Hoping you experienced folks can clear up my frustrations! I've searched & researched and found multiple sources discussing similar issues to what I'm trying to troubleshoot, but none seem to help the situation. Without giving an entire historical listing of what I've tried, here's where things currently stand:
I have a simple Debian server set up with a MySql database. All relevant firewall ports have been opened and specific GRANT PRIVILEGES have been applied for 'username'#'mylocalglobalip' (username not being root).
On my local Apache instance (I'm currently running it on OS X), I have the latest PHP installed and working. I've confirmed this by going to localhost/website/phpinfo.php - PHP itself is working fine.
I've gone through all the tutorials on setting up a simple MySql connection using mysqli. Here's my simple code (with the credentials deleted):
$connection = mysqli_connect($mylocalglobalip,$username,$password,$dbname);
No matter what I've tried, I keep getting the friendly
"mysqli_connect(): (HY000/1045): Access denied for user
'username'#'mylocalglobalip' (using password: YES)" warning.
If I SSH into the remote server, I can get into the MySql console from both my non-root and root logins. However, I can only login if I use...
mysql -u username -p
... and supply my password when prompted. However, if I enter...
mysql -u username -pPassword
... no luck. I again get Access Denied.
Finally, to make sure everything is open on my firewalls and that my server and MySql are accessible remotely, I installed a local instance of MySqlWorkbench. I put in the same credentials and I can login to the remote server without a problem.
Why would I be able to login through the Workbench, but not through my local PHP script? Is there an obvious parameter I need to enable in a local and/or remote config file? From the php and mysql config files I've glanced at, I can't see anything that would be blocking the PHP connection.
I'll be happy to provide config and code snippets upon request!
Thanks for reading!
Thanks to the comments and responses, the solution presented itself. Michael (sqlbot) mentioned using -p'your-password' in single quotes to encapsulate any special characters in the password. Then it dawned on me (being a PHP noob), to check my $password variable in the PHP code. Sure enough I had something to the effect of:
$password = "some random pa$$word goes here";
Whoops. The $ character within double-quotes in PHP signifies a variable insertion within a string. This was most likely being interpreted as:
"some random pa goes here" // Since $ is empty and $word isn't a declared variable!
Putting the password with a $ special character in between single quotes solved the simple PHP syntax problem.
Thanks for stopping me from going down the path of server reconfiguration and encouraging me to search my PHP code more closely!
It's a bug hunt, and it sounds like credentials are wrong in at least some cases.
Check the mysql logs and verify it is showing the same user when you log in successfully from the command-line and when you do it from PHP or when you fail from the command line. You may sometimes be showing up as 'username' or 'username'#'localhost' or 'username'#'fqdn' and be being treated differently based on that.
Check carefully letter-by-letter to be sure you are not typing the credentials differently in two different places. Verify credentials are being imported into your php file correctly.
Related
i'm trying to make connect to ssh host who have keyboard-interactive(auth) after put the username, it's generate key and display it, then it's should encrypt and send again to success login.
i found the idea writen in python but i can't run it in windows, .
http://seclists.org/fulldisclosure/2016/Jan/26
my php source ssh.php :
$ssh = new phpseclib\Net\SSH2('169.254.201.230');
$ssh->login('Fortimanager_Access');
print $ssh->read();
it's say :
PHP Notice: Operation disallowed prior to login() in C:\Apache24\htdocs\cli\vendor\phpseclib\phpseclib\phpseclib\Net\SSH2.php on line 2804
i try another way using putty command line (plink.exe)
system("C:\plink.exe" Fortimanager_Access#127.0.0.1 >z && type z && type z >> z.txt");
but it's not saving the log wish contain the generated string from keyboard-interactive.
example from putty :
login as: Fortimanager_Access
Using keyboard-interactive authentication. -840056459
Access denied
Using keyboard-interactive authentication. -1378285763
AK1AAAAAAAAAAAAAAAAmWT0TKGMI23Iq4Q9P42z0PwpYBQ=
it would be good if i can run bat from php in midlle of plink
I've spent the past couple of days going through trying to figure this out, and this is the closest that I've been able to get working.
Looks like this was cross-posted at https://github.com/phpseclib/phpseclib/issues/1146. Quoting the answer:
That's not currently possible with phpseclib. Right now phpseclib (as elaborated at http://phpseclib.sourceforge.net/ssh/auth.html#keyboard) supports two methods for dealing with keyboard-interactive authentication.
