subject:"\[PHP\] mysql_connect noob question"

Re: [PHP] mysql_connect noob question

2013-04-24 Thread Richard Quadling

Completely different function call().

mysql_connect() - the port is part of the host.

*server*

The MySQL server. It can also include a port number. e.g. "hostname:port"
or a path to a local socket e.g. ":/path/to/socket" for the localhost.

If the PHP directive
mysql.default_hostis
undefined (default), then the default value is 'localhost:3306'. In
SQL
safe mode , this parameter
is ignored and value 'localhost:3306' is always used.


mysqli_connect() - the port is a parameter.



I think you got the answers to the question you asked.




On 23 April 2013 18:14, Jim Giner  wrote:

> On 4/23/2013 10:39 AM, Glob Design Info wrote:
>
>> Well all, it turns out the *correct* answer to my question, which no one
>> answered, and which only degenerated into a kindergarten-like argument is:
>>
>> "You need to add the port # to the *end* of the mysql_connect() call".
>>
>> i.e.:
>>
>> $link = mysqli_connect( $host, &user, pass, $database, $port );
>>
>> Glad to see the maturity level of posters on this list, as in most of IT
>> these days is that of a bunch of squabling 5-year olds.
>>
>> On 4/23/13 5:47 AM, Tedd Sperling wrote:
>>
>>> On Apr 21, 2013, at 3:33 PM, Glob Design Info 
>>> wrote:
>>>
>>>  What question did I not answer?

>>>
>>> That proves that you're not listening -- you are total waste of time
>>> for anyone trying to help.
>>>
>>> Welcome to my ignore file.
>>>
>>> tedd
>>>
>>> _
>>> tedd.sperl...@gmail.com
>>> http://sperling.com
>>>
>> Tedd - you got off easy on this post.  You should have seen the shouting
> tirade I received offline from this guy.  What a putz!
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>


-- 
Richard Quadling
Twitter : @RQuadling
EE : http://e-e.com/M_248814.html
Zend : http://bit.ly/9O8vFY

Re: [PHP] mysql_connect noob question

2013-04-23 Thread Jim Giner


On 4/23/2013 10:39 AM, Glob Design Info wrote:

Well all, it turns out the *correct* answer to my question, which no one
answered, and which only degenerated into a kindergarten-like argument is:

"You need to add the port # to the *end* of the mysql_connect() call".

i.e.:

$link = mysqli_connect( $host, &user, pass, $database, $port );

Glad to see the maturity level of posters on this list, as in most of IT
these days is that of a bunch of squabling 5-year olds.

On 4/23/13 5:47 AM, Tedd Sperling wrote:

On Apr 21, 2013, at 3:33 PM, Glob Design Info 
wrote:


What question did I not answer?


That proves that you're not listening -- you are total waste of time
for anyone trying to help.

Welcome to my ignore file.

tedd

_
tedd.sperl...@gmail.com
http://sperling.com
Tedd - you got off easy on this post.  You should have seen the shouting 
tirade I received offline from this guy.  What a putz!



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-23 Thread Glob Design Info

Well all, it turns out the *correct* answer to my question, which no one 
answered, and which only degenerated into a kindergarten-like argument is:


"You need to add the port # to the *end* of the mysql_connect() call".

i.e.:

$link = mysqli_connect( $host, &user, pass, $database, $port );

Glad to see the maturity level of posters on this list, as in most of IT 
these days is that of a bunch of squabling 5-year olds.


On 4/23/13 5:47 AM, Tedd Sperling wrote:

On Apr 21, 2013, at 3:33 PM, Glob Design Info  wrote:


What question did I not answer?


That proves that you're not listening -- you are total waste of time for anyone 
trying to help.

Welcome to my ignore file.

tedd

_
tedd.sperl...@gmail.com
http://sperling.com


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-23 Thread Tedd Sperling

On Apr 21, 2013, at 3:33 PM, Glob Design Info  wrote:

> What question did I not answer?


That proves that you're not listening -- you are total waste of time for anyone 
trying to help.

Welcome to my ignore file.

tedd

_
tedd.sperl...@gmail.com
http://sperling.com


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-22 Thread Jim Giner


On 4/21/2013 7:35 PM, Glob Design Info wrote:

A very complex solution that takes time to learn, configure, and
install, vs. a single file I can toss on the server.

Over-engineering is what is daft.


As has been pointed out to you - your simplistic approach to this task 
is going to cost you big-time down the road.  When (and it will) the 
credentials to your mysql database get out and somebody(!) misuses them, 
you will be the one called to answer on this security breach.  The last 
creds that you give out in an application are the keys to the kingdom. 
Your usage of the db access values should be confined to a script 
snippet that does the connecting for all scripts that seek data from the 
database.  This snippet is included in those scripts from a folder that 
is outside of your webroot.  Users have their own credentials that, once 
accepted, allow the user to make their requests.  This is just such 
basic security practice, why can you not see it and accept the advice 
you are being given?


As for why your connect statement doesn't work, that is truly a problem. 
 I certainly don't know as much as the people on this group who have 
been trying to help you, but I know enough to listen to them and I know 
the basics of best security practices.  You have spent two days trying 
to get answers to a question that shouldn't be answered.  That's a slice 
of development time wasted.  You need to backup, rework your db access 
and then simply change your current authentication script to use an 
ordinary user id and pswd that steers the users to a script that helps 
them access their data views without revealing to them the connect values.


And personally, I think PHP is the best thing I've ever taken up since 
my first Univac assembler course back in 1971.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread tamouse mailing lists

After all this, the OP remains unenlightened. This is just a waste of time.
"You are doing this wrong." "There are existing tools that do what your
client wants." "A command line tool is not the same as the php library."
are all met with "I don't want to learn, just tell me what isn't working."

Too bad.

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Stuart Dallas

On 22 Apr 2013, at 00:36, Glob Design Info  wrote:

> Ever heard of the MySQL C Connector?
> 
> http://www.karlkraft.com/index.php/2010/06/02/mysql-and-objective-c/

That would be Objective-C, not C.

I have used libmysqlclient extensively, but there's a lot more to a MySQL 
management tool than connecting to a MySQL server and running queries.

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Stuart Dallas

On 22 Apr 2013, at 00:35, Glob Design Info  wrote:

> A very complex solution that takes time to learn, configure, and install, vs. 
> a single file I can toss on the server.
> 
> Over-engineering is what is daft.

Building your house by making your own bricks is daft. Using bricks somebody 
else has built is not.

Or, if it makes more sense substitute a car and inventing wheels.

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info


Ever heard of the MySQL C Connector?

http://www.karlkraft.com/index.php/2010/06/02/mysql-and-objective-c/

:-)

On 4/21/13 4:33 PM, Stuart Dallas wrote:

On 22 Apr 2013, at 00:16, Glob Design Info  wrote:


Except that I want to use my script and form - precisely because I have already 
sunk time into it. I'm not going to sink *more* time into something that could 
potentially create *another* problem.

