I have a strange include file problem. I'm hoping its a simple fix due to being a 2-day-old, PHP noob.
I'm simply trying to include DB credentials in to my parent script, like this:
db-conn.php
<?php
$dbUsername = "xxx";
$dbPassword = "xxx";
$dbHostname = "localhost";
?>
parent.php
<?php
include("c:/inetpub/vhosts/mydomain.net/php-private/db-conn.php");
//echo $dbPassword;
//echo $dbUsername;
$dbHandle = mysql_connect($dbHostname, $dbUsername, $dbPassword) or die("Unable to load page content due to a connection fault.");
unset ($dbHostname, $dbUsername, $dbPassword);
echo "Connected to MySQL<br><br>";
?>
But I'm getting this error:
Access denied for user 'xxx'#'localhost' (using password: NO)
What is strange about this (for me) is that I can echo the username and hostname successfully but I cannot echo the password, it's empty. Yet if I go to my include file, copy the password from 'dbPassword' and paste it inline on my parent page, it works. This proves my password is correct, the username and hostname ARE included, I just can't access my password variable!
Can somebody pleeeease put me straight here. I've already pulled my hair out tonight with open_basedir and permissions for this include file!! _
*UPDATE - *
Problem solved, please see my answer below.
If db-conn.php and parent.php are in the same folder, you can directly use
include ('db-conn.php');
And I'm not sure about the use of unset ($dbHostname, $dbUsername, $dbPassword);
Also it's saying that no password has been set. So maybe you should use empty string for the $dbPassword variable $dbpassword = '';
Access denied for user 'xxx'#'localhost' (using password: NO)
is simply telling you that you are not giving password to mysql_connect()
You can 1. Check if you are including the correct db-conn.php file.
2. Add this to the top of your db-conn.php
global $dbUsername, $dbPassword, $dbHostname;
Try using 127.0.0.1 as a hostname. The problem is that sometimes PHP doesn't accept localhost as host, because of a missing line in the host.ini file.
Sorry for wasting time guys. I found the problem. I didn't give FTP users write access to the \php-private\ folder I created before the root, so when I was changing the file and uploading it, if I actually checked the FTP logs I would have seen that it failed with 'Access Denied'. I changed permissions and kapow, my CURRENT include file works fine! What a pleb!
Related
my localhost is saying error like Warning: mysqli::__construct(): (HY000/1045): Access denied for user 'root'#'localhost' (using password: YES) in C:\xampp\htdocs\registration\includes\db.php on line 3 on the browser I have all things done here's the image of the error in browser.
1: here is the image which is facing the error
and also if I am doing something wrong in my code editor then here's the image of the db.php db.php files code
This issue is tricky. But, how i went around it was straightforward.
in your mysqli_connect(_,_,_,_) arrange them in this order of "localhost", "user", "password", "database_name";
You may have an invalid password.
Edit: To me it looks like you're failing to actually pass parameters to the connection function, are you including / importing the variables?
You have passed invalid credentials (user name and/or password) when trying to connect to the database. What to pass can't be answered here because only you (the database administrator) would know about the existing user accounts.
To add an user account to a MySQL database see MySQL :: MySQL 5.7 Reference Manual :: 6.3.2 Adding User Accounts[^]. This requires connecting as root and providing the root password if one has been set.
The second is a result of the first and of using the wrong error function. For mysqli_connect(), you have to call PHP: mysqli::$connect_error - Manual[^] instead of mysqli_error() upon errors:
Hide Copy Code
$connection = mysqli_connect ($host, $user, $password) or die('Not connected : Ah sh*t ' . mysqli_connect_error());
change back your password to null
go to mysqladmin root (C:\xampp\mysql\bin) and type
mysqladmin --user=root --password=oldpassword password""
dont type any character when request new password, just push enter and enter
viola refresh your phpmyadmin page,
the problem caused by changing password via command window, just change the password via phpmyadmin page to avoid such error, http://localhost/phpmyadmin
This is how you should connect your database using mysqli :
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "dbname";
$db = new mysqli($servername, $username, $password, $dbname);
?>
I have had the same problem trying to install OpenCart on xampp (32bit). I was completing the information that I thought was being requested when in fact all I was being asked for was the name of the database. Leave all fields as oriinal just the name of your DB.