Order based. eg. if you have two parameters (after the username) each of them are passed to the keyboard-interactive prompt in the order that they appear in the function call.
Context based. eg. you tell phpseclib what should be sent when a known prompt is encountered.
You're talking about dynamic prompt's and adjusting the response based on the prompt. It'd require a decent amount of work to make phpseclib do that. It's a good idea and I'll add it to my list of changes to make for 3.0 when I get around to doing revamping SSH but that's a ways away.
I found this script:
https://sourceforge.net/projects/shcmd/
Unfortunately I can't login. I had a look at the code but can't figure out what is wrong. When starting this script the user has to type in the login name (e.g. "root") and the password. I use the server's login details the script is running on. I tried different combinations, such as "root", "root#[ip address]", "root#[domainname]". When using simple putty I can login this way but not with the mentioned script.
Do you have any idea what I did wrong?
I appreciate your help.
Have you verified that the extensions proc_open() OR shell_exec() enabled on your server. Be sure to check this because a lot of servers are configured to disable these functions by default (for security reasons).
i just installed xampp on my pc windows 7 64bit,it seems everything was successfully installed but when i click on phpMyAdmin i get an error like this on the image below
Check to see if MySQL is started and not just Apache/PHP.
Try disabling your firewall. If that works, look into properly creating a firewall rule for it.
In the future, these questions would be better posed in other venues (consider serverfault.com or webmasters.stackexchange.com)
Open the command line and type in:
mysql -u root -p
Enter the password (if no password set, leave off -p switch).
If you can get in, at least you know MySQL is running properly. So the fault is not there.
Check phpmyadmin's config.inc.php file. It could have wrong login mechanism set, the wrong username/password set, or is using a port number other than 3306 (default for MySQL).
Also consider trying some of the other wamp packages such as : WampServer, UniformServer, ZWamp, WampDeveloper (commercial)...
http://en.wikipedia.org/wiki/Comparison_of_WAMPs
You might have better luck there. Just make sure to uninstall, delete, and reboot first.
I'm brand new to ruby and Watir, here's my issue...
I have a MySQL DB with test data that I need. I've done a lot in the past with this data and so I have a whole library of PHP tools for accessing this data, marking data as in use/used/bad/etc, and in general I have a lot of time invested in the PHP framework. So I'd really like to use the PHP framework as a wrapper around the Watir script - for example, use PHP to grab test user login data from the DB and pass it to the ruby script for processing.
I now have sites with javascript that need work/testing and PHP & cURL can't deal with this. So I'm working with Watir-WebDriver on Ubuntu 10.10 (Maverick, Desktop not Server) for these sites. The problem I'm having is with the use of PHP's shell_exec of the ruby script with all the Watir code.
The PHP shell_exec is executing the file - I can see it because I have some puts lines in the file which are being displayed. However, the code appears to be failing on the line
ff = Watir::Browser.new :firefox
I'm not getting an error from PHP.
The PHP line is:
echo shell_exec('ruby /var/www/watir_test.rb');
The ruby script works fine when I call it from a terminal window with the line:
ruby /var/www/watir_test.rb
I originally expected this was a permissions issue since it worked from the command line but not from a browser. However, since it can call the file well enough to return the hardcoded data I've provided for the test then ruby file permissions don't seem to be the issue. Could there be a permissions issue with opening a Firefox window from the www-data user?