The idea of sunk time is that it's already been spent, so spending more in an 
attempt to justify the fact you spent it (i.e. to make it work because it's 
already cost you time/money) is daft when you discover a pre-built solution. To 
refuse to investigate it due to a refusal to throw the result of that time away 
is pure stubbornness, a normally expensive path to walk.


I want the script to work - as it should if PHP is 1/2 what it's cracked up to 
be. If not, I'll have to look for another solution (like C which I have been 
using for 20 years).

Am I supposed to care whether you use PHP or not? But sure, let me know how 
much time it takes you to write a web-based MySQL management tool in C. In the 
meantime I'll install phpMyAdmin in five minutes, show it to your client, and 
probably not even charge them for it.

C? Really? Why not assembly language, since the relationship between PHP and C 
is the same as that between assembly and C? Hell, take it all the way to punch 
cards if you want

-Stuart




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info

A very complex solution that takes time to learn, configure, and 
install, vs. a single file I can toss on the server.


Over-engineering is what is daft.

On 4/21/13 4:33 PM, Stuart Dallas wrote:

On 22 Apr 2013, at 00:16, Glob Design Info  wrote:


Except that I want to use my script and form - precisely because I have already 
sunk time into it. I'm not going to sink *more* time into something that could 
potentially create *another* problem.

The idea of sunk time is that it's already been spent, so spending more in an 
attempt to justify the fact you spent it (i.e. to make it work because it's 
already cost you time/money) is daft when you discover a pre-built solution. To 
refuse to investigate it due to a refusal to throw the result of that time away 
is pure stubbornness, a normally expensive path to walk.


I want the script to work - as it should if PHP is 1/2 what it's cracked up to 
be. If not, I'll have to look for another solution (like C which I have been 
using for 20 years).

Am I supposed to care whether you use PHP or not? But sure, let me know how 
much time it takes you to write a web-based MySQL management tool in C. In the 
meantime I'll install phpMyAdmin in five minutes, show it to your client, and 
probably not even charge them for it.

C? Really? Why not assembly language, since the relationship between PHP and C 
is the same as that between assembly and C? Hell, take it all the way to punch 
cards if you want

-Stuart




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Stuart Dallas

On 22 Apr 2013, at 00:16, Glob Design Info  wrote:

> Except that I want to use my script and form - precisely because I have 
> already sunk time into it. I'm not going to sink *more* time into something 
> that could potentially create *another* problem.

The idea of sunk time is that it's already been spent, so spending more in an 
attempt to justify the fact you spent it (i.e. to make it work because it's 
already cost you time/money) is daft when you discover a pre-built solution. To 
refuse to investigate it due to a refusal to throw the result of that time away 
is pure stubbornness, a normally expensive path to walk.

> I want the script to work - as it should if PHP is 1/2 what it's cracked up 
> to be. If not, I'll have to look for another solution (like C which I have 
> been using for 20 years).

Am I supposed to care whether you use PHP or not? But sure, let me know how 
much time it takes you to write a web-based MySQL management tool in C. In the 
meantime I'll install phpMyAdmin in five minutes, show it to your client, and 
probably not even charge them for it.

C? Really? Why not assembly language, since the relationship between PHP and C 
is the same as that between assembly and C? Hell, take it all the way to punch 
cards if you want

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info


Even more strange:

It doesn't work from the form with or without the domain (but on the 
command line it does), but..


IF I add the $_REQUEST access *and* use the user that the *MySQL* 
install has, and *not* the xeround user name (my email), then it *does* 
work!


WEIRD.

On 4/21/13 3:59 PM, David OBrien wrote:

In fact using the @gmail.com part added on gives me the same error as the OP
I think their welcome email needs tweaking.. try it without the domain
added on


On Sun, Apr 21, 2013 at 6:56 PM, David OBrien  wrote:


I should note my user name in this case *is* an email address, however

the dots in that address are *not* being converted to underscores as
mentioned (at least not visibly).


I just created a free account there and the email says my username is
dgobr...@gmail.com
but I connected to it from sqlyog and a php page by using JUST "dgobrien"

";
}
}

?>
Login

UserName*:

Password*:







--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info


SUCCESS!

However.

if ( $_REQUEST['Submit'] ) {

makes it work (using my own form button ID).

Why it doesn't work without this on my machine is beyond me. But it doesn't.

Could it be somehow there is something about accessing the $_REQUEST that 
changes something?

I am baffled as to the cause, but anyway it does work now.

Thanks for your help.

On 4/21/13 3:56 PM, David OBrien wrote:

I should note my user name in this case *is* an email address, however

the dots in that address are *not* being converted to underscores as
mentioned (at least not visibly).


I just created a free account there and the email says my username is
dgobr...@gmail.com
but I connected to it from sqlyog and a php page by using JUST "dgobrien"

";
}
}

?>
Login

UserName*:

Password*:







--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info


Tried that. Still didn't work.

I appears to be the port.

On 4/21/13 3:40 PM, Stuart Dallas wrote:

On 21 Apr 2013, at 23:01, Glob Design Info  wrote:


I should note my user name in this case *is* an email address, however the dots 
in that address are *not* being converted to underscores as mentioned (at least 
not visibly).

This could be the culprit. Try using a username without an @ in it.

-Stuart




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info

Except that I want to use my script and form - precisely because I have 
already sunk time into it. I'm not going to sink *more* time into 
something that could potentially create *another* problem.


I want the script to work - as it should if PHP is 1/2 what it's cracked 
up to be. If not, I'll have to look for another solution (like C which I 
have been using for 20 years).


On 4/21/13 3:37 PM, Stuart Dallas wrote:

On 21 Apr 2013, at 22:43, Glob Design Info  wrote:


Except that a) I already have my form and script done, b) don't have time to 
learn phpMyAdmin, c) want to know why the script doesn't work as-is.

You have multiple database users who will need to do this, or just one database 
user? If just one then it makes more sense to hard-code the username and 
password in the script and use something else like HTTP authentication to 
protect the script from unauthorised users. Giving internal database 
credentials to external users is generally a really really bad idea.

Also, consider the time it will take to learn phpMyAdmin (it's simple - 
install, use) against the time it's taking to get your script working. The time 
you've spent developing the script is already sunk so there's no point sinking 
more in an effort to make that already-sunk time worthwhile.

Also, how well tested is your script? I don't know but I can say with absolute 
confidence that phpMyAdmin has been tested far more.

