khefner Posted December 25, 2005 Share Posted December 25, 2005 I am trying to get a php script to access a mysql database for a website I administer. Mysql is installed and working on the website server. I also have access to PHPMyAdmin application. Here is what I get when I connect to my php file using a web browser: Connected to MySQL MySQL server version: 3.23.58 MySQL host info: Localhost via UNIX socket Error creating database: Access denied for user: 'wjw-admin@localhost' to database 'my_db' Here is the code from my php file <html> <body> <?php $db = mysql_connect('localhost', 'user', 'password') or die("Unable to connect to MySQL"); print "Connected to MySQL<br>"; printf("MySQL server version: %s\n", mysql_get_server_info()); printf("MySQL host info: %s\n", mysql_get_host_info()); $sql = 'CREATE DATABASE my_db'; if (mysql_query($sql, $db)) { echo "Database my_db created successfully\n"; } else { echo 'Error creating database: ' . mysql_error() . "\n"; } ?> </body> </html> I edited my code posted here for the user and password. That is really my first question; I am not really sure what to use for my user and password. I have a admin account for MySQL (I can change this on my admin control panel) but I dont think thats the password to use. (Thats what I use when I get the error above) I thought the password could be set with PHPMyAdmin but I could not find how to do that in the documentation. So basically I have a feeling my problem is that I am not using the right user/password, but I dont know how to look them up or create them. Thanks, Hef Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/ Share on other sites More sharing options...
fenway Posted December 25, 2005 Share Posted December 25, 2005 Adding new users is not done via PHPMyAdmin -- it's usually available from a "MySQL Databases" (or something similar) in your webhost's control panel (cPanel, Plesk, etc.). BTW, it's possible that even with a valid user/pass, you can still get this error -- see the relevant [a href=\"http://dev.mysql.com/doc/mysql/en/Access_denied.html\" target=\"_blank\"]refman page[/a] for more info. Hope that helps. Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10393 Share on other sites More sharing options...
khefner Posted December 26, 2005 Author Share Posted December 26, 2005 [!--quoteo(post=330313:date=Dec 25 2005, 08:53 AM:name=fenway)--][div class=\'quotetop\']QUOTE(fenway @ Dec 25 2005, 08:53 AM) 330313[/snapback][/div][div class=\'quotemain\'][!--quotec--] Adding new users is not done via PHPMyAdmin -- it's usually available from a "MySQL Databases" (or something similar) in your webhost's control panel (cPanel, Plesk, etc.). BTW, it's possible that even with a valid user/pass, you can still get this error -- see the relevant [a href=\"http://dev.mysql.com/doc/mysql/en/Access_denied.html\" target=\"_blank\"]refman page[/a] for more info. Hope that helps. Yes thanks Fenway, I was able to retrieve data from the database so I know my log in must be working. A question regarding security using a "log in screen". Right now I have the user and password part of the php script. So how is that secure? When the page opens, the connection is made. Thanks, Kevin Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10417 Share on other sites More sharing options...
fenway Posted December 27, 2005 Share Posted December 27, 2005 I assume you mean a user login page -- that is used to authenticate _application_ users, not database users (although there could be some overlap). Obviously, to check their credentials, you'll need to read their DB record, so you'll have to have made a connection already. The user/pass to your DB is only as safe as your FTP access / control panel access. Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10432 Share on other sites More sharing options...
khefner Posted December 31, 2005 Author Share Posted December 31, 2005 Thanks, I have the security figured out I think. Using my admin control panel, I password protected the directory that has the php files in it. Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10518 Share on other sites More sharing options...
khefner Posted January 2, 2006 Author Share Posted January 2, 2006 [!--quoteo(post=330573:date=Dec 27 2005, 12:24 AM:name=fenway)--][div class=\'quotetop\']QUOTE(fenway @ Dec 27 2005, 12:24 AM) 330573[/snapback][/div][div class=\'quotemain\'][!--quotec--] I assume you mean a user login page -- that is used to authenticate _application_ users, not database users (although there could be some overlap). Obviously, to check their credentials, you'll need to read their DB record, so you'll have to have made a connection already. The user/pass to your DB is only as safe as your FTP access / control panel access. Well I am still a little unclear about the user set up for mysql. Right now, I am able to connect, insert, and retrieve data from the mysql database using PHP. I am using my admin mysql login and password to connect to the database and gain full privelegdes. I know this is not a desirable situation for security reasons etc, so my question is, how do I create DB users (for a specific database) with specific privelegdes? Anotherwords I may only want them to be able to perform certain commands. (insert etc) Can I do this using PHPADMIN utility? The version of mysql is 3.23.58 Thanks, Hef Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10535 Share on other sites More sharing options...
fenway Posted January 2, 2006 Share Posted January 2, 2006 This can be acheived with MySQL GRANT statements; I believe that PHPMyAdmin has a "privileges" page as well with a GUI to these options too. Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10536 Share on other sites More sharing options...
khefner Posted January 3, 2006 Author Share Posted January 3, 2006 [!--quoteo(post=332484:date=Jan 2 2006, 12:00 PM:name=Hef)--][div class=\'quotetop\']QUOTE(Hef @ Jan 2 2006, 12:00 PM) 332484[/snapback][/div][div class=\'quotemain\'][!--quotec--] Well I am still a little unclear about the user set up for mysql. Right now, I am able to connect, insert, and retrieve data from the mysql database using PHP. I am using my admin mysql login and password to connect to the database and gain full privelegdes. I know this is not a desirable situation for security reasons etc, so my question is, how do I create DB users (for a specific database) with specific privelegdes? Anotherwords I may only want them to be able to perform certain commands. (insert etc) Can I do this using PHPADMIN utility? The version of mysql is 3.23.58 Thanks, Hef Well I will have to look into doing it with grant statements. I dont think my version of phpmyadmin (phpMyAdmin 2.6.0-pl3 ) has the "priviligdes feature". (Although I agree with you it exists!) I have looked all over the application and I find nothing regarding privilegdes and users. Thanks, Hef Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10550 Share on other sites More sharing options...
fenway Posted January 3, 2006 Share Posted January 3, 2006 Guess so... MySQL 5 has an CREATEUSER() command, I think. Just remember that even to _create_ a new database you need to correct GRANT privilege (e.g. CREATE) before you can "create" it! Quote Link to comment https://forums.phpfreaks.com/topic/3096-passworduser-for-mysql/#findComment-10554 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.