PHP :: How Do Remove A User From MySQL.user?

PHPmyadmin Access Denied For User 'user'@'localhost'
WinMe machine as server, with Apache 2 installed and working PHP4 installed and working ( had PHP 5.05 installed and working, but i couldnt get the mysql extensions to load - phpinfo() didnt list mysql :(, so i installed PHP4, which now lists mysql when i run phpinfo). MYSQL 4.1 installed and working. I dont know the console commands too well, but i know its working ok, cos I have used a few simple DOS prompt commands to check its alive and I can connect to the database using MyODBC frontend/driver 3.51 and also using Navicat 2004.

When i try to connect to the database via PHPmyadmin from another network PC I have an error:

#1045 - Access denied for user 'user'@'localhost' (using password: YES)

I have played around alot with different settings in the config.inc.php file.... nothing seems to work.

This almost appears to be a simple login problem ( probably is too), but I can access the database locally from the Winme machine with the username and password that wont work over the network!

I have tried not using 'localhost' as the host name but the IP address of the Winme PC but I get this error:

#1130 - Host 'MYSERVERNAME' is not allowed to connect to this MySQL server

Notice: Use Of Undefined Constant User - Assumed 'user'
I have a script for a shopsystem on a Linux. There it works fine.
But when I try to run it on my Windows machine, PHP says things like

Notice: Use of undefined constant dbname - assumed 'dbname' in
c:apachehtdocsaposhop estshopclassesxxx.clas s.php on line 77

On Windows I run PHP 4.3.2
On Linux runs PHP 4.3.1

Authenticating User Common User Names
I want to create a password protected page with PHP and Mysql. I have 2 groups User and Admin. The respective groups have a common user/password. The user/password are stored in a database. I want to authenticate the user through a login form and not through a pop-up ($PHP_AUTH_USER) way.

What I want is, if a user logs in and he moves from one page to another, he should not be asked for validity again. Is this possible only with scripting (without session and $PHP_AUTH...). If yes - how do I keep track of an authorised user and unauthorised user, so that he should not be validated again. Does setting the user variable to global in all the pages do the trick.?

User Authentication And PHP Saving As Specific User.
the users of my server had to upload their pages by sftp and only the user who uploaded a page was able to edit itafterwards.

I've been asked to make a secure way for users to log on through the web and edit their pages online. However, although using .htaccess to authenticate users, the script saves as user 'nobody' and is not able to edit pages previously uploaded (and saved as user 'john_doe'). What I am trying to do is make the script save using the same username as the user used to log on.

Fill Fields When User Selects User From DB
I have a field with a selectbox which contains a list of client names and several other fields which display information from the DB.

I need to be able to make the fields change to the appropriate information when a user is selected from the select box. Can anybody please give me an example of a bit of code that will do this?

PHP, MySQL User Rights With LDAP?
I´ve got several MySQL Databases running on a Linux 8.1 Server. User
rights and access to those databases are made by MySQL Database
rights. On the other side I´ve got some applications that are running
with permissions over a LDAP server.

Now - is it possible, to organize my MySQL Database User-, table-, and
access rights over that LDAP Server at once?

If its possible - has anybody found a documentation for sth like that
- or example configs?

PHP Script To Register User In MySQL
I am wondering is there any site or documentation on how we can write PHP script so that the user can regiter them selves and get a passowrd in their e-mail address. Then they maintain their own table (select, Insert, Delete etc).

Limiting User Mysql Entries
I have a script i'm making which is going to be used to search for reciprocal links on different sites and I have user levels such as free, paid, ect... I want to make it so that if the person signs up as a free user they can only add like 2-3 domains to be searched for their links. How would I limit the number of domains allowed to be searched? Would I limit the number of mysql entries allowed in the table for the domains?

Check Mysql Database For User
Im trying to check if a user exist in database table only if another check =YES:

$sql="SELECT * FROM my_members WHERE my_private=$my_private AND my_id=$my_id";

$my_private should = 'Yes' or 'No'.

