I am making a website that I expect to be hosted on several servers. I want to be able to check to make sure the MySQL user that has been created on those servers has sufficient privileges so that I can give a clear error if one of the privileges that the MySQL user requires is missing.
I found the MySQL command SHOW GRANTS FOR CURRENT_USER but its output looks like it would require a bunch of work to parse.
Is there a better way to verify that the MySQL user has sufficient permissions?
Hi try using the select statement below instead of SHOW GRANTS.
SELECT * FROM mysql.user WHERE USER LIKE 'root';
Related
Is there a way to create a database on the online server dynamically where you can create the user and set the privilege from there it self.
i tried creating a database on my cpannel dynamically using php but it shows a error message of access denied. It only shows up a option to create the database statically and allocate the rights to a particular user.
this thing is to be done in PHP.
You have to use MySql commands in query in PHP for creating the database and setting the privileges.
Okay so heres the situation. I have just had to move servers due to budget cuts so the new server is a webfusion VPS. I am now getting an access denied error on all mysql queries. This is the specific error:
Access denied for user 'www-data'#'localhost' (using password: NO)
I do not know what is causing this. I have a database with the mysql username and password stored in a different php file. The username shown in the error is not the same as the actual ussername and I am using a password. It is my understanding that you can put your own php.ini file in the webfusions root and that will work. Is there something I have missed? I have been running on coffee today so that could be why. The mysql database is on the same server btw.
It could be a couple of things. I guess let's start with what is correct.
Your MySQL server address is correct and your webserver is able to connect to it. This should be a given since your webserver and MySQL server appear to be on the same machine.
The username you are using is www-data. That is the first thing I would check. Make sure that is the proper username.
Now check your password. It looks like you are trying to not have to use a password. Chances are that is incorrect (and if it is correct, you really should think about changing that).
Other than that, there is not much else that could be going wrong there. Are you intending to connect to the MySQL server that is on the same machine as your website?
Did you create the appropriate MySQL users after you migrated the database? Grant tables and user privileges are usually not transferred while doing a DB migration (unless you are using some specific tools like the ones provided by Percona etc.)
I am new with Plesk, I used cPlanel whole this time, and never had problems like this.
I created database on subdomain and add user to that database, and when I enter in phpMyAdmin i get error "No Privileges". I cannot connect to database trough php because of this.
This is how it looks
http://imageshack.us/photo/my-images/9/unledpyzx.png/
priv http://imageshack.us/photo/my-images/9/unledpyzx.png/
Thank you in advance
Plesk doesn't give you permissions to create databases through the phpMyAdmin tool, and instead gives you a different interface for creating databases. It looks like you've already completed that step, so you should be fine. The next thing you need to do is define your db structure, which you can do using phpMyAdmin.
I have a problem with the MySQL root user in My MySQL setup, and I just can't for the life of me work out how to fix it. It seems that I have somehow messed up the root user, and my access to databases is now very erratic.
For reference, I'm using MAMP on OS X to provide the MySQL server. I'm not sure how much that matters though - I'd guess that whatever I've done will require a command-line fix to solve it.
I can start MySQL using MAMP as usual, and access databases using the 'standard' users I have created for my PHP apps. However, the root user, which I use in my MySQL GUI client, and also in phpMyAdmin, can only access the "information_schema" database, as well as two I have created manually, and presumably (and mistakenly) left permissions wide open for. My 15 or so other databases cannot be accessed my the root user. When I load up phpMyAdmin, the home screen says: "Create new database: No Privileges".
I certainly did at some stage change my root user's password using the MAMP dialog. But I don't remember if I did anything else which might have caused this problem. I've tried changing the password again, and there seems to be no change in the issue.
I've also tried resetting root password using the command line, including starting mysql manually with --skip-grant-tables then flushing privs, but again, nothing seems to fix the issue.
I've come to the end of my ideas, and would very much appreciate some step-by-step advice and diagnosis from one of the experts here!
Many thanks for your help.
I had the same issue: only one user account worked to access the mysql databases via the administration console or the query browser. When I used the skip-grant-tables suddenly all accounts could log in, including root.
I saw it as a bug as far back as 2006, but the final entry there isn't a command that can be executed when in skip-grant-tables mode, so I still hadn't solved the issue.
What helped me
This answer is similar to one described by Ben Bakelaar in the above link. The problem comes when your my.ini has the name resolution flag disabled (skip-name-resolve). This kills mysql's ability to resolve 'localhost' and the mysql.user table only has an entry for localhost / root.
