Understanding Passwords
1. I know in mySql you need a username and a password to access a database. However, can you set a username and password (or even just a password) to access a table or a row?
2. Is there a way you can set a database so you can only add data?
3. is there a way I can have people access values to a database (php) without using a password?
4. is there a way to set up diffrent users (with diffrent permissions) for accessing mySQL data?
5. Any comments about how I can get alot of people accessing a database, from diffrent websites, with keeping i as secure as possible?
View Complete Forum Thread with Replies
Sponsored Links:
Related Messages:
Understanding Explain
I'm trying to understand MySQL better. I can't seem to figure out why the second query takes 2 minutes and the first query takes 12 seconds. It should be noted that the table, KBM, has 250 million records. I'm using MySQL 5.0.2. I guess I'm trying to get a better understanding of what "using index" means in the "extra" column. Here's the result of the explain on my first query: SQL-query: explain Select count(1) as counter from kbm force index (NewEstimatedIncome,State) where 1=1 and ( (State = 'OH') ) id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE kbm ref State,NewEstimatedIncome State 2 const 7958721 Using where, Using index Here's the result of the explain on my second query: SQL-query: explain Select count(1) as counter from kbm force index (NewEstimatedIncome,State) where 1=1 and ( (State = 'OH') ) and ( (NewEstimatedIncome >= '030' and NewEstimatedIncome <= '039') ); id select_type table type possible_keys key key_len ref rows Extra 1 SIMPLE kbm ref State,NewEstimatedIncome State 2 const 7958721 Using where.
View Replies !
View Related
Understanding INDEX
I was wondering if you guys could help me get a better understanding of the correct sintax to index table columns. From what I was able to understand, an index fastens querys to the database. Also, when we dont specify an index, mysql automatically uses the primary key as the index, right? So, if we had a table with a lot of fields, and we knew that most of the querys would be based, for example, on two of them, theoretical if we indexed those two fields, we'd get much more faster querys, right? So, what would be the correct sintax to do that? Maybe something like this?
View Replies !
View Related
Understanding Max_allowed_packet
I have written some PHP code that executes a multi query... one or more queries separated by a semi-colon. As I was using the code to restore database backups (for testing purposes), some of the queries were quite large. I was receiving an error message about the packet size being too big (I have forgotten the exact error message), so I tried increasing the size of the max_allowed_packet server variable. This cleared up the problem. However, now I need to do scheduled backups of a remote database using mysql (ie: no mysqldump or other similar programs). I can foresee that perhaps I might have the same problem, but instead of exceeding the maximum packet size when sending packets to the server, the maximum packet size when receiving packets from the server may be exceeded. I was wondering: * How does MySQL break the communication into packets? Is there a reason why, if MySQL detects the packet size being exceeded, that the packet isn't broken into smaller packets? * If I run a select query on a large table, selecting all of the rows, is there a chance that the returned results will exceed the max packet size (ie: are results all sent as one packet, or a packet per row, or something else)?
View Replies !
View Related
Understanding JOINs
Table structures: - AUCTIONS: id | other fields... - AUCTIONS_BIDS: id | auction | amount | other fields... When viewing the AUCTIONS, users should be able to filter out records based on whether or not the current high bid for an auction is less than or equal to a value they supply. I want to select all information from the AUCTIONS table with this query, it doesn't need to return any data from the AUCTIONS_BIDS table. But it does need to be able to reference the AUCTIONS_BIDS table and eliminate auction records in the fashion I described. As far as I understand JOINs and similar concepts, I am under the impression that this can be achieved with a single query.
View Replies !
View Related
Understanding Foreign Keys
Sorry about the level of knowledge in this post but I'm not understanding how MySQL handles Foreign Keys. The CREATE DATABASE statement has allocation of a Foreign Key through the FOREIGN KEY [index_name] (index_column_name,...) Does the [index_name] refer to the table from which you are obtaining the key? If so does this then mean that the (index_column_name) is the column name that holds the data that makes up the key?