Leave password blank.
make sure this mapping is done
IN path\xampp\phpMyAdmin\congig,inc
/* Authentication type and info */
$cfg['Servers'][$i]['auth_type'] = 'config';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = YOUR_DEFAULT_PASSWORD;
and you connection file
<?php
$servername = "localhost";
$username = "root";
$password = YOUR_DEFAULT_PASSWORD;
$db = "ecommerece";
$con = mysqli_connect($servername, $username, $password,$db);
your DB_HOST is your mysql server ip (most time is localhost)
your DB_USER is your User of Mysql (most time is root)
your DB_PASS is your Password of Mysql User (most time is none)
your DB_NAME is your name of your database in Mysql server
quick mysql question.
I'm new at php/mysql and followed a tutorial(php/mysql for dummies) so I don't really know what I did wrong or if the tutorial is wrong.
I have a file, "database_connections.inc", that looks like this:
<?php
$user = "username";
$host = "host";
$password = "password";
$database = "database";
?>
With the actual credentials not included for obvious reasons.
Then in another file, login.php, I have:
include("database_connections.inc");
$cxn = mysqli_connect($host,$user,$password,$database)
or die("Query died: Couldnt connect to server.");
I get an error message with the "or die" text, accompanied by a warning:
host xxxxx.000webhost.com is not allowed to connect to this mysql server in....
Why not? I'm sure my credentials are all correct.
I've read in a few places to run some shell statements...but can't really do that, I'm on Windows.
I'm using phpMyAdmin, so hopefully I can do something from there?
Open "database_connections.inc" and change it to look like this:
<?php
$user = "root";
$host = "localhost";
$password = "";
$database = "test";
?>
MySQL is by default configured to work with localhost (or 127.0.0.1), in order to allow "host xxxxx.000webhost.com" as host, open phpMyAdmin and select "SQL" and execute this query;
GRANT ALL ON your_database_name.* TO your_user#your_host_xx.xxx.xx.xx IDENTIFIED BY 'your_password';
Go into PHPMyAdmin, and edit your user.
Under Login Information, there should be an option for "Host"- try adding xxxxx.000webhost.com.
I am programming a game in PHP and have the following code to connect to a database
//$sqldb=mysql_connect('godaddy.hostedresource.com', 'godaddyUserName', 'godaddyPassword') OR die ('Unable to connect to database! Please try again later.');
$sqldb=mysql_connect('localhost', 'root', 'mypassword') OR die ('Unable to connect to database! Please try again later.');
The trick here is that if I am on the production server I comment out the godaddy database; when I upload the code to the server I then comment out the localhost code instead.
Unfortunately the ineveitable has happened and I uploaded the code with the wrong connection commented out; this led to 24 hours of locked out customers! :(
Is there a way to have the code to tell if it is on the localhost server, and if it isn't it then looks for the godaddy connection?
you can try this to identify if its on live or localhost
if($_SERVER["SERVER_NAME"] == "localhost"
&&
$_SERVER["SERVER_ADDR"] == "127.0.0.1"){
// in localhost
$hostname = "localhost";
$username = "localuser";
$password = "localpassword";
}else{
// not in localhost
$hostname = "livehost";
$username = "liveuser";
$password = "livepassword";
}
and fail if couldn't connect to database but save the error into a file.
if(!mysql_connect($hostname,$username,$password)){
file_put_contents("mysql_connect.error",mysql_error(),FILE_APPEND);
die("Couldn't connect to database");
}
a suggestion, try not to use mysql_* anymore, switch to PDO or mysqli ..
if ($_SERVER['SERVER_NAME'] == 'the.name.of.your.devel.server') {
$host = 'localhost';
} else {
$host = 'name.of.godaddy.server';
}
$sqldb = mysql_connect($host, ....);
i normally use a method of obtaining the URL / domain of the site? This can work in certain situations and setups. Otherwise if your operating with a fixed IP than you can also use this method
Have a look over the methods using $_SERVER
PHP $_SERVER
One way would be for you to check your external IP address and see where you are. A solution should present itself by looking at the properties inside the $_SERVER global variable.