If 'Yes', i need to run another check....

$sql="SELECT * FROM my_favorites WHERE my_id=$my_id AND my_uid=$sessionuser";

This check should check to see if $sessionuser exists in my_favorites.. How can i make the first one call the second only if $my_private=Yes? Or is this code even correct?

Updating User Information Php/mySQL
im fairly new to the incorporation of php and mySQL and i am looking to start off by making a user info database that will hold contact information as well as a username and password field. below is the code for the site i want to use to allow the user to "update" their info. My problem is when i click the link to "edit" info after the user has logged in, the page displays blank. Code:

PHP/MySQL And Secure User Submissions
A project I'm working on involves allowing users to submit content (text/URLs, mainly) via form, which will be added to the same database as approved content (with an "unapproved" status). However, due to my relative ignorance with PHP, I'm hesitant to do this without more info regarding how to prevent abuse/exploitation of the system.

Allow The User To Sort A Mysql Result
So what i got going on is a database that has, things about a video game, including the image location. what i want to do is have a nav bar up top, so the user can select a differnt way of sorting the mysql result, from like ASC to DESC, or sort by genre.

Automation - User Management - Update MySQL
What I'm trying to do is design a user management page that will allow me to update the status of a user's account with the click of 1 or 2 buttons.

Preferrably the design is this, My script queries the database and returns results on users that are not activated. That part is done, what I would like to do is on the end of each row (user) have a radio button each with a value of 1, 2, or 3, which are my account status flags in my database.

What I'm having a problem with is how to get the update button to only update that row without having to send a query for the entire table, or worse yet, only updating the last returned value of my while loop.

What i'm looking for is some pointers on the right direction to look on how to do this. Specifically, I need to find out how to get the data that's printed in each table row into a variable so that I can query the item for that row and update that user accordingly.

Php / Mysql Multi User Concurrency Question
i have some multi user concurrency question.

my process:
- read from db
- process data (might take as long as few seconds)
- save to db

during the above process, there might be some overwriting due to concurency
problem in multi-user environment.

i know innodb table is able to lock row record. beside the using innodb type,
can anyone advise me on other possible suggestions.

Advice On Php/Mysql Application - User Validation
Im rather new to developing mysql/php applications and am after some advice
on handling user validation for a web based system, ive implimented a number
of ways and would like to know which way is better in regards to security
etc, here are the following ways i have implimented this in the past:
a) user submits via form login/pass, mssql db is accessed via a no login
no pass account, and a basic "select from subscribers where user=$blah and
pass=$boo" is implimented, if theirs a result match the user can proceed, if
not they are booted back to the login with an error message.
b) each user of the system has an account in the mysql/user table, set
up via grant statements via a system admin, so then you can do a direct
login to the database with the users submitted info, if the connection is
granted then the rest of the subscriber info is pulled out of a second table
in the applications own database, linking the two tables on unique login
names. if allowed to make a database connection, the user can access the
rest of the site, if access is denied, they are booted back to the login
screen.

for both of these methods i store the submitted user/pass info in session
variables, and this info is verified on every page by an include file, is
this a good idea? or would it be wiser to use a variable that can only be
set when a successful login in is made, then to check if that variable
exists instead? (doing this so that no one can simply go
http://www.etc -etc/mypage.php)

My questions on these methods are:

a) is it a good idea to set up a database that doesnt require a user
to actually log into it, ie to check to make sure the users info is correct,
an account must be setup for anyone to access to check if the login info is
correct, because if they cant access the database how can they have their
login/pass validated? I have a feeling that employing that method simply
isnt very secure.

b) is having a large number of accounts in the user table of the
mysql db a safe way to go? this way i can enforce security through mysql
itself ... if the user doesnt have 'granted' access to the database, they
get no access, mysql is performing this validation for itself.