View Replies !
View Related
Understanding Query Cache
when using the search on one of our sites, it takes 4-5 seconds to return a result but if I immediately search for the same thing again it returns instantly due to the Query cache which is great. What seems strange is that 15-30 seconds later it ignores the cache and runs the same query again for a result. Is that normal? It seems like the Query Cache should maintain the query and result until the query cache runs out of memory and starts dumping the oldest records.
View Replies !
View Related
Understanding Stored Procedures
I've never used stored procedures and need to understand what they are exactly. I want to know if a stored procedure can do this: Looking at the picture above, is the stored procedure table placed in the database? I'd like a way to access the average ratings fast without bogging down my server. For instance, if the averaged ratings table is updated once an hour even once a day, I'd be happy. I just don't want the averages being calculated everytime any user wants to see another users average. Note that I may not need all of the users ratings all the time. I may just need one, five, or ten at a time. Think of these averages as the star ratings each book has on amazon.com. Their servers would crash if they had to keep calculating the exact star rating for each book. Is this what stored procedures do? Someone please shed some light on the subject.
View Replies !
View Related
Need Help Understanding Error Message
I'm not terribly experienced with databases. Can someone tell me what's wrong with this query? I've included the error message below - I'm not sure what it's telling me or how I fix it. CREATE TABLE saClient( clientID INTEGER UNSIGNED NOT NULL , firstName VARCHAR NOT NULL AUTO_INCREMENT , middleName VARCHAR NULL , lastName VARCHAR NULL , address1 VARCHAR NULL , address2 VARCHAR NULL , city VARCHAR NULL , state VARCHAR NULL , zip VARCHAR NULL , birthday VARCHAR NULL , ssn VARCHAR NULL , fax VARCHAR NULL , email1 VARCHAR NULL , email2 VARCHAR NULL , phoneCell VARCHAR NULL , phoneHome VARCHAR NULL , phoneWork VARCHAR NULL , phoneOther VARCHAR NULL , emergContactName VARCHAR NULL , emergContactPhone1 VARCHAR NULL , emergContactPhone2 VARCHAR NULL , emergContactRelationship VARCHAR NULL , sex TINYINT UNSIGNED NULL , notes TEXT NULL , STATUS TINYINT UNSIGNED NULL , PRIMARY KEY ( clientID ) ) MySQL said: Documentation #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'NOT NULL AUTO_INCREMENT, middleName VARCHAR NULL, lastName VARCHAR NULL, ' at line 3
View Replies !
View Related
Understanding Someone's Database Ideas
I have been assigned a challenging job of redesigning the front end and maintaining an eCom site for perfumes. The site is backed by mySQL and runs PHP. I have used databases (Access, MySQL) in projects but am not an expert with databases. I have my first challenge as to understand the previous developer's idea in creating that vast database (60 tables) for all the site functionality. It has everything from product lists, order management, discounts, popups, etc. There is no documentation developed for the database and I need to go through every table and its columns to understand their scope. I am totally meshed up as the columns are not well organized (I feel I have a better organizing than the guy developed this). Then I thought of having a graphical diagram of the tables linked each other will help and tried MicroOLAP - graphical representation tool for the tables (http://www.microolap.com/products/da...ysql-designer/), but as the tables are not having relationships, I am not able to get what I needed. Could any one have such experience in reading other's ideas about a database and used any tool to show at least the foreign keys in the tables in a graphical way?
View Replies !
View Related
Replication :: Understanding Master & Slave Servers
Can anyone share their experience with replication? In particular I'm wondering how fast (or how slow?) replication occurs. Could I pull off the configuration below? For example, if a person places an order on our site, the update is sent to the master server. Can that update be replicated to the slaves before the browser is taken to a reciept page (which is queried against the slaves)?
View Replies !
