I have one file on one web serve and my phpmyadmin SQL databases on a seperate server and am currently trying to connect to my external serve but it doesnt seem to work.
I keep getting the error message:
'Access denied for user ''#'localhost' (using password: NO)'
and am not sure what this means.
Any help would be greatly appreciated or even an article to get started on figuring this out since I cant seem to find anything myself.
Thank you
EDIT --- PDO SCRIPT ---
My PDO Script is the generic one from w3, I have place holders for security reasons.
<?php
$servername = "externalIP";
$username = "username";
$password = "password";
try {
$conn = new PDO("mysql:host=$servername;dbname=Reservations", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "Connected successfully";
}
catch(PDOException $e)
{
echo "Connection failed: " . $e->getMessage();
}
?>
you have to find your phpmyadmin page where you login using also a password.
Try this one :if you have not assign password into database for specific user then you just have to apply 'root' as user and leave blank password field and also set your hostname as 'localhost' or 127.0.0.1
also remember that you have to start first apache and mysql services before access.
If you are using remote server as database then not required.in that case you have to apply your remote Ip address and also remember that in that remote server if you have not specific user then leave password as blank. one another way to debug mysql connection into your remote server creating mysql connection file with its required paramter to check that your remote server ok or not.
This error will come most probably because of user permission issue. Make sure you have privilege to that user for that database.
Related
I install easyphp/devserver (v17.0) in a windows 10 x64 machine.
Working with tables and testing to store remote data with simple php files (very new with DataBases).
I'm trying to setup an access to my DB for my project (preferably using PDO).
Setup all database through mysql commands:
CREATE database arduDB;
CREATE USER 'Atmega'#'localhost';
GRANT USAGE on *.* to 'Atmega'#'localhost';
GRANT ALL PRIVILEGES ON arduDB.* TO 'Atmega'#'localhost';
CREATE USER 'Atmega'#'%';
GRANT USAGE on *.* to 'Atmega'#'%';
GRANT ALL PRIVILEGES ON arduDB.* TO 'Atmega'#'%';
FLUSH PRIVILEGES;
All fine up here.
But can't access to my DB (arduDB) using PDO, but can using MYSQLI without using DB name 'arduDB'.
I deleted '' (Any) users from phpmyadmin, but still can't access using PDO.
Searched and reading all day about this issue, but can't find a reason why happen this.
As well I create another user with a password, but can't access using PDO to DB neither.
It seems that phpmyadmin can't relate the permissions of the DBs,
edited
This 'add.php', without using 'arduDB' name give access through MYSQLI:
<?php
$servername = "localhost";
$username = "Atmega";
// Create connection
$conn = new mysqli($servername, $username);
// Check connection
if ($conn->connect_error) {
die("Failed: " . $conn->connect_error);
}
echo "Connected!!!";
?>
shows "Connected" in web browser. But same error if I try to use arduDB argument.
But when I use PDO, indicating arduDB database, I can't access to my DB.
<?php
$servername = "localhost";
$username = "Atmega";
try {
$conn = new PDO("mysql:host=$servername;dbname=arduDB", $username);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
echo "Connected!!!";
}
catch(PDOException $e)
{
echo "Failed: " . $e->getMessage();
}
?>
SQLSTATE[HY000] [1044] Access denied for user ''#'localhost' to database 'ardudb'
or
SQLSTATE[HY000] [1044] Access denied for user 'Atmega'#'localhost' to database 'ardudb'
Please, what can I need to configure or use in my code to grant access to a specific DB using PDO in my project?
Finlay I found the response.
Like André Verwijs says in his post, phpmyadmins use "unix_socket" to store user passwords in 'mysql' db. This is the motive that even if create or change password for any user, in 'User accounts' section of phpmyadmin always appears "NO" in PASSWORD COLUMN.
To solve this André Verwijs suggests do this in mysql console:
use mysql;
SELECT user, plugin FROM user;
UPDATE user SET plugin="mysql_native_password";
update user set authentication_string=password('USE-HERE-PASSWORD'), plugin='mysql_native_password' where user='Atmega';
FLUSH PRIVILEGES;
With this phpmyadmin will use plugin "mysql_native_password" for passwords in mysql DB. And now can access to my DB whit correct user and password (or without password).
Ok, so I have a PHP web app in Azure but whenever I make a data request from the SQL database that I have connected to the app, it redirects me to an empty screen, like this:
enter image description here
For example, I have a login screen, but whenever I insert the username and password and press login, a validation must be made by loading a username row stored in the database and comparing it with what the user entered. But nothing happens, it just redirects me to that empty screen. I have tested the same app locally and it work perfectly, but in Azure it doesn't work. Any idea why this is happening?
You could create a PHP file and put the following content into it to check whether your application can connect to Azure SQL Database:
<?php
//PHP Data Objects(PDO) Sample Code
$dsn = 'sqlsrv:server = tcp:{your_servername_here}.database.windows.net,1433';
$user = '{your_usename_here}';
$password = '{your_password_here}';
try {
$conn = new PDO($dsn, $user, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
catch (PDOException $e) {
print("Error connecting to SQL Server.");
die(print_r($e));
}
echo "Success: A proper connection to Azure SQL Database was made!";
?>
If your test is not successful, you will usually get a message describing exactly what went wrong. Common problems include:
Incorrect server name for Azure SQL Database
Invalid username/password
Improper database name
Access block at the database server
If you experience any errors, double check the connection information.
For more details, see Use PHP to query an Azure SQL database.