-Stuart




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread David OBrien

In fact using the @gmail.com part added on gives me the same error as the OP
I think their welcome email needs tweaking.. try it without the domain
added on


On Sun, Apr 21, 2013 at 6:56 PM, David OBrien  wrote:

> > I should note my user name in this case *is* an email address, however
> the dots in that address are *not* being converted to underscores as
> mentioned (at least not visibly).
>
>
> I just created a free account there and the email says my username is
> dgobr...@gmail.com
> but I connected to it from sqlyog and a php page by using JUST "dgobrien"
>
>  $host = "instance44364.db.xeround.com:3924";
>
> if ( $_REQUEST['Submit'] ) {
> $conn = mysql_connect( $host, $_REQUEST['username'], $_REQUEST['password']
> ) or die( mysql_error() );
>  if ($conn) {
> mysql_select_db("uwharrie")  or die( mysql_error() );
>  echo "Connected";
> }
> }
>
> ?>
> Login
> 
> UserName*:
>   maxlength="50" />
> Password*:
>  value='mm' />
> 
> 
>

Re: [PHP] mysql_connect noob question

2013-04-21 Thread David OBrien

> I should note my user name in this case *is* an email address, however
the dots in that address are *not* being converted to underscores as
mentioned (at least not visibly).


I just created a free account there and the email says my username is
dgobr...@gmail.com
but I connected to it from sqlyog and a php page by using JUST "dgobrien"

";
}
}

?>
Login

UserName*:

Password*:

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Stuart Dallas

On 21 Apr 2013, at 23:01, Glob Design Info  wrote:

> I should note my user name in this case *is* an email address, however the 
> dots in that address are *not* being converted to underscores as mentioned 
> (at least not visibly).

This could be the culprit. Try using a username without an @ in it.

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Stuart Dallas

On 21 Apr 2013, at 22:43, Glob Design Info  wrote:

> Except that a) I already have my form and script done, b) don't have time to 
> learn phpMyAdmin, c) want to know why the script doesn't work as-is.

You have multiple database users who will need to do this, or just one database 
user? If just one then it makes more sense to hard-code the username and 
password in the script and use something else like HTTP authentication to 
protect the script from unauthorised users. Giving internal database 
credentials to external users is generally a really really bad idea.

Also, consider the time it will take to learn phpMyAdmin (it's simple - 
install, use) against the time it's taking to get your script working. The time 
you've spent developing the script is already sunk so there's no point sinking 
more in an effort to make that already-sunk time worthwhile.

Also, how well tested is your script? I don't know but I can say with absolute 
confidence that phpMyAdmin has been tested far more.

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/

> On Apr 21, 2013, at 12:46 PM, David OBrien  wrote:
> 
>> Not meaning to beat the proverbial dead horse
>> 
>> I am developing a web portal that has to display the tables in the DB via a 
>> form/script. The web page has a login with user and password. Right now I am 
>> just trying to connect.
>> This for a commercial app - the client wants both an API connect via PHP and 
>> a web portal in which they can login from a web page and view the tables in 
>> the DB. Right now I am just trying to get the form/PHP interaction to work.
>> 
>> This sounds like a very good use statement for http://www.phpmyadmin.net/
>> 
>> You can set it for http auth in the config ... they enter a mysql username 
>> and password and they only see the databases and tables you want them to see
>> 
>> Might be easier than reinventing the wheel and stressing all of us :)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread David OBrien

On Sun, Apr 21, 2013 at 6:01 PM, Glob Design Info wrote:

> One other thing I noted in the FAQ was this:
>
> "Dots in incoming variable names
> Typically, PHP does not alter the names of variables when they are passed
> into a script. However, it should be noted that the dot (period, full stop)
> is not a valid character in a PHP variable name. For the reason, look at it:
>
>  $varname.ext;  /* invalid variable name */
>


> ?>
> Now, what the parser sees is a variable named $varname, followed by the
> string concatenation operator, followed by the barestring (i.e. unquoted
> string which doesn't match any known key or reserved words) 'ext'.
> Obviously, this doesn't have the intended result.
> For this reason, it is important to note that PHP will automatically
> replace any dots in incoming variable names with underscores."
>
> I should note my user name in this case *is* an email address, however the
> dots in that address are *not* being converted to underscores as mentioned
> (at least not visibly).
>
>
>
it's says variable NAMES not variable contents

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info

One other thing I noted in the FAQ was this:

"Dots in incoming variable names
Typically, PHP does not alter the names of variables when they are passed into 
a script. However, it should be noted that the dot (period, full stop) is not a 
valid character in a PHP variable name. For the reason, look at it:

Now, what the parser sees is a variable named $varname, followed by the string 
concatenation operator, followed by the barestring (i.e. unquoted string which 
doesn't match any known key or reserved words) 'ext'. Obviously, this doesn't 
have the intended result.
For this reason, it is important to note that PHP will automatically replace 
any dots in incoming variable names with underscores."

I should note my user name in this case *is* an email address, however the dots 
in that address are *not* being converted to underscores as mentioned (at least 
not visibly).

On Apr 21, 2013, at 8:39 AM, tamouse mailing lists  
wrote:

> On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info  wrote:
>> I know this has probably been answered already.
>> 
>> When I pass a user name and password from a form to my PHP script and then
>> pass those to mysql_connect it doesn't connect. When I paste those exact
>> same values into mysql_connect as string literals it works.
>> 
>> Can anyone tell me why this happens?
>> 
>> I know the strings are identical to the literals I try in a test but they
>> don't work when submitted via form.
>> 
>> $form_user = $_POST[ 'user' ];
>> $form_pass = $_POST[ 'password' ];
>> 
>> # Connect to remote DB
>> 
>> $LINK = mysql_connect( $host, $form_user, $form_pass );
>> 
>> And yes, my $host param is correct.
>> 
>> Thanks,
> 
> So, um, look at this gist: https://gist.github.com/tamouse/5430012
> 
> I know this never helps, but 'Works for me!'

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info

Except that a) I already have my form and script done, b) don't have time to 
learn phpMyAdmin, c) want to know why the script doesn't work as-is.

On Apr 21, 2013, at 12:46 PM, David OBrien  wrote:

> Not meaning to beat the proverbial dead horse
> 
> I am developing a web portal that has to display the tables in the DB via a 
> form/script. The web page has a login with user and password. Right now I am 
> just trying to connect.
> This for a commercial app - the client wants both an API connect via PHP and 
> a web portal in which they can login from a web page and view the tables in 
> the DB. Right now I am just trying to get the form/PHP interaction to work.
> 
> This sounds like a very good use statement for http://www.phpmyadmin.net/
> 
> You can set it for http auth in the config ... they enter a mysql username 
> and password and they only see the databases and tables you want them to see
> 
> Might be easier than reinventing the wheel and stressing all of us :)

Re: [PHP] mysql_connect noob question

2013-04-21 Thread David OBrien

Not meaning to beat the proverbial dead horse

I am developing a web portal that has to display the tables in the DB via a
> form/script. The web page has a login with user and password. Right now I
> am just trying to connect.
> This for a commercial app - the client wants both an API connect via PHP
> and a web portal in which they can login from a web page and view the
> tables in the DB. Right now I am just trying to get the form/PHP
> interaction to work.
>

This sounds like a very good use statement for
http://www.phpmyadmin.net/

You can set it for http auth in the config ... they enter a mysql username
and password and they only see the databases and tables you want them to see

Might be easier than reinventing the wheel and stressing all of us :)

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Glob Design Info

What question did I not answer?