View Related
Trouble Understanding Returned Resource Logic
I am unable to access a resource using "mysql_fetch_row". There is a resource present after executing a query, I've verified this. The results of "mysql_num_fields" is 2 (which is correct there are two columns in the table) and the results of "mysql_num_rows" is 0. Now how can that be? No rows yet two fields. With zero rows, my "mysql_fetch_row" function will not work. So, what's up with this? Any comments or ideas?
View Replies !
View Related
Passwords & DBI/DBD
I installed the current stable release of MySQL from RPMs. I used the client and server packages. After installing the server package, the RPM printed a note saying I should run two commands. I only got the first one, which was # ./mysqladmin -u root --password I assume this gave the root user a password. I then downloaded and proceeded to compile the Perl DBI and DBD:mysql packages. The DBI package installed fine after I also installed the "MySQL-devel" RPM. Code:
View Replies !
View Related
Where Passwords Are Kept
I am just starting out using mySQL. I created some databases and tables and installed mySQLcc to ease my usage. After about 4 months, I've needed to make some changes that needed root access. I appearantly wrote down the wrong password so I couldn't make any changes. In the process of trying to change the password I think I changed it again and unsynced mySQL and mySQLcc because now I can't access any of the databases with any user. Although I can still open mySQLcc, it can't connect to the database. I get access denied no matter what I do. Is there a way to clear the passwords and start over? Where are the passwords kept? Or do I have to remove mySQL and reinstall it and start over?
View Replies !
View Related
Inserting Passwords Into DB
I have a couple of questions concerning the insertion of encrypted passwords into a mysql database (4.0) first, some admins seem to think it's a good idea to feed the password in plaintxt to the db and have the db encrypt and store it. I tend to think this is less secure seeing as there is no seperation between the data and the encrypt/decrypt so therefore encrypt the password beforehand and I want to insert nand retreive it that way. What type should I be using with the store, and what's the best way to store and retrieve it with that type?
View Replies !
View Related
My.ini :: Add A Line To Old Passwords?
I read about the problems related to the usage of phpMyAdmin und mySQL > 4 because of the password. It was written everywhere to add a line 'old_passwords' into the my.ini configuration file. I have no clue what file (and where it is) I have to change on a os X installation. Who could give me a hint?
View Replies !
View Related
Users Passwords
I use the windows mysql connector 3.51 to connect to a mysql database on a linux server. I also have local library on the windows station that supports sha type encryption. What I'd like to do is encrypt the userid and passwords entrys locally with this library and still connect to linux server but have not been able to. What is the default encryption that mysql uses for passwords ? I did read about the password function and it did mention a bit about sha but I'm still unable to match the encryption locally.
View Replies !
View Related
Best Way To Store Passwords
I've written a windows based from end for a mysql database that will work across a local intranet, it stores usernames and passwords for a reporting system, what is the best way to store the passwords int he db? i.e encrypted or?
View Replies !
View Related
Passwords / Authentication
I have just started messing around with MySQL and something I find weird is that we connecting using localhost, if I supply the password, it will not authenticate...if I leave the password off, it's fine.If I connect from another machine, it requires the password or it will not authenticate.Is that normal?
View Replies !
View Related
Transferring Passwords
I tried doing a search but did not find the answer I was looking for. I just redesigned the database that I had created a few months ago. I broke my one single table up into multiple tables. My problem is that in my old large table I had a password column that is populated by using Password(). Is there a way for me to transfer the info from that column to my new broken down table set? I did not create a new database when I broke up the large table, I just built my new tables around it so they are all stored in the same database. I'm not sure if that makes a difference or not. Is it possible for me to just copy and paste the info from one of the fields into the new table? Or will that break the encryption?
View Replies !
View Related
Encoding Passwords In MySQL
I am developing a database application in which I store usernames and passwords. Naturally I want to store the passwords in an encrypted form. However, just like you see in many web applications, I want to be able to email the users password back to them should they forget their old password. I looked at how to store the password data in MySQL and they recommend using MD5 or SHA. Both of these appear to be one way encryption routines. IOW once I encrypt and store the users password there is no way to unencrypt it. How can I store passwords in my SQL database such that I can convert them back to plain text when the user requests them?