Update your mysql.user table's localhost entry to be 127.0.0.1 instead, and you can log in to the local consoles even with the skip-name-resolve feature enabled.
Try starting the server with --skip-grant-tables and then checking the privilege tables in the mysql database:
select * from user where User='root';
select * from tables_priv where User='root';
select * from db where User='root';
You could also try:
show grants for root#localhost;
show grants for root#'%';
show grants for root#'hostname';
Once in you could do this to attempt to give root full privileges:
grant all privileges on *.* to root#localhost identified by 'password' with grant option;
Your comment shows your current root privileges (without --skip-grant-tables). It's fine that you do not have any entry for 'root'#'%', you do not have that by default and you can consider it a security measure.
It looks like you've messed up your 'root'#'localhost' privileges. GRANT ALL PRIVILEGES ON . is weird. Usually, you have something like GRANT ALL PRIVILEGES ON *.* or GRANT ALL PRIVILEGES ON myDatabase.myTable. Your GRANT does not specify the databases and/or tables to grant the privileges for. I have no idea how your client managed to produce it. I cannot reproduce it with the mysql commandline client (tried empty strings, whitespace, any kind of quotes...), mysql refuses the GRANT statement (which, of course, is the correct behaviour). Looks like MAMP is doing something really strange. Since I cannot reproduce a GRANT like yours, I cannot say how mysql interprets that, but I guess it has set the privileges to 'N' on the global level.
To fix it, you need a user with appropiate privileges. Usually, you have a user 'root'#'localhost' and a 'root'#'your-hostname'. If you're lucky, 'root'#'your-hostname' is still fine. Afair, mysql connections work as follows: If you connect to localhost, you connect as 'root'#'localhost' (not sure about 127.0.0.1, I guess it is also 'root'#'localhost'). If you connect to your-hostname, you connect as 'root'#'your-hostname'. If this user's privileges are still ok, you can update the privileges for 'root'#'localhost' and you are done.
In your comment, you say you cannot connect via 127.0.0.1 since the socket is in an unusual place. I guess you misinterpret the error. IIRC you connect via socket if you connect to 'localhost', but via TCP/IP if you connect to 127.0.0.1 or your-hostname. If mysql tries to connect via socket and cannot find the socket (because you did not specify the correct location), the error message mentions where mysql tried to find the socket. Your error message does not. I guess your error is a networking error. Maybe you've started the mysql-server with the --skip-networking option, or your configuration specifies an incorrect bind-address. You need to fix that first, otherwise you can't connect as 'root'#'your-hostname'.
Thats because MAMP and the command line mysql (and the mysql everything except MAMP) are different.
MAMP has its own built in mysql and you can't get to it via the command line, only the build in phpmyadmin.
this has been my experience, I have MAMP and use the other mysql for ruby on rails and other stuff.
had a bit of confusion going around in work earlier. Thought id run it by yous to see if anyone knows wats going on.
Were working on an internal administration system for our client, and its rite about to launch. Its comprised of TWO MySQL databases on the server [db_1 and db_2] and a PHP front end. [Both databases contain several tables].
There are maybe 90 different PHP files, some of which require a connection to our databases and ALL of these connections are made via a single PHP function which explicitly connects to the first database mentioned above [db_1] and supplies the login and password. And this works fine.
However, our second database, db_2, does not seem to require its own login and password to access its contents.
As soon as we connect to db_1, we seem to have full access to db_2, as long as we use the Full-Name for our tables [ie: db_2.usersTable] -> ("SELECT * FROM db_2.usersTable WHERE...").
And this is what was causing much confusion.
My question is this: Once you connect to a database on a server, do you have access to other databases on that server, or are we overlooking something???
Any feedback greatly appreciated lads...
You usually don't access a database server by a specific database, but by a user that has access to one or more databases.
for example:
mysql_connect("localhost", "user", "password") or die(mysql_error());
connects to the server and not a specific database.
Once connected to the database server you have access to all databases for which that user has permission. You just need to specify the database name in your queries if there are multiple databases that aren't the default.
mysql_select_db("myTable") or die(mysql_error());
sets myTable as the default, but you can still access other tables that the user has permission to.
I might be wrong, but doesn't PHP only connect and authenticate with the MySQL server with a user? And thus, based on that user's permissions, PHP can select any database that user has access to. I would check the permissions for the user you are connecting with...
Once you connect to a database on a
server, do you have access to other
databases on that server
If you have permissions to other databases, then yes. When you connect, you're connecting to the server and setting your default database to the one specified. Which is why you have to explicitly specify db_2 when you want to access it, but you don't have to specify db_1.