User Defined Function - MySQL Queries
I am trying to write a function that builds list of different query results, but the mysql_fetch_assoc function isn't working properly within my function. If anyone cares to take a gander and let us know what I may be missing. Code:

How To Control Access To Specific Mysql Records For A User
I am just trying out a php form, when posted submits data to database. The system is we allow everyone to submit the form. As administrator I can view and edit the records. But whoever submits the form should be a registered user and he should be able to only view his records but not edit.

What To Use In PHP To Make User Input Safe For MySQL Query?
I believe that you want to escape certain characters in a query, like quotes, backslash, semi-colon, etc. Is there a function in PHP to do all this for you and make the string safe to use as a query string?

Mysql ERROR 1045 Access Denied For User
when i run mysql ,display follow information:"ERROR 1045: Access denied for user: 'root@localhost' (Using password: NO)",but i never set password before,i can't solve it.

PHP / MySQL Online Status For User Authentication System
I'm working on a user authentication system. My problem is with an "online status" element. So far, I have that when the user logs in, a field in my members MySQL table, called loggedinstatus is set to 1. This means that that certain user is currently logged in.

The problem is, is that the only way that loggedinstatus is set to 0 (the user is not logged in) is when the user clicks the logout link. If the user just goes to another website or closes his or her browser, the loggedinstatus is left at 1. How would I get around this problem?

Taking Date Of Birth From User And Sending It To A Mysql Database
i have created a form that takes a users date of birth as 3 seperate values $day $month and $year i do not know how to combine these values into a single value called $dob.
I tries using just a singal value to take the date however it did not work, even after I had formated my database.

Running PHP/Apache On A User Mode Linux Machine, Where To Stick Mysql?
I hope no one minds me running this past them.

I'm running a linux machine with with apache, php and mysql. This is not
accessable from the internet. I want a server that is visable to the
internet. For that purpose I am running a user mode linux machine and using
apache on that as the external looking web server. This means that stuff I
want to see on the outside is on a copy of apache that is doing little and
does not get messed around with as much as my main copy of apache.

I am not using mysql with it at the moment. If I do am I better running
mysql on the user mode machine or running a second copy of mysql on a
different port on the 'main' machine. I'm beginning to think the latter
has advantages.

Warning: MySQL Connection Failed: Access Denied For User: 'root@localhost'
I am new in MySql & PHP3. I have downloaded php3 and extracted it. Not sure what to do with the config.inc.php3 file. I get the following error:

Warning: MySQL Connection Failed: Access denied for user: 'root@localhost' (Using password: NO) in lib.inc.php3 on line 255

Warning: MySQL Connection Failed: Access Denied For User: 'username@localhost'
I just installed the latest versions of apache, mysql, and php, and I have a script i made to just connect to the database, but I get an error such as:

Warning: Access denied for user: 'username@localhost' (Using password: YES) in c:pathofapachehtdocsmysqlconn.php on line 7

Warning: MySQL Connection Failed: Access denied for user: 'username@localhost' (Using password: YES) in c:pathofapachehtdocsmysqlconn.php on line 7
Unable to connect to database

This error is driving me insane. I've tried everything I've found possible answer too. I am a newbie and I am just learning, but I KNOW this should work. Here is my connection script. PHP Code:

User Name
i am going through the process of password protecting a directory using
..htaccess and .htpasswd
Is there a function to get the user name?

Getting User ID
I have a system where a user can log into the members area. Is there a way for the users to edit their profile WITHOUT using session_id? My database table looks like this:

ID, Name, Surname, Address, Email, Username, Password.

In other words, when the person logs in, I want the ID to be dragged with it and available on the members index page on the Edit Profile Link, ie. edit_profile.php?id=35.

Web Server User Name
Probably two really stupid questions and I expect they've been asked before.

1. How do I find out what name the server / php is running under? (nobody or whatever)

2. Is there any reason why I shouldn't be able to chown a directory to this user or do I need to be root?

I'm asking because I don't seem to be able to chown to nobody.

Get User Information
Hi,

how do i get some information about my visitors?
Things like IP, Operating System,used browser, referrer url and so....

User Management
I have PHP 4 installed and am wondering what is the best way to handle users. Should I use cookies or the built in session management in PHP 4? Are there any tutorials on any of these?

User Authentication.
I got the following script from the PHP4hosting site, it was done by devshed. I am trying to use it but it doesn't accept any of the usernames or passwords I enter, any ideas why pls?

<?
function authenticate()
{
Header( "WWW-authenticate: basic realm='MySQL/PHP Demo'");
Header( "HTTP/1.0 401 Unauthorized");
echo "You must enter a valid login ID and password to access this resource
";
exit;
}
if(!isset($PHP_AUTH_USER) || $PHP_AUTH_USER=="" || $PHP_AUTH_PW=="")
{
authenticate();
}
else
{
mysql_connect( 'localhost','user','pass');
mysql_select_db("users");
$result = mysql_query("select * FROM users where name = '$PHP_AUTH_USER' and password='$PHP_AUTH_PW'");
$row = mysql_fetch_array($result);
if ($PHP_AUTH_PW!=$row["password"] || $PHP_AUTH_USER!=$row["name"]) authenticate();

}
echo "User ID :".$row["id"];
?>

What User Does Php Run As On Win32
I need to know what user php runs as on win2k/iss 5 installed as cgi.

Basically what i'm trying to do is modify files on another server with php, and I can't figure out what user needs access to those files/directories so php can get at them.

Use Php Add User In Linux.
Can I write php script to add user in linux? Is it has security hole if this script run under SSL?

Apache User Through Php Possible?
As a part of a "system test" page I'm writing, I want to find out what user that apache is running for the virtual host that it is running.

Ex:

(from apache's conf file)
DocumentRoot /home/ron/public_html/
User ron
Group ron

I want to find out that the virtual server is running as user "ron".

Retrieving NT User ID
Does anyone know how to retrieve the NT user id that someone is logged in as?

System is running IIS. Have tried HTTP_AUTHENTICATION but that doesnt appear to work under MS - unless someone knows a works around.

Alternatively - how can I retrieve a UNC pathname for a specific drive mapping.

User Registration In A DB
I am creating a web application which involves users registering
details in a DB. Obviously this is a very common thing to do and there
seem to be many different ways to solve this problem.

1. Is there a way to do this without needing to hard code DB login
details into the source?
2. Is it better practice to create individual DB users for new members
when they register and use DB authentication, or should the DB
connections all be through a single user and use code to check a table
containing user name and password hash?
3. Is there a way to create a connection pool in PHP?

User/Pass In URL
Hello all,

I am trying get one server to authenticate to another server possibly with a
browser window in the middle.

My browser throws a syntax error at this url
http://username:password@domain.com:2082 but will allow the same with ftp -
ftp://username:password@domain.com

I want to have a page that has login buttons for remote sites (hosting
client sites and the like).

I understand that with "AuthType Basic" the server sends a request for login
information (403 or something like that). The browser subsequently sends the
user/pass on every other request for a page/resource on that site.

Is there a way to do this in advance?

ie can I do something like this in html ? ..
<form action="http://theirdomain.com:2082" method="post">
<input type="hidden" name="user" value="username">
<input type="hidden" name="pass" value="password">
<input type="submit" value="Your cPanel">

If not then can I proxy it on the server? ie can I place the username and
password into the headers to the remote site and pass a cookie back to the
browser so they can continue the session with the remote site?

User Access
Can anyone help me with user access? I want to have different levels of access for users. For example; when I create accounts for users to og into my websitem, I want to be able to specify the level of access they will have. Let's say user A can access pages 1,2&3 and user B can access pages 3,4&5. I would like to have check boxes that I can check to allow them access to the specified pages!

Redirecting A User
I am looking to create a directory when a user logs
in, and have that user redirected to their page logon.
I have this script, which I haven;t implemented, but
I would like your opinion.

<script>
// Define the URL for when the user is logged in
$url = 'http://' . $_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']);

// Make sure there is no trailing slash
if ((substr($url, -1) == '/') OR (substr($url, -1) ==
'') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}

// Redirect to the page at logon
$url .= '/' . $_POST['username'] . '.php'
</script>

How Do I Set Up User Accounts?
I am building a Lab Information Management system. I am trying to give access to some of the data in my MySQL DB to users.

I would like for a user to be able to log in and view any of the data that pertains to his/her projects only. This needs to be pretty secure as we have some external customer information which is sensitive. (but not top secret).
The specific question I have is, how do I build such limited access? Do I use the user_id (primary key in the user table) stored as a variable and use session management to move from page to page? How secure is that? Would it be better to use secure cookies? Either way I take it that the user_id is stored as a variable and used in the sql query to restrict the dataset? Is this a secure way of doing things or could some unscrupulous hacker come along and steal my data?

User Authentication
I am using my webhost's username and password system, which generates .htaccess and .htpasswd user verification (Bluehost).

I want users to login to the password protected subdirectory (let's say www.example.com/clients/) with the browser's default login dialog box, which is all automated by Apache and the web browser...

But once they are logged in, I want the target page (www.example.com/clients/index.php) to read the username that they logged in with and redirect them to a subdirectory with that name (www.example.com/clients/username/). Is there a way for PHP to read the username that they logged in with through Apache? Perhaps some kind of HTTP request that will return the username as a variable?

User Details
building a login system for my website and i need to know how do i get the name of the computer the user is on? i have already figured out how to get the ipaddress but testing that on our network here if i login on one computer all others get logged on automatically so i need to be able to identify the particular computer so as to prevent this.

User Accounts
I'm desigining a website using php/mysql which has user areas for clients to upload information and details into their respective user areas.

Each user will have their own directory in the site based on their own database with the exact same tables, fields etc, the only difference is the 'connection.php' will be different for each user as it will connect them to their respective database.

I then plan to have a login based on a members table which will redirect user/pass combinations to the relative directory.

What i want to know is, is there a way that insteadof having seperate directorys for each user, when they login the respective 'connection.php' can be loaded for the user eliminating the need for directorys for eachj user.

Validate User Name
I need to validate the characters in a user name. what PHP function can i use to check if the user name has only letters, numbers and/or underscores.

Validate User
I have a web page that cost(been worth) the user and password against mysql,
which happens is that the users give themselves the login and password and several persons enter with the same information. It(he,she) wanted to do that alone it(he,she) could deposit one simultaneously using the same login ...

User Authentication
I am starting to develop a scientific website, deployed on a Linux-based Apache web server, using PHP and mySQL to display interactive web pages. I would like to create both public and private sections of the website - the private sections policed by some kind of user authentication login system.

I was wondering if anyone can recommend a good system for controlling username/password authentication and user sessions in PHP? I understand that there are some freely available scripts out there which can handle this for you and provide administration pages where you can add/remove users etc.

User Online
I need to be able to tell and post it out to a web page when/who is on my website. There is a login screen, a members mysql database, and the rest of the site is php.

Random User ID
I have a site that tracks users via cookies. The user ID is stored in the cookie and I reference it through an SQL database. In the preliminary site, I just had a ID (BIGINT) that counted up from 1. Now the site is ready to launch and I feel that it is a security hole. I only have a couple of hours to change this but I only need to change a couple of things - I just need to know how to:

1. Generate a random number using numbers and letters that is 20 digital long in PHP - I can then take that random number and generate the cookie and enter it into the database.

2. What do I need to have as a feild definition in mySQL - will a VARCHAR(20) work?

How Do Remove A User From MySQL.user?

How do you permanently remove a user from the MySQL database. Delete from MySQL.user where user="Unwanted User"; just seems to ignored.

How do you permanently remove a user from the MySQL database.

Delete from MySQL.user where user="Unwanted User";

just seems to ignored.