View Replies !
View Related
User Accounts With Passwords
I am able to connect to the database using users that are not password protected. After updating privileges to use passwords and changing login info(in a php document) I recieve the following error from the php document: Warning: mysql_query(): Access denied for user 'ODBC'@'localhost' (using password: NO) in c:inetpubwwwrootgindex.php on line 9 Warning: mysql_query(): A link to the server could not be established in c:inetpubwwwrootgindex.php on line 9 I am attempting to connect as 'test'@'localhost' with the password 'test'. If I remove the password, I can connect no problem.
View Replies !
View Related
Transferred DB, Now Passwords Not Working..
We just switched hosting companies and transferred 3 of our DB's from the old server to the new. Everything seemed to go alright. Our sites are reading from the DB's however none of the users from our DB can log into the website. When a user signs up to the site we use the MYSQL PASSWORD() function to enter the users passwords into the DB.
View Replies !
View Related
Mod_auth_mysql Or Mysql Usernames And Passwords
I'm writing a web app that needs a login page. I'm doing the dev on a windows box although the final version will go on a Linux box. I can't find any versions of mod_auth_Mysql precompiled for windows and have no idea about compiling c.source on windows (or anything to do it with). Is there a good reason I shouldn't store hashed password in MySQL and call them from Python scripts instead of using the apache auth module directly?
View Replies !
View Related
Hide Mysql Usernames And Passwords
I'm trying to have people access a secure mysql database. If they get to a certain webpage, they have clearance to access the database, and we have one password and one username (that the users do not know). Does anyone know how to have it so the people cannot see the cgi script to access the database?
View Replies !
View Related
Passwords, Permissions, And Blank Users
I have Apache 2 server, PHP5, and the latest MySQL installed on my system. I'm currently reading PHP and MySQL for Dummies (I told you I was a newbie) and trying to work through a few of the examples.One thing I noticed when I looked at the "users" table in the "mysql" database is a blank user with all privileges on localhost. I deleted that entry, set a password for my "root" account, and created another account with a non-blank password. The problem I am having is that I am trying to connect to the database as "root" with a blank password, and it's still working. I then tried a blank user, and it worked. I tried a random assortment of letters and numbers, and it worked.
View Replies !
View Related
Security For Shared Server.xml Passwords
I have an ISP that has the server.xml in a shared environment. The server.xml file is where my password is available for database access under connection pooling. I really would like to use connection pooling. Does anyone know how I can protect my password from being viewed by others using the same server.xml file? I cannot get the administrator to change the protection of the file because others in the shared environment need to be able to view it.
View Replies !
View Related
Can't Add New Users & Passwords To Grant Table
I am running MySQL 4.1.7 on my Windows XP system. I can create databases, ect. on the command line, but when I try to run a PHP script I receive the 'Access denied' error message. I have tried using the Grant command to add a new user but nothing comes up when I show SHOW GRANT except the root user. How do I add the new users for running the PHP script?
View Replies !
View Related
PASSWORD() Function :: Not Matching Passwords
I'm writing a login.php script for my web site and am encountering some problems matching the password of the user logging in. Here's some of my code where I believe the problem to be: $query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=PASSWORD('$p')"; echo($query); $result = mysql_query ($query); $row = mysql_fetch_array ($result, MYSQL_NUM); if ($row) { // Start the session, register the values & redirect. session_start(); $_SESSION['first_name'] = $row[1]; $_SESSION['user_id'] = $row[0]; header ("Location: [url]http://"[/url]; . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/loggedin.php"); exit(); } else { $message = '<p>The username and password entered do not match those on file.</p>'; } mysql_close(); } else { $message .= '<p>Please try again.</p>'; } } I keep getting my error message "The username and password entered do not match those on file" listed above in the conditional. The server doing my hosting is running MySQL 4.1.14 - standard. The test login script that is getting passed prints out as follows: SELECT user_id, first_name FROM users WHERE username='test' AND password=PASSWORD('test1') Am I doing something wrong with the PASSWORD() function?