I have a good suggestion : You coding a game , game is a big program, you don't use mysql* function directly in big program , because yourself should handling them, such as error handling.i suggest you use a DB-Handler. please google for : DB-Handler PHP
As has been mentioned by other people, you can obtain the current site your script is running on using the $_SERVER variable. However, I would like to provide an alternative solution.
You could make a folder in your website (both local and production), something like config, then store a configuration file in it, for example config.php, with the following:
<?php
// Local
$db_host = 'localhost';
$db_username = 'root';
$db_password = 'mypassword';
?>
And for production:
<?php
// Production
$db_host = 'godaddy.hostedresource.com';
$db_username = 'godaddyUserName';
$db_password = 'godaddyPassword';
?>
and disallow access to the directory with a .htaccess file in the directory, something like:
deny from all
Then, in your PHP code, do the following:
<?php
require_once($_SERVER["DOCUMENT_ROOT"] . "/config/config.php");
$sqldb=mysql_connect($db_host, $db_username, $db_password) OR die ('Unable to connect to database! Please try again later.');
?>
Now, simply leave the different configuration files where they're at and upload everything else, so your code will access different configuration files whenever it runs.
Also, the .htaccess file should prevent anyone from accessing the file via HTTP, and having the file contents in PHP tags, as well as a .php extension should prevent anyone from seeing any contents if they were able to access the file (PHP would parse the file before it is rendered, and would output nothing).
I have a php file that holds my login details named "connect.php".
$host = 'localhost';
$username = 'username';
$password = 'password';
$database = 'database';
And I'm trying to connect with another file (html) with this as its contents:
$a = file_get_contents("http://example.com/folder/connect.php");
echo ($a);
mysql_connect ("$host", "$username", "$password");
#mysql_select_db($database) or die("Unable to select database");
And it keeps on giving me this error:
Warning: mysqli_connect() [function.mysqli-connect]: (28000/1045): Access
denied for user '**wrong username**'#'localhost' (using password: NO) in
/home/path/public_html/repo/path/downloads.php on line 40
Instead of
$a = file_get_contents("http://example.com/folder/connect.php");
echo ($a);
You should be using require/include:
require_once '/folder/connect.php';
Your current code still won't work using HTTP since you'd need to eval or parse the result to assign your $username and $password variables, just outputting the result of the PHP script doesn't assign any variables.
You shouldn't need to (or be able to) use http to download your MySQL connection information through HTTP especially with no authentication. That is a big security issue. If that is your setup you should change it, so that you have a local configuration file stored outside of your web root which has your db host, username, and password in it.
you should use include instead of file_get_contents in order to get the connect.php interpreted as a php file:
include '/path/to/connect.php';
I'm working through examples from a book on php/mysql development.
I'm working on a linux/apache environment.
I've set up a database and a user. I attempt to connect with this line of code:
$db_server = mysql_connect($db_hostname, $db_username, $db_password);
I get this error:
Warning: mysql_connect()
[function.mysql-connect]: Access
denied for user 'www-data'#'localhost'
(using password: YES) in
/var/www/hosts/dj/connect.php on line
3 unable to connect to database:
Access denied for user
'www-data'#'localhost' (using
password: YES)
I can only guess what is happening here:
I think www-data is a username for apache. Upon the database connection, the credentials being passed in to mysql are not those of my database user, but rather apache's own credentials. Is that what is happening here?
How do I pass in the credentials I've defined for my user ?
edit:
By the way - I do have credentials in the variables $db_hostname, $db_username, $db_password.
they are passed in by another file using require_once. If that file can't be found, then I get an error. So, I know that my username and password are being used by my script.
Both my scripts can be seen here:
http://pastebin.com/MUneLEib
#
Solved:
Thanks guys.
A couple of you pointed out that I had coded carelessy.
Also, I was particularly pleased by Neo's answer: he told me why the username of the owner of the apache process was being used.