When I run
ruby -d -v /var/www/watir_test.rb
I get:
{:extension=>:webdriver} {"app.update.enabled"=>"false"} {"browser.link.open_newwindow"=>"2"} {"browser.shell.checkDefaultBrowser"=>"false"} {"extensions.update.enabled"=>"false"} {"security.warn_entering_secure.show_once"=>"false"} {"webdriver_assume_untrusted_issuer"=>true} {"startup.homepage_welcome_url"=>"\"about:blank\""} {"browser.tabs.warnOnClose"=>"false"} {"extensions.update.notifyUser"=>"false"} {"toolkit.networkmanager.disable"=>"true"} {"security.warn_entering_weak.show_once"=>"false"} {"webdriver_firefox_port"=>"7055"} {"browser.download.manager.showWhenStarting"=>"false"} {"extensions.logging.enabled"=>"true"} {"network.manage-offline-status"=>"false"} {"network.http.max-connections-per-server"=>"10"} {"security.warn_submit_insecure"=>"false"} {"security.warn_entering_weak"=>"false"} {"security.warn_leaving_secure"=>"false"} {"prompts.tab_modal.enabled"=>"false"} {"security.warn_viewing_mixed.show_once"=>"false"} {"dom.max_script_run_time"=>"30"} {"webdriver_accept_untrusted_certs"=>true} {"browser.safebrowsing.enabled"=>"false"} {"security.warn_leaving_secure.show_once"=>"false"} {"signon.rememberSignons"=>"false"} {"javascript.options.showInConsole"=>"true"} {"app.update.auto"=>"false"} {"browser.EULA.3.accepted"=>"true"} {"browser.tabs.warnOnOpen"=>"false"} {"dom.disable_open_during_load"=>"false"} {"network.http.phishy-userpass-length"=>"255"} {"security.warn_entering_secure"=>"false"} {"browser.startup.homepage"=>"\"about:blank\""} {"browser.EULA.override"=>"true"} {"browser.dom.window.dump.enabled"=>"true"} {"browser.startup.page"=>"0"} {"browser.link.open_external"=>"2"} {"browser.search.update"=>"false"} {"browser.sessionstore.resume_from_crash"=>"false"} {"security.warn_viewing_mixed"=>"false"} {"dom.report_all_js_exceptions"=>"true"} {"webdriver_enable_native_events"=>false} {"devtools.errorconsole.enabled"=>"true"}
How do I get PHP to execute the shell_exec properly? The script works and my initial tests were run using firewatir (which shell_exec ran fine) but I am really wanting to use Watir-WebDriver instead of FireWatir - WatirWebDriver should be capable of running a Chrome browser (and IE on a Windows machine) while FireWatir can only run Firefox.
Thanks
Gabe
Here's my "Create Browser" code:
# Include the RubyGems file
require 'rubygems'
# Include the Watir-WebDriver file.
require 'watir-webdriver'
# Create the necessary objects
def create_browser(proxy)
# Setup the proper Firefox Profile
profile = Selenium::WebDriver::Firefox::Profile.new
profile.proxy = Selenium::WebDriver::Proxy.new :http => proxy
puts "<br>Using proxy " + proxy + "..."
#ff=FireWatir::Firefox.new :profile => profile
ff = Watir::Browser.new :firefox #, :profile => profile
puts "<br>Firefox ready..."
return ff
end
If the server is headless, you should install the headless gem so that Firefox can work.
require 'watir-webdriver'
require 'headless'
headless = Headless.new
headless.start
b = Watir::Browser.start 'www.google.com'
puts b.title
b.close
headless.destroy
See: http://watirwebdriver.com/headless/
It't a permission problem, the PHP script runs with the permissions of the server, normally apache.
You can do a sudo www and try to run the script then with rb to see if there is a problem when running ruby with the server user.
Put the two lines of code that is below at the very top of your PHP script. The result of this is that when you browse to your PHP page with your browser it will display exactly what the errors are, including any permission errors.
ini_set("display_errors",1);
error_reporting(E_ALL);
So a recent update to Firefox killed it's support for Watir (no JSSH update if I remember). As a result I rewrote what little code I had for Selenium::WebDriver. But I'm thinking that isn't particularly relevant (its included in case it is relevant I don't know it).
My ultimate solution was to use phpseclib. This allows me to SSH into the machine via their SSH2 PHP class. Once logged in as my typical username (with typical password) I was able to fire off a headless version of my script no problem. The only real issues this creates is that I now have to view everything that's going on through log files and screenshots but that was likely to be true no matter what solution I came up with.
phpseclib needs your username and password for the server (at least until you set some form of public private key pair). So I wouldn't want to do this on a publicly available machine without a couple of layers of security - like setting .htaccess to deny read access to the file with the login data, encrypting the password stored in the file, etc. However, for my purposes I'm logging into one machine on my LAN from another machine on my LAN. The password is only good on my LAN (not my web servers) and while my LAN can see out it should not be (easily) available to the rest of the world (to the best of my knowledge). So the security concerns are minimal.
I never did figure this out. Headless isn't the answer to getting PHP to exec the script. I'm pretty sure it is a permissions issue with Firefox's executable but I can't be positive until I find an actual fix.
