump($connection);
$db=#mysql_select_db($db_name, $connection) or die("Could Not Select the Database". mysqli_connect_error());
//var_dump($db);
?>
My Questions:
1) I keep on getting Could Not Select the Database, why does the warning/error message corresponding to . mysqli_connect_error() doesn't get printed on the browser?
2) I have manually entered the user with username abc5 in the database and still it's not able to connect.Does anyone know why?
3) Even if I don't enter anything in the login.html and press login button, the following files gets executed, how can I take user entered into account while verifying with database? I believe since its hardcoded right now abc5, all files are getting executed.
4) var_dump($connection); prints resource(4, mysql link)
mysql_connect() has a third parameter which I'm not seeing you use: the password. Consider the following line:
mysql_connect($db_server, $db_username, $db_password);
Also, you should probably be using mysqli extension instead of the mysql extension (mysql is deprecated in PHP 5.5.0).
I also see you're mixing the mysql and mysqli functions in your code. This is the reason why mysqli_connect_error() shows nothing.
I am trying to figure out why I can connect to a database, but cannot access the data in it.
Here's my configuration:
//config.php
<?php
define("HOST", "MYSERVERNAMEISHERE");
define("DATABASE", "users");
?>
My user logs in, and their information is passed to be checked:
//login.php
<?php
if ($_POST) {
if ($_POST["user"] && $_POST["password"]) {
include_once "config.php";
define("USER", $_POST["user"]);
define("PASSWORD", $_POST["password"]);
$link = new mysqli(HOST, USER, PASSWORD, DATABASE);
if ($link) {
$link->close();
if ($_SESSION) {
session_destroy();
}
session_start();
$_SESSION["user"] = $_POST["user"];
$_SESSION["password"] = $_POST["password"];
}
}
}
if ($_SESSION) {
header('Location: profile.php');
}
else {
header('Location: login.html');
}
?>
When they pass, they get to see their profile page.
//profile.php
<?php
session_start();
if (!$_SESSION["user"] || !$_SESSION["password"]) {
session_destroy();
header("Location: login.html");
}
else {
include_once "config.php";
}
$link = new mysqli(HOST, USER, PASSWORD, DATABASE) or die("Unable to connect to database");
$result = $link->query("SHOW TABLES") or die("Unable to show tables");
...
ADDITIONAL PHP AND HTML CODE AFTER THIS POINT
The problem is that the process dies when I try to query the mysqli link. (I get Unable to show tables) Right now, the SHOW TABLES is just filler for debugging; I will actually have useful mysqli queries when I figure out the issue.
Please help me determine where my bug is. If you find a typo or a reference link for me, sorry for wasting your time. I've been researching and debugging for hours now.
Thanks very much in advance.
PS: If you have some good advice for changes I should make, I appreciate those too. It's my first time making a user login.
Your query in profile.php is failing because USER and PASSWORD are not defined. When the person logs in, they are defined in login.php. When redirected to profile.php, USER AND PASSWORD do not have values since they are not in config.php.
In profile.php, change
$link = new mysqli(HOST, USER, PASSWORD, DATABASE) or die("Unable to connect to database");
to
$link = new mysqli(HOST, $_SESSION["user"], $_SESSION["password"], DATABASE) or die("Unable to connect to database");
I am creating an install php script that creates some tables in a database and creates a config file. Everything works but I don't know how to check if their host, username and password are correct. I currently check if the database is there or not.. any help would be appreciated. This is on a WAMP server using PHP 5.4.12. The variables come from a basic form.
session_start();
$_SESSION['dbdatabase'] = $_POST['dbdatabase'];
$_SESSION['dbhost'] = $_POST['dbhost'];
$_SESSION['dbusername'] = $_POST['dbusername'];
$_SESSION['dbpassword'] = $_POST['dbpassword'];
$conn=mysqli_connect($_SESSION['dbhost'],$_SESSION['dbusername'],$_SESSION['dbpassword']);
if(!mysqli_select_db($conn, $_SESSION['dbdatabase']))
{
die ('Database does not exists. Please create a database before installing Pazzilla BackOffice.');
}
else
{
The function you are looking for is mysqli_connect_error().
<?php
$link = mysqli_connect('localhost', 'invalid_user', 'password');
if (!$link) {
die('Invalid database credentials. Mysql said: ' . mysqli_connect_error());
}
?>
Im new on php, so i need some sugests for following code:
<?php
// Start the session (pretty important!)
session_start();
// Establish a link to the database
$dbLink = mysql_connect('', '', '');
if (!$dbLink) die('Can\'t establish a connection to the database: ' . mysql_error());
$dbSelected = mysql_select_db('', $dbLink);
if (!$dbSelected) die ('We\'re connected, but can\'t use the table: ' . mysql_error());
$isUserLoggedIn = false;
$query = 'SELECT * FROM users WHERE session_id = "' . session_id() . '" LIMIT 1';
$userResult = mysql_query($query);
if(mysql_num_rows($userResult) == 1) {
$_SESSION['user'] = mysql_fetch_assoc($userResult);
$isUserLoggedIn = true;
} else {
if(basename($_SERVER['PHP_SELF']) != 'conectare.php') {
header('Location: conectare.php');
exit;
}
}
?>
Upper code verify if user it's logged in or not..
I need to create a profil link, like following:
http://site.com/profile.php?name=NAME-OF-USER
Can someone give me a ideea?
Im newbie on php, so pls understand me..
PS: Please dont tell me to use mysql, pdo and another, i allready know the beneficts, i need only answers for my code..
Thank you !
you simply need to use the get variable
create the link that will be clicked like this
the link that will be clicked on home page or any other page
<?php
$username='test';//the variable containing the username
echo'<a href="mysite.com/profile.php?user='.$username.'">
The link redirecting to profile page
</a>';
?>
the address bar will turn something like this www.mysite.com/profile.php?user=test
then on the profile page
<?php
$username_selector=$_GET['user']//in this case the value got from the link clicked is test
//then just select the necessary data using the variable storing the value got from th link clicked
?>
All you need to do is echo some html:
$username = "foo";
echo "profile link";
Note: I use \" to escape the "
More information about strings in php: http://php.net/manual/en/language.types.string.php
I'm trying to create a database if it does not exist. Code is here:
<?php
// Connect to MySQL
$link = mysql_connect('host', 'user', 'pw');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
// Make studentdb the current database
$db_selected = mysql_select_db('StudentDB', $link);
if (!$db_selected) {
// If we couldn't, then it either doesn't exist, or we can't see it.
$sql = 'CREATE DATABASE StudentDB';
if (mysql_query($sql, $link)) {
echo "Database StudentDB created successfully\n";
} else {
echo 'Error creating database: ' . mysql_error() . "\n";
}
}
mysql_close($link);
?>
I'm getting this error:
Error creating database: Access denied for user 'myusernamehere' to database 'StudentDB'
the user has dba permissions...I'm guessing this is a permission error for my user....how can I give the user permission through the script and make this script work?
the users you are trying to use have no priviledges to use CREATE
try to switch to another user that have all the priviledges needed on manipulting the database or
add the needed priviledges to the user you are using
it happend to me and the following solved the problem:
first before using code to editing the database go to the main
localhost/index.php page then choose phpMyAdmin database manager
after than make sure that you are loged in as admin