I am trying to connect to my database with the following code. And it works, but I am not sure how secure is it. Do I must have a private function too? I don't have any examples of how to apply a private function on this code.
$username = 'user';
$dsn = 'mysql:host=localhost; dbname=register';
$password = 'somepassword';
try{
$db = new PDO($dsn, $username, $password);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}catch (PDOException $ex){
echo "Connection failed ".$ex->getMessage();
}
Better use php composer where you can put these details in a environment file .env. It will be secured as .env is hidden and is placed on Server.
Put the connection parameters into a secure place (i.e. not reachable
by HTTP requests, something like the first answer will be nice), don't leave them into PHP script or some file in the same context... if you put there, protect it with htaccess DENY directive
Never echo exceptions into script output, always deal with them (put
into a log file, translate to friendly errors hiding parameters,
etc). The script never should throw exceptions to the user, it must be handled... the user must only see friendly messages from the script, even a "Ops, something bad happen here..." is better than a "ERROR: SQLSTATE[42000] [1049] Unknown database 'users'" (that show the user a part of the database structure, witch is a security problem)
i just wanted to insert data into database from a form, with php. i ran the code below in my Localhost using XAMPP and everything was fine but where i upload it to my host it didn't work.
Question is What shold i put for $servername and when should i look for it ?
There is my codes:
Register.php (in localhost)
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$Name = $_POST['Name'];
$Username = $_POST['Username'];
$Password = $_POST['Password'];
$Email = $_POST['Email'];
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
header("Location:#");
}
//Inserting Data
try{
$sql = "INSERT INTO User (uName , uUsername , uPassword , uEmail) VALUES ('$Name' , '$Username' , '$Password' , '$Email')";
mysqli_query($conn, $sql);
}catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
$conn->close();
header("Location:#");
}
?>
If your MySQL database is on the SAME SERVER as your PHP script, then the usual logical approach is that your host is localhost. The same as you used on your local computer -- because they're on the same machine.
However, if your MySQL database is on ANOTHER SERVER seperate from your PHP scripts the you will need to access that server using a web address for your PHP to connect to yout MySQL.
We can't tell you what that is, and your server hosts (of your MySQL server) will be able to tell you and provide you with the correct login credentials.
I believe it would be more usual for MySQL and PHP to be on the same disk, especially for non-professional systems as your appears to be, so then the issue would be:
Are your login details set up correcty on your server? (same username/password)
Are there any MySQL errors or PDO errors (if you connect with PDO). Don't redirect on error, but instead output the error to a log file so you can read WHY the MySQL in your code didn't connect.
It is still possible for you to set your PHP to communicate with your localhost MySQL via a remote address (such as servername=$_SERVER['SERVER_NAME'];). (see note below)
Many online accounts (in things such as CPanel) will block you from accessing the MySQL as a root or at least will not give you the root MySQL password. Using root to access MySQL via PHP is NOT a good idea and you should instead set up a specific MySQL user for your PHP with only enough privileges that you need to read/write to the DB, and nothing more.
If your MySQL is remote (not localhost) then you may also need to supply a Port Number with the connection details. Usual port numbers are 3306 but this is something you'd need to know from your server hosts.
Immediately after a header(Location:); redirection instruction you should always set die(); or exit to stop PHP processing the rest of the script.
Your SQL insert data is highly suseptible to SQL injection and other SQL attacks and compromise. You should really, REALLY look into using MySQL Prepared Statements, you're already coding in OO style so you're almost there already.
Example remote connection from the manual
<?php
/***
* Remember 3306 is only the default port number, and it could be
* anything. Check with your server hosts.
***/
$conn = new mysqli('remote.addr.org.uk', 'username', 'my_password', 'my_databasa', '3306');
/***
* This is the "official" OO way to do it,
* BUT $connect_error was broken until PHP 5.2.9 and 5.3.0.
***/
if ($conn->connect_error) {
error_log('MySQL Connect Error (' . $conn->connect_errno . ') '
. $conn->connect_error);
}
/***
* Upon failure, the above will output a connection error notice such as
* user not found or password incorrect. It won't explicity say these
* things but you should be able to deduce which from the notice
***/
echo "Success... \n" . $conn->host_info ;
$mysqli->close();
# : I seem to think that MySQL detects when the remote address given is the same as the server address and auto converts it to localhost, but I'm not sure on this.
The long and the short of it is that if your MySQL is on the same
server as your PHP it makes no sense to open up a network loop to send
data out just to get it back again. Use localhost instead.
I asked my host service providers about the "$servername" and they answered me that the "$serverneme" is localhost.
So I connect to my MySQL database using the following code:
function dbConnect($h,$u,$p,$n) {
if (!$con = #mysql_connect($h,$u,$p)) {$err = err("There is a problem connecting to the database. ".mysql_error());}
else if (!#mysql_select_db($n,$con)) {$err = err("The database \"{$n}\" could not be found. Check your spelling, make sure the database exists, and that your database credentials allows you access to this database.");}
return (isset($err)) ? $err : "";
}
The problem is, if they put in a wrong username, mysql_connect will not see anything wrong with it and try to connect to the database, which outputs an error for the mysql_select_db().
So I found this link. Now normally removing the "any" user would be doable but I'm creating a phpMyAdmin-like tool and will be connecting to different databases with all types of configurations. How can I tell which username can actually connect? And how can I differentiate between the database name not existing and the username not having access to it?
use mysql_errno()
see error codes here