Ultimately I've had to break up the tool where PHP manages the DB and task scheduling. Then PHP creates text files with all the data necessary for ruby to run the browser to right site, login, etc, etc... Then ruby moves the data file to one of a few different folders (success, failure, bad login, etc) and adds some text to the data file. Finally PHP parses all this info in the moved text files and updates the DB with that info.
It's less than ideal but it is getting the job done. Now I just need to figure out how to run all of this with mutliple threads...
Thanks for the help
I just reinstalled Mac Os X 10.6.2 and had to reinstall/update my MySQL server.
I run phpMyAdmin inside my localhost and I used to be able to login without a hitch.
Since the updated (latest version MySQL 5.1.45 & PMA 3.3.1) versions I only get the following error when trying to login with phpMyAdmin:
phpMyAdmin - Error
Cannot start session without errors, please check errors given in your PHP
and/or webserver log file and configure your PHP installation properly.
The only thing I noticed is that mcrypt cannot be loaded (this has always been the case, no idea what to do to install this..) but this has never been a problem before.
If anyone know what to do here that would be really appreciated.
Thanks for reading,
Jannis
PS: The MySQL server itself is running and I am able to login with as root user via the MySQL Administrator.app
Well setting log_errors to on would bring error messages to the web-server's error_log. To do so you can use an .htaccess file placed in your web root with
php_value log_errors = 1
in it. It can be not worked but there is some other ways too. You can edit your php.ini for example and restart your server after it.
Without error message it's hard to guess what is really happened. there can be something wrong with session save path or other settings
This happened to me when I changed my password from within PHPMyAdmin. The solution was simple. Clear the browser cache and try to login again. You should be good to go.
Old thread I know, but I've been struggling all day with this.
I'm on MacOSX Lion. Unfortunately, I've been struggling with the same issue all day. In my case however, I was not getting an errors in the php error_log. So I was clueless as to what was happening. I finally found a setting in phpMyAdmin's config.inc.php and used it like so:
$cfg['Error_Handler']['display'] = true;
After this I was able to see in the browser itself what the problem was with permissions on the folder specified in session.save_path (./tmp which is a symlink to /private/tmp on mac).
However, I'd like to add the setting a 777 to the session.save_path folder may not be the right thing to do. I have done the following which seems safer:
owner: root (default)
group: _www (sudo chgrp _www /private/tmp)
Then allow the group to read, write and execute using:
sudo chmod g+rwx /private/tmp
Prevent others from reading, writing or executing in this folder:
sudo chmod o-rwx /private/tmp
I too upgraded to 10.6, actually I got a new mac and migrated my system over, then I installed phpmyadmin 3.4.2 and was getting messages about not being able to login as well as message about needing mcrypt. I re-installed PHP, now I'm running PHP Version 5.3.6.
I had Navicat on my system and was able to log into mysql database without issue. I tried resetting my mysql password, but that would not take. Not sure why. I had no valuable data so I re-installed MySQL, now I'm running MYSQL 5.5.13.
Still I could not login with phpMyAdmin - however thanks to new MySQL I was no longer seeing message about needing encyption, but I was getting a #1045 error on phpmyadmin. I guess it was telling me I had wrong password. Actually I had never set a password! I guess phpMyAdmin didn't like that as it would not allow me to login without a pw. (as you can see from this post I am not well versed in linux/unix, but I am one persistent fellow! this took me three nights.)
I entered these in Terminal to set a password, then phpmyadmin worked!
1) Need to first stop the MYSQL server, enter this in Terminal, then hit enter:
/etc/rc.d/init.d/mysql stop
2) Then set a password or new password. Needless to say replace 'whatever…" with your password of choice by entering this line in Terminal, and hit enter.
UPDATE mysql.user SET Password=PASSWORD('whateverfornew') WHERE User='root';
3) Now flush the privileges by entering this line in Terminal, and hit enter:
FLUSH PRIVILEGES;
4) Now restart MySQL by entering this line in Terminal, and hit enter:
/etc/rc.d/init.d/mysql start
5) Now login to your phpmyadmin with username "root" and your new password.
Yep, I know this is rudimentary and I have no idea if I am following best practices but for those of us who are new to Mac / Unix and want to get phpmyadmin, mysql etc running this worked for me. Personally I found a lot of forums but most already assume that reader is comfortable using terminal and Unix commands…which I am not - I just wanted a working development zone.