Jump to content

kimdan

New Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

 Content Type 

Posts posted by kimdan

    reg. while loop with fetch_row

    in MySQL Help

    Posted

    PHP Freaks forum users,

     

    Thanks in advance for your interest in helping.

     

    This is my second post, I have general, basic computer programming experience and am beginning PHP.

     

    I don't see why the following loop works (PHP), given the variable

    $sqli1_dat 

    an object taken from a mysqli query. the loop --

     

    while( $x = $sqli1_dat->fetch_row() )

    {

    printf("%s\n", $x[0] );

    }

     

    this prints column 0. I am aware that fetch_row increments the pointer every time it's called.

     

    But I do not follow the loop condition expression. It looks like a variable assignment, like $x = 5? But the loop condition needs to be a truth-value, such as the expression

    $x == 5

     

     

    Dan

    access mysql without root pwd in code

    in MySQL Help

    Posted

    Thanks for the advice!

     

    I will look for the 0750 file permission.

     

    I realize that the design is such that HTTP client would not have access to the php script. But for security standards, my guess with no experience is that, as I wrote, the linux-user password is more secure than this because it is encrypted and is hidden even from a linux admin user. That guess is not correct in any practical sense?

    access mysql without root pwd in code

    in MySQL Help

    Posted

    PHP forum users, thanks in advance for your interest.

     

    I am beginning LAMP,

     

    can only access mysql using the mysql_connect statement.

     

    created a limited mysql-user, granting many permissions for a test database only.

     

    I entered that user in the mysql_connect expression

     

    in the apache 2.4 log, reported access denied

     

    (by the way, were do I find this event recorded in a mysql log?)

     

    Yet with root user, access passed.

     

     

    So-----

    the password is not hashed. In fact standard linux-users have read privelege to the /var/www/html directory and can view the pwd!

     

    How do people access mysql without exposed root password?

     

    Is there a way to use mysql_connect with a limited mysql-user? What privileges need to be granted? Or required some other setting?

     

    One could I guess limit access priveleges to /var/www/html? isn't that less secure than linux user-passwords for example, which are hashed?

     

    another way -- encrypt the folder (I saw something like htaccess)?

     

    Any suggested way, or reference to material? In particular, what is the shortest way for someone only beginning?

     

    Thanks again!

    Dan

     

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.