View Replies !
View Related
User Passwords Lost On Reboot
Server 2003 | IIS6 | MySQL 4.1.14-nt-max | phpMyAdmin 2.6.4-pl3 Apart from root, I have only 6 databases and whenever I reboot the server, I have to reset the passwords on 4 db's (using phpMyAdmin). Checking the mysql db, user table I note that the 4 that are causing problems have an asterix *preceding the encrypted password. The passwords that do not change were set with the help of a friend using SQL statements.
View Replies !
View Related
Password Encryption To Store Passwords
What I'd like to do is have an html login page using php to process the request, and then compare the input strings to a username & password stored in a SQL table. My question is though, what is the best way to store the password in the mySQL table. Is it better to store it as an encrypted value, and can I do this?
View Replies !
View Related
People Store Passwords In Database
i used to store the password in database using md5() function but there is no way to retrieve the password back. Now i want to know that - is it standard and secure way to store password? is there any other technique to store password so i can retrive it back?
View Replies !
View Related
Packed Passwords In Command Line Programs
I think this is a trivial newbie question but can only be answered by a guru. In command line programs, why should passwords be packed with the parameter name? For example for mysqlimport one would write the command like that: mysqlimport -u user -ppass Why not just mysqlimport -u user -p pass ?
View Replies !
View Related
Back Up And Restore Field Containing Encrypted Passwords
I am using a web application that stores information about users in a table (username, password, address etc.). The password is encrypted (MD5). I backed up this database using mysqldump -u -p database >db.sql and restored the table on some other machine. My first machine is RHEL4 running Mysql 4.1 and new machine is RHEL5 running Mysql5. After restoration, I am unable to login to the users through web application. Is there an option to backup and restore tables containing fields with encrypted password information.
View Replies !
View Related
MySQLAdmin :: Store Passwords Option Enabled
I've created a scheduled backup job with MySQL Administrator (1.0.20, MySQL 4.1.11, Windows Server 2003) and it fails with: Cannot connect to MySQL Server. Access denied for user 'root'@'localhost' (using password: NO) (Error Number 1045) The 'Store Passwords' option is enabled. Why isn't it using the password?
View Replies !
View Related
Binary Column Types / Hashed Passwords
I'm building an asp.net application using MySQL as the database. I've created a table to store usernames and passwords. During user creation and authentication - i'm presenting the db with a hashed password value. When a hashed password is stored in a db - how should it appear in the table? In the MySQL table I'm using to store username and passwords, it appears as system.byte[]. The data type is defined as varchar(16), binary. The field is not behaving as it should during authentication - as long at I enter a valid username, the system authenticates me despite a correct or incorrect password value. Can anyone help me to define the appropriate column type? My application works fine w/ MS SQL but fails w/ MySql. In MS SQL the field is described as:[PWD] [binary] (16) NULL
View Replies !
View Related
Repost:Binary Column Types / Hashed Passwords
I'm building an asp.net application using MySQL as the database. I've created a table to store usernames and passwords. During user creation and authentication - i'm presenting the db with a hashed password value. When a hashed password is stored in a db - how should it appear in the table? In the MySQL table I'm using to store username and passwords, it appears as system.byte[]. The data type is defined as varchar(16), binary. The field is not behaving as it should during authentication - as long at I enter a valid username, the system authenticates me despite a correct or incorrect password value. Can anyone help me to define the appropriate column type? My application works fine w/ MS SQL but fails w/ MySql. In MS SQL the field is described as:[PWD] [binary] (16) NULL
View Replies !
View Related
|
TRACKER