I am developing a web portal that has to display the tables in the DB via a 
form/script. The web page has a login with user and password. Right now I am 
just trying to connect.

On Apr 21, 2013, at 7:12 AM, Tedd Sperling  wrote:

> On Apr 21, 2013, at 9:32 AM, Stuart Dallas  wrote:
>> However, a more important question for me is why you are doing this. You say 
>> you are aware of the security implications, and that you'll "deal with that 
>> later," but I question how you're going to deal with it. What exactly are 
>> you developing that requires DB credentials to come from a form on a web 
>> page?
>> 
>> -Stuart
> 
> You and I are asking the same question, but I am afraid the poster is not 
> listening. Instead, he is pursuing a course of action that simply repeats his 
> problem. His focus is on a specific tree instead of the forest. He doesn't 
> want to widen his view.
> 
> Until the poster answers our question, I'm afraid our recommendations will 
> fall on deaf ears.
> 
> Some days you can help and some days you can't.
> 
> Cheers,
> 
> tedd
> 
> _
> tedd.sperl...@gmail.com
> http://sperling.com
> 
> 
> 
> 
> 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread tamouse mailing lists

On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info  wrote:
> I know this has probably been answered already.
>
> When I pass a user name and password from a form to my PHP script and then
> pass those to mysql_connect it doesn't connect. When I paste those exact
> same values into mysql_connect as string literals it works.
>
> Can anyone tell me why this happens?
>
> I know the strings are identical to the literals I try in a test but they
> don't work when submitted via form.
>
> $form_user = $_POST[ 'user' ];
> $form_pass = $_POST[ 'password' ];
>
> # Connect to remote DB
>
> $LINK = mysql_connect( $host, $form_user, $form_pass );
>
> And yes, my $host param is correct.
>
> Thanks,

So, um, look at this gist: https://gist.github.com/tamouse/5430012

I know this never helps, but 'Works for me!'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread tamouse mailing lists

On Sun, Apr 21, 2013 at 9:49 AM, Stuart Dallas  wrote:
> On 21 Apr 2013, at 15:46, tamouse mailing lists  
> wrote:
>
>> On Sun, Apr 21, 2013 at 9:12 AM, Tedd Sperling  
>> wrote:
>>> On Apr 21, 2013, at 9:32 AM, Stuart Dallas  wrote:
 However, a more important question for me is why you are doing this. You 
 say you are aware of the security implications, and that you'll "deal with 
 that later," but I question how you're going to deal with it. What exactly 
 are you developing that requires DB credentials to come from a form on a 
 web page?

 -Stuart
>>>
>>> You and I are asking the same question, but I am afraid the poster is not 
>>> listening. Instead, he is pursuing a course of action that simply repeats 
>>> his problem. His focus is on a specific tree instead of the forest. He 
>>> doesn't want to widen his view.
>>>
>>> Until the poster answers our question, I'm afraid our recommendations will 
>>> fall on deaf ears.
>>>
>>> Some days you can help and some days you can't.
>>>
>>> Cheers,
>>>
>>> tedd
>>
>> There's the Zen saying "When the student is ready, the teacher
>> appears." -- which to me says more about those attempting to teach
>> than those attempting to learn. :)
>
> To me that means that you won't recognise the teacher until you're ready to 
> learn. Teachers are always all around all of us, we just need to be willing 
> to learn.

Yes, that is the intended meaning. My alternate means that teachers
should not try to teach students who aren't ready.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Stuart Dallas

On 21 Apr 2013, at 15:46, tamouse mailing lists  wrote:

> On Sun, Apr 21, 2013 at 9:12 AM, Tedd Sperling  
> wrote:
>> On Apr 21, 2013, at 9:32 AM, Stuart Dallas  wrote:
>>> However, a more important question for me is why you are doing this. You 
>>> say you are aware of the security implications, and that you'll "deal with 
>>> that later," but I question how you're going to deal with it. What exactly 
>>> are you developing that requires DB credentials to come from a form on a 
>>> web page?
>>> 
>>> -Stuart
>> 
>> You and I are asking the same question, but I am afraid the poster is not 
>> listening. Instead, he is pursuing a course of action that simply repeats 
>> his problem. His focus is on a specific tree instead of the forest. He 
>> doesn't want to widen his view.
>> 
>> Until the poster answers our question, I'm afraid our recommendations will 
>> fall on deaf ears.
>> 
>> Some days you can help and some days you can't.
>> 
>> Cheers,
>> 
>> tedd
> 
> There's the Zen saying "When the student is ready, the teacher
> appears." -- which to me says more about those attempting to teach
> than those attempting to learn. :)

To me that means that you won't recognise the teacher until you're ready to 
learn. Teachers are always all around all of us, we just need to be willing to 
learn.

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread tamouse mailing lists

On Sun, Apr 21, 2013 at 9:12 AM, Tedd Sperling  wrote:
> On Apr 21, 2013, at 9:32 AM, Stuart Dallas  wrote:
>> However, a more important question for me is why you are doing this. You say 
>> you are aware of the security implications, and that you'll "deal with that 
>> later," but I question how you're going to deal with it. What exactly are 
>> you developing that requires DB credentials to come from a form on a web 
>> page?
>>
>> -Stuart
>
> You and I are asking the same question, but I am afraid the poster is not 
> listening. Instead, he is pursuing a course of action that simply repeats his 
> problem. His focus is on a specific tree instead of the forest. He doesn't 
> want to widen his view.
>
> Until the poster answers our question, I'm afraid our recommendations will 
> fall on deaf ears.
>
> Some days you can help and some days you can't.
>
> Cheers,
>
> tedd

There's the Zen saying "When the student is ready, the teacher
appears." -- which to me says more about those attempting to teach
than those attempting to learn. :)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread Tedd Sperling

On Apr 21, 2013, at 9:32 AM, Stuart Dallas  wrote:
> However, a more important question for me is why you are doing this. You say 
> you are aware of the security implications, and that you'll "deal with that 
> later," but I question how you're going to deal with it. What exactly are you 
> developing that requires DB credentials to come from a form on a web page?
> 
> -Stuart

You and I are asking the same question, but I am afraid the poster is not 
listening. Instead, he is pursuing a course of action that simply repeats his 
problem. His focus is on a specific tree instead of the forest. He doesn't want 
to widen his view.

Until the poster answers our question, I'm afraid our recommendations will fall 
on deaf ears.

Some days you can help and some days you can't.

Cheers,

tedd

_
tedd.sperl...@gmail.com
http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-21 Thread tamouse mailing lists

On Sat, Apr 20, 2013 at 9:37 PM, Glob Design Info  wrote:
> Night now this is just a test server. On the real thing I'll do it right.
>
>
> On 4/20/13 10:58 AM, Tedd Sperling wrote:
>>
>> On Apr 20, 2013, at 11:44 AM, Stuart Dallas  wrote:
>>
>>> On 20 Apr 2013, at 16:25, Jim Giner  wrote:
>>>
> Why are you allowing anyone to connect to your database from a form?
>
 A little OT, but...
 What do you mean by this question?  How do you check someone's
 credentials if not by connecting to a db to verify the login?  Cause I'm
 doing the same kind of thing all over the place.  With good practices on
 validation and such before doing my query of course.
>>>
>>> I'm pretty sure that's not what tedd meant. The code is logging in to the
>>> database server using the username and password from the form. There are
>>> very few legitimate reasons to be doing this, so the question is well worth
>>> asking.
>>>
>>> -Stuart
>>
>> Stuart is exactly right.
>>
>> If you are checking someone's credentials to access your site, such as a
>> user, then giving them the "keys to the kingdom" is a bit of an overkill.
>>
>> My advice, set up "user_id" and "password" fields in a "user" table for
>> users you want to access some portion of your site, here's the code to do
>> that:
>>
>> http://sperling.com/php/authorization/log-on.php
>>
>> Where I have said "// define your user id here" is the place to actually
>> open your database and access your user table to gather the correct user_id
>> and password.
>>
>> I also suggest that when you open the database you only use literals from
>> a config.php file ($dbhost,$dbuser,$dbpass) for accessing the actual
>> database and then check the user_id and password before giving them
>> authorization to private areas.
>>
>> Keep the private stuff private!
>>
>> Cheers,
>>
>> tedd
>>
>> _
>> tedd.sperl...@gmail.com
>> http://sperling.com
>>

That is a great point -- I was thinking this was a private app, but
you should never ever ever ever ever ever (x infinity) allow wild wild
web access to your database like this.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Glob Design Info


Night now this is just a test server. On the real thing I'll do it right.

On 4/20/13 10:58 AM, Tedd Sperling wrote:

On Apr 20, 2013, at 11:44 AM, Stuart Dallas  wrote:


On 20 Apr 2013, at 16:25, Jim Giner  wrote:


Why are you allowing anyone to connect to your database from a form?


A little OT, but...
What do you mean by this question?  How do you check someone's credentials if 
not by connecting to a db to verify the login?  Cause I'm doing the same kind 
of thing all over the place.  With good practices on validation and such before 
doing my query of course.

I'm pretty sure that's not what tedd meant. The code is logging in to the 
database server using the username and password from the form. There are very 
few legitimate reasons to be doing this, so the question is well worth asking.

-Stuart

Stuart is exactly right.

If you are checking someone's credentials to access your site, such as a user, then 
giving them the "keys to the kingdom" is a bit of an overkill.

My advice, set up "user_id" and "password" fields in a "user" table for users 
you want to access some portion of your site, here's the code to do that:

http://sperling.com/php/authorization/log-on.php

Where I have said "// define your user id here" is the place to actually open 
your database and access your user table to gather the correct user_id and password.

I also suggest that when you open the database you only use literals from a 
config.php file ($dbhost,$dbuser,$dbpass) for accessing the actual database and 
then check the user_id and password before giving them authorization to private 
areas.

Keep the private stuff private!

Cheers,

tedd

_
tedd.sperl...@gmail.com
http://sperling.com




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Tedd Sperling

On Apr 20, 2013, at 11:44 AM, Stuart Dallas  wrote:

> On 20 Apr 2013, at 16:25, Jim Giner  wrote:
> 
>>> Why are you allowing anyone to connect to your database from a form?
>>> 
>> A little OT, but...
>> What do you mean by this question?  How do you check someone's credentials 
>> if not by connecting to a db to verify the login?  Cause I'm doing the same 
>> kind of thing all over the place.  With good practices on validation and 
>> such before doing my query of course.
> 
> I'm pretty sure that's not what tedd meant. The code is logging in to the 
> database server using the username and password from the form. There are very 
> few legitimate reasons to be doing this, so the question is well worth asking.
> 
> -Stuart

Stuart is exactly right.

If you are checking someone's credentials to access your site, such as a user, 
then giving them the "keys to the kingdom" is a bit of an overkill.

My advice, set up "user_id" and "password" fields in a "user" table for users 
you want to access some portion of your site, here's the code to do that:

http://sperling.com/php/authorization/log-on.php

Where I have said "// define your user id here" is the place to actually open 
your database and access your user table to gather the correct user_id and 
password.

I also suggest that when you open the database you only use literals from a 
config.php file ($dbhost,$dbuser,$dbpass) for accessing the actual database and 
then check the user_id and password before giving them authorization to private 
areas.

Keep the private stuff private!

Cheers,

tedd

_
tedd.sperl...@gmail.com
http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Glob Design Info


Same error. That just turns those into string literals.

On 4/20/13 5:48 AM, David OBrien wrote:

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );

And yes, my $host param is correct.

Have you tried

$LINK = mysql_connect( $host, "$form_user", "$form_pass" );

just for the heck of it?




--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Jim Giner


On 4/20/2013 11:44 AM, Stuart Dallas wrote:

On 20 Apr 2013, at 16:25, Jim Giner  wrote:


Why are you allowing anyone to connect to your database from a form?


A little OT, but...
What do you mean by this question?  How do you check someone's credentials if 
not by connecting to a db to verify the login?  Cause I'm doing the same kind 
of thing all over the place.  With good practices on validation and such before 
doing my query of course.


I'm pretty sure that's not what tedd meant. The code is logging in to the 
database server using the username and password from the form. There are very 
few legitimate reasons to be doing this, so the question is well worth asking.

-Stuart


oops - now I see.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Stuart Dallas

On 20 Apr 2013, at 16:25, Jim Giner  wrote:

>> Why are you allowing anyone to connect to your database from a form?
>> 
> A little OT, but...
> What do you mean by this question?  How do you check someone's credentials if 
> not by connecting to a db to verify the login?  Cause I'm doing the same kind 
> of thing all over the place.  With good practices on validation and such 
> before doing my query of course.

I'm pretty sure that's not what tedd meant. The code is logging in to the 
database server using the username and password from the form. There are very 
few legitimate reasons to be doing this, so the question is well worth asking.

-Stuart

-- 
Stuart Dallas
3ft9 Ltd
http://3ft9.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Jim Giner



Why are you allowing anyone to connect to your database from a form?

Cheers,

tedd

_
tedd.sperl...@gmail.com
http://sperling.com


A little OT, but...
What do you mean by this question?  How do you check someone's 
credentials if not by connecting to a db to verify the login?  Cause I'm 
doing the same kind of thing all over the place.  With good practices on 
validation and such before doing my query of course.


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread David OBrien

>
> > $form_user = $_POST[ 'user' ];
> > $form_pass = $_POST[ 'password' ];
> >
> > # Connect to remote DB
> >
> > $LINK = mysql_connect( $host, $form_user, $form_pass );
> >
> > And yes, my $host param is correct.
>

Have you tried

$LINK = mysql_connect( $host, "$form_user", "$form_pass" );

just for the heck of it?

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Tedd Sperling

On Apr 19, 2013, at 4:43 PM, Glob Design Info  wrote:

> I know this has probably been answered already.
> 
> When I pass a user name and password from a form to my PHP script and then 
> pass those to mysql_connect it doesn't connect. When I paste those exact same 
> values into mysql_connect as string literals it works.
> 
> Can anyone tell me why this happens?
> 
> I know the strings are identical to the literals I try in a test but they 
> don't work when submitted via form.
> 
> $form_user = $_POST[ 'user' ];
> $form_pass = $_POST[ 'password' ];
> 
> # Connect to remote DB
> 
> $LINK = mysql_connect( $host, $form_user, $form_pass );
> 
> And yes, my $host param is correct.
> 
> Thanks,


Why are you allowing anyone to connect to your database from a form?

Cheers,

tedd

_
tedd.sperl...@gmail.com
http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Glob Design Info


Goog suggestion. The user name is an email address so it does contain @.

Password is all pure lowercase ASCII.

Wonder if the shift-2 is causing the problem?

On 4/20/13 4:44 AM, Matijn Woudt wrote:

On Sat, Apr 20, 2013 at 10:36 AM, tamouse mailing lists <
tamouse.li...@gmail.com> wrote:


No, that's for writing safe html output.

If the user or password contains special chars, sending them through
htmlspecialchars would turn them into html entities. i doubt you want that.

I'm at a loss here.

Pretty much the same goes for me.

It could be charset issue, do your username and password consist of only
ASCII characters, or do they also contain others? If so, then it might be
that your sending these characters in a different charset.

- Matijn


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Glob Design Info


Thanks for that good suggestion.

I tried that and as expected, the passed variables are coming through 
exactly as expected:


array(3) {
  ["user"]=>
  string(3) "joe"
  ["password"]=>
  string(11) "complacency"
  ["login"]=>
  string(5) "Login"
}

The bottom one seems to be the submit button's tag.

I'm at a loss too. It should work. Replacing all 3 script variables with 
hard-coded values for the login works fine - so I know the host string 
is fine.


Very weird!

On 4/20/13 1:36 AM, tamouse mailing lists wrote:

No, that's for writing safe html output.

If the user or password contains special chars, sending them through
htmlspecialchars would turn them into html entities. i doubt you want that.

I'm at a loss here. The only thing Ican think of is to try something like
this at the top of the script:



and see precisely what is being passed in from your form.
  On Apr 19, 2013 10:50 PM, "Glob Design Info"  wrote:


No, no spaces.

I am wondering if I need to use htmlspecialchars()

On Apr 19, 2013, at 7:17 PM, Jim Giner 
wrote:


On 4/19/2013 9:33 PM, Glob Design Info wrote:

They aren't on the same server. The DB is on xeround.com, the web

server

is localhost.

The host value is set and working. If I hard-code the user and password
values in the mysql_connect() call and leave the host value as is, it
connects fine. Only passing the user and password from the form cause it
to fail.


On 4/19/13 5:47 PM, David Robley wrote:

Glob Design Info wrote:


Sorry. The error displayed is:

*Warning*: mysql_connect() [function.mysql-connect
]: Access denied

for

user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES)

in

*/Library/WebServer/Documents/wservices/connect.php* on line *29*

(But with the real user name, not just '')

Thanks,

On 4/19/13 3:28 PM, tamouse mailing lists wrote:

On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info <

i...@globdesign.com>

wrote:

I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script

and

then pass those to mysql_connect it doesn't connect. When I paste
those
exact same values into mysql_connect as string literals it works.

Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but
they don't work when submitted via form.

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );

Please show the error you are getting from the mysql_connect



And yes, my $host param is correct.

Thanks,

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


First guess is that you don't have privileges for
''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges
for
''.

And, what are you using for the $host value? If the script and mysql
are on
the same server, it shouldn't need to be anything other than

'localhost'.

Do your user or password contain spaces, thereby requiring quotes in

your call?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-20 Thread Matijn Woudt

On Sat, Apr 20, 2013 at 10:36 AM, tamouse mailing lists <
tamouse.li...@gmail.com> wrote:

> No, that's for writing safe html output.
>
> If the user or password contains special chars, sending them through
> htmlspecialchars would turn them into html entities. i doubt you want that.
>
> I'm at a loss here.

Pretty much the same goes for me.

It could be charset issue, do your username and password consist of only
ASCII characters, or do they also contain others? If so, then it might be
that your sending these characters in a different charset.

- Matijn

Re: [PHP] mysql_connect noob question

2013-04-20 Thread tamouse mailing lists

No, that's for writing safe html output.

If the user or password contains special chars, sending them through
htmlspecialchars would turn them into html entities. i doubt you want that.

I'm at a loss here. The only thing Ican think of is to try something like
this at the top of the script:



and see precisely what is being passed in from your form.
 On Apr 19, 2013 10:50 PM, "Glob Design Info"  wrote:

> No, no spaces.
>
> I am wondering if I need to use htmlspecialchars()
>
> On Apr 19, 2013, at 7:17 PM, Jim Giner 
> wrote:
>
> > On 4/19/2013 9:33 PM, Glob Design Info wrote:
> >> They aren't on the same server. The DB is on xeround.com, the web
> server
> >> is localhost.
> >>
> >> The host value is set and working. If I hard-code the user and password
> >> values in the mysql_connect() call and leave the host value as is, it
> >> connects fine. Only passing the user and password from the form cause it
> >> to fail.
> >>
> >>
> >> On 4/19/13 5:47 PM, David Robley wrote:
> >>> Glob Design Info wrote:
> >>>
>  Sorry. The error displayed is:
> 
>  *Warning*: mysql_connect() [function.mysql-connect
>  ]: Access denied
> for
>  user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES)
> in
>  */Library/WebServer/Documents/wservices/connect.php* on line *29*
> 
>  (But with the real user name, not just '')
> 
>  Thanks,
> 
>  On 4/19/13 3:28 PM, tamouse mailing lists wrote:
> > On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info <
> i...@globdesign.com>
> > wrote:
> >> I know this has probably been answered already.
> >>
> >> When I pass a user name and password from a form to my PHP script
> and
> >> then pass those to mysql_connect it doesn't connect. When I paste
> >> those
> >> exact same values into mysql_connect as string literals it works.
> >>
> >> Can anyone tell me why this happens?
> >>
> >> I know the strings are identical to the literals I try in a test but
> >> they don't work when submitted via form.
> >>
> >> $form_user = $_POST[ 'user' ];
> >> $form_pass = $_POST[ 'password' ];
> >>
> >> # Connect to remote DB
> >>
> >> $LINK = mysql_connect( $host, $form_user, $form_pass );
> >
> > Please show the error you are getting from the mysql_connect
> >
> >
> >> And yes, my $host param is correct.
> >>
> >> Thanks,
> >>
> >> --
> >> PHP General Mailing List (http://www.php.net/)
> >> To unsubscribe, visit: http://www.php.net/unsub.php
> >>
> >
> >>>
> >>> First guess is that you don't have privileges for
> >>> ''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges
> >>> for
> >>> ''.
> >>>
> >>> And, what are you using for the $host value? If the script and mysql
> >>> are on
> >>> the same server, it shouldn't need to be anything other than
> 'localhost'.
> >>>
> > Do your user or password contain spaces, thereby requiring quotes in
> your call?
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit: http://www.php.net/unsub.php
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Glob Design Info

Dunno. The code definitely has the underscore.

On Apr 19, 2013, at 9:11 PM, Jim Giner  wrote:

> On 4/20/2013 12:23 AM, Glob Design Info wrote:
>> No, no spaces.
>> 
>> I am wondering if I need to use htmlspecialchars()
>> 
>> On Apr 19, 2013, at 7:17 PM, Jim Giner  wrote:
>> 
>>> On 4/19/2013 9:33 PM, Glob Design Info wrote:
 They aren't on the same server. The DB is on xeround.com, the web server
 is localhost.
 
 The host value is set and working. If I hard-code the user and password
 values in the mysql_connect() call and leave the host value as is, it
 connects fine. Only passing the user and password from the form cause it
 to fail.
 
 
 On 4/19/13 5:47 PM, David Robley wrote:
> Glob Design Info wrote:
> 
>> Sorry. The error displayed is:
>> 
>> *Warning*: mysql_connect() [function.mysql-connect
>> ]: Access denied for
>> user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in
>> */Library/WebServer/Documents/wservices/connect.php* on line *29*
>> 
>> (But with the real user name, not just '')
>> 
>> Thanks,
>> 
>> On 4/19/13 3:28 PM, tamouse mailing lists wrote:
>>> On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info 
>>> wrote:
 I know this has probably been answered already.
 
 When I pass a user name and password from a form to my PHP script and
 then pass those to mysql_connect it doesn't connect. When I paste
 those
 exact same values into mysql_connect as string literals it works.
 
 Can anyone tell me why this happens?
 
 I know the strings are identical to the literals I try in a test but
 they don't work when submitted via form.
 
 $form_user = $_POST[ 'user' ];
 $form_pass = $_POST[ 'password' ];
 
 # Connect to remote DB
 
 $LINK = mysql_connect( $host, $form_user, $form_pass );
>>> 
>>> Please show the error you are getting from the mysql_connect
>>> 
>>> 
 And yes, my $host param is correct.
 
 Thanks,
 
 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php
 
>>> 
> 
> First guess is that you don't have privileges for
> ''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges
> for
> ''.
> 
> And, what are you using for the $host value? If the script and mysql
> are on
> the same server, it shouldn't need to be anything other than 'localhost'.
> 
>>> Do your user or password contain spaces, thereby requiring quotes in your 
>>> call?
>>> 
>>> --
>>> PHP General Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>> 
> Why does the error message refer to "mysql-connect" and not "mysql_connect"?
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Jim Giner


On 4/20/2013 12:23 AM, Glob Design Info wrote:

No, no spaces.

I am wondering if I need to use htmlspecialchars()

On Apr 19, 2013, at 7:17 PM, Jim Giner  wrote:


On 4/19/2013 9:33 PM, Glob Design Info wrote:

They aren't on the same server. The DB is on xeround.com, the web server
is localhost.

The host value is set and working. If I hard-code the user and password
values in the mysql_connect() call and leave the host value as is, it
connects fine. Only passing the user and password from the form cause it
to fail.


On 4/19/13 5:47 PM, David Robley wrote:

Glob Design Info wrote:


Sorry. The error displayed is:

*Warning*: mysql_connect() [function.mysql-connect
]: Access denied for
user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in
*/Library/WebServer/Documents/wservices/connect.php* on line *29*

(But with the real user name, not just '')

Thanks,

On 4/19/13 3:28 PM, tamouse mailing lists wrote:

On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info 
wrote:

I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script and
then pass those to mysql_connect it doesn't connect. When I paste
those
exact same values into mysql_connect as string literals it works.

Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but
they don't work when submitted via form.

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );


Please show the error you are getting from the mysql_connect



And yes, my $host param is correct.

Thanks,

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





First guess is that you don't have privileges for
''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges
for
''.

And, what are you using for the $host value? If the script and mysql
are on
the same server, it shouldn't need to be anything other than 'localhost'.


Do your user or password contain spaces, thereby requiring quotes in your call?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Why does the error message refer to "mysql-connect" and not "mysql_connect"?

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Glob Design Info

No, no spaces.

I am wondering if I need to use htmlspecialchars()

On Apr 19, 2013, at 7:17 PM, Jim Giner  wrote:

> On 4/19/2013 9:33 PM, Glob Design Info wrote:
>> They aren't on the same server. The DB is on xeround.com, the web server
>> is localhost.
>> 
>> The host value is set and working. If I hard-code the user and password
>> values in the mysql_connect() call and leave the host value as is, it
>> connects fine. Only passing the user and password from the form cause it
>> to fail.
>> 
>> 
>> On 4/19/13 5:47 PM, David Robley wrote:
>>> Glob Design Info wrote:
>>> 
 Sorry. The error displayed is:
 
 *Warning*: mysql_connect() [function.mysql-connect
 ]: Access denied for
 user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in
 */Library/WebServer/Documents/wservices/connect.php* on line *29*
 
 (But with the real user name, not just '')
 
 Thanks,
 
 On 4/19/13 3:28 PM, tamouse mailing lists wrote:
> On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info 
> wrote:
>> I know this has probably been answered already.
>> 
>> When I pass a user name and password from a form to my PHP script and
>> then pass those to mysql_connect it doesn't connect. When I paste
>> those
>> exact same values into mysql_connect as string literals it works.
>> 
>> Can anyone tell me why this happens?
>> 
>> I know the strings are identical to the literals I try in a test but
>> they don't work when submitted via form.
>> 
>> $form_user = $_POST[ 'user' ];
>> $form_pass = $_POST[ 'password' ];
>> 
>> # Connect to remote DB
>> 
>> $LINK = mysql_connect( $host, $form_user, $form_pass );
> 
> Please show the error you are getting from the mysql_connect
> 
> 
>> And yes, my $host param is correct.
>> 
>> Thanks,
>> 
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>> 
> 
>>> 
>>> First guess is that you don't have privileges for
>>> ''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges
>>> for
>>> ''.
>>> 
>>> And, what are you using for the $host value? If the script and mysql
>>> are on
>>> the same server, it shouldn't need to be anything other than 'localhost'.
>>> 
> Do your user or password contain spaces, thereby requiring quotes in your 
> call?
> 
> -- 
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
> 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Jim Giner


On 4/19/2013 9:33 PM, Glob Design Info wrote:

They aren't on the same server. The DB is on xeround.com, the web server
is localhost.

The host value is set and working. If I hard-code the user and password
values in the mysql_connect() call and leave the host value as is, it
connects fine. Only passing the user and password from the form cause it
to fail.


On 4/19/13 5:47 PM, David Robley wrote:

Glob Design Info wrote:


Sorry. The error displayed is:

*Warning*: mysql_connect() [function.mysql-connect
]: Access denied for
user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in
*/Library/WebServer/Documents/wservices/connect.php* on line *29*

(But with the real user name, not just '')

Thanks,

On 4/19/13 3:28 PM, tamouse mailing lists wrote:

On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info 
wrote:

I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script and
then pass those to mysql_connect it doesn't connect. When I paste
those
exact same values into mysql_connect as string literals it works.

Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but
they don't work when submitted via form.

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );


Please show the error you are getting from the mysql_connect



And yes, my $host param is correct.

Thanks,

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





First guess is that you don't have privileges for
''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges
for
''.

And, what are you using for the $host value? If the script and mysql
are on
the same server, it shouldn't need to be anything other than 'localhost'.

Do your user or password contain spaces, thereby requiring quotes in 
your call?


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Glob Design Info

They aren't on the same server. The DB is on xeround.com, the web server 
is localhost.


The host value is set and working. If I hard-code the user and password 
values in the mysql_connect() call and leave the host value as is, it 
connects fine. Only passing the user and password from the form cause it 
to fail.



On 4/19/13 5:47 PM, David Robley wrote:

Glob Design Info wrote:


Sorry. The error displayed is:

*Warning*: mysql_connect() [function.mysql-connect
]: Access denied for
user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in
*/Library/WebServer/Documents/wservices/connect.php* on line *29*

(But with the real user name, not just '')

Thanks,

On 4/19/13 3:28 PM, tamouse mailing lists wrote:

On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info 
wrote:

I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script and
then pass those to mysql_connect it doesn't connect. When I paste those
exact same values into mysql_connect as string literals it works.

Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but
they don't work when submitted via form.

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );


Please show the error you are getting from the mysql_connect



And yes, my $host param is correct.

Thanks,

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





First guess is that you don't have privileges for
''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges for
''.

And, what are you using for the $host value? If the script and mysql are on
the same server, it shouldn't need to be anything other than 'localhost'.



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread David Robley

Glob Design Info wrote:

> Sorry. The error displayed is:
> 
> *Warning*: mysql_connect() [function.mysql-connect
> ]: Access denied for
> user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in
> */Library/WebServer/Documents/wservices/connect.php* on line *29*
> 
> (But with the real user name, not just '')
> 
> Thanks,
> 
> On 4/19/13 3:28 PM, tamouse mailing lists wrote:
>> On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info 
>> wrote:
>>> I know this has probably been answered already.
>>>
>>> When I pass a user name and password from a form to my PHP script and
>>> then pass those to mysql_connect it doesn't connect. When I paste those
>>> exact same values into mysql_connect as string literals it works.
>>>
>>> Can anyone tell me why this happens?
>>>
>>> I know the strings are identical to the literals I try in a test but
>>> they don't work when submitted via form.
>>>
>>> $form_user = $_POST[ 'user' ];
>>> $form_pass = $_POST[ 'password' ];
>>>
>>> # Connect to remote DB
>>>
>>> $LINK = mysql_connect( $host, $form_user, $form_pass );
>>
>> Please show the error you are getting from the mysql_connect
>>
>>
>>> And yes, my $host param is correct.
>>>
>>> Thanks,
>>>
>>> --
>>> PHP General Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>

First guess is that you don't have privileges for 
''@'ip70-162-142-180.ph.ph.cox.net', but you may have privileges for 
''.

And, what are you using for the $host value? If the script and mysql are on 
the same server, it shouldn't need to be anything other than 'localhost'.
-- 
Cheers
David Robley

A man's best friend is his dogma.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Glob Design Info


Sorry. The error displayed is:

*Warning*: mysql_connect() [function.mysql-connect 
]: Access denied for 
user ''@'ip70-162-142-180.ph.ph.cox.net' (using password: YES) in 
*/Library/WebServer/Documents/wservices/connect.php* on line *29*


(But with the real user name, not just '')

Thanks,

On 4/19/13 3:28 PM, tamouse mailing lists wrote:

On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info  wrote:

I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script and then
pass those to mysql_connect it doesn't connect. When I paste those exact
same values into mysql_connect as string literals it works.

Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but they
don't work when submitted via form.

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );


Please show the error you are getting from the mysql_connect



And yes, my $host param is correct.

Thanks,

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Glob Design Info


Nope, quotes are not visible in the output.

Both the HTML and the script it calls are shown below. They are in 2 
separate files. The variable names in both are "user" and "password". 
The data comes through to the PHP script fine - if I print them I see 
exactly what I typed in the form, but when I pass them to my DB host on 
another server via mysql_connect it give me an error.



HTML:


"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>

http://www.w3.org/1999/xhtml";>





Admin



.desw { font-family: Arial, Helvetica, sans-serif; }






   
  height="134" border="0" />


 
  Please log in.
   

   method="post">

User: 
Password: />


  

   
   

 
 






PHP:






User: " . $form_user . "";
echo "Pass: " . $form_pass . "";

# Connect to remote DB

$WSDB_LINK = mysql_connect( $host, $form_user, $form_pass );
if( !$WSDB_LINK )
{
error_log( "NeverStranded: cannot connect to the database." );
}
else
{
   ..
}

?>

On 4/19/13 2:13 PM, Matijn Woudt wrote:

On Fri, Apr 19, 2013 at 10:59 PM, Glob Design Info wrote:


Already did that. I printed the form values in the PHP script after they
are received and they print exactly as entered in the form. Even checked
for extra spaces.

Any functions I can pass the values to to remove the magic quotes?

Thanks,


You would see the quotes if they were there in the output. There's no
reason why it should not work this way, though I doubt it's safe to do. Can
you show us the rest of the code, including the HTML form?
And exactly what error are you getting? (eg. from mysql_error())




On 4/19/13 1:47 PM, Matijn Woudt wrote:


On Fri, Apr 19, 2013 at 10:43 PM, Glob Design Info 
wrote:

  I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script and
then
pass those to mysql_connect it doesn't connect. When I paste those exact
same values into mysql_connect as string literals it works.

Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but they
don't work when submitted via form.

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );

And yes, my $host param is correct.

Thanks,


  Try printing the $form_user and form_pass values, it might be that it's

just an error elsewhere, maybe field name is different in the html?
Otherwise, it might be you have some php init setting, like magic quotes
that does something with the input data.

- Matijn





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread tamouse mailing lists

On