:)
I just looked at your code! The variable with the username is $database_username but
you are using $db_username.. Change your code to:
$db_server = mysql_connect($db_hostname, $database_username, $db_password);
or you could change the line with username with:
$db_username='[your mysql user]';//or the username you created
When you don't pass anything it will be the user mysql assumes but it will not get the password so if you hadn't defined $db_password it would say: (using password:NO)
you set $database_username with you user but you are passing $db_username which is not set so the user is the linux username as default when nothing is passed with the password for the mysql user! Since there is no mysql user with that password or privileges or even with that name you are not given access!
That user is www-data which is as you guessed an apache user assigned to client-side requests!
In your login.php you use the variable $database_username, but in your connection function you use $db_username. Try matching them up.
The username goes into $db_username, and the password goes into $db_password.
All these other answers are so presumptuous, as if you don't know that $db_username means database username and same for password.
The error says that you've specified an username and password. You just specified the wrong ones. You need to use the username and password of MySQL, NOT the system username/password combination, so no, this will not be www-data. This may be root and some password, but again, these credentials are specified within MySQL, and are not (necessarily) the same as the system users and passwords.
Your MySQL installation should have a root user with a default password (which you should promptly change). There are several options: you can add an user via the MySQL command line or use an interface like cPanel or Webmin if your provider has something like this; I've used both of these and they both have easy interfaces to add new MySQL users and assign them privileges.
Also just a tip: I typically create one user per database and give the user full privileges on the database, and then use that user with the application linked to the database.
And then of course, once you create a MySQL user account and give it privileges on your web app's database, fill in that username and password into your script.
<?php
$dbhost = 'localhost';
$dbuser = 'username';
$dbpass = 'password';
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql');
?>
Make sure you actually assign your database login username and password to those variables before you try to connect. For example, before the line with mysql_connect():
$db_username = 'myuser';
$db_password = 'mypass123';
I'd recommend you go through a tutorial regarding MySQL and PHP before trying to go any further - just so you understand how it all works.
Try this one:
http://www.tizag.com/mysqlTutorial/mysqlconnection.php
Also, documentation is your friend:
http://php.net/manual/en/function.mysql-connect.php
The error given could mean that the privilege has not been granted, or perhaps the password is incorrect. Check that user is created and granted access, or just issue this to be sure it set to allow access on the mysql server.
$ mysql -u root -p
password:
(blah blah blah from server)
GRANT ALL PRIVILEGES ON db_base.* TO 'db username'#'localhost' IDENTIFIED BY 'some password';
If all privileges is too much, consider giving only the basic permissions needed:
GRANT SELECT,UPDATE,DELETE ON db_base.* TO 'db username'#'localhost' IDENTIFIED BY 'some password';
By the way, the server response to this statement on success is Query OK, 0 rows affected.
Your code is correct, it is saying your password is incorrect so your mysql database is rejecting the mysql connection. If you are using xampp use:
localhost
as hostname &
root
as username & in xampp there is no password so it would be
$password = ""; then $dblink = new mysqli($hostname, $dbuser, $password, $dbname);
so you can set your vars like this
<?php
$hostname = "localhost";
$dbuser = "root";
$password = ""; // means there is no password to the database
$dbname = "test"
?>
Conclusion :
if you get this as your message -
Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'www-data'#'localhost' (using password: YES) in /var/www/hosts/dj/connect.php on line 3 unable to connect to database: Access denied for user 'www-data'#'localhost' (using password: YES)
It means the password you entered is wrong or there is no password.
Stop using mysql_connect()!
You should not use this or other related functions related to this extension.
It's depreciated and removed in PHP 7.0.0 and beyond.
An alternative is using PDO or MySQLi.
Below is an example script for connecting to MySQL using PDO:
<?php
/* Connect to a MySQL database using driver invocation */
/* DSN options:
http://php.net/manual/en/ref.pdo-mysql.connection.php
Error handling options:
http://php.net/manual/en/pdo.error-handling.php
Learn how to secure against SQL injection attacks:
http://php.net/manual/en/pdo.prepared-statements.php
*/
$user = 'myusername';
$pass = 'mypassword';
$host = 'localhost';
$mydb = 'mydatabase';
$dsn = "mysql:dbname=$mydb;host=$host";
try {
$dbh = new PDO($dsn, $user, $pass);
} catch (PDOException $e) {
echo 'Connection failed: ' . $e->getMessage();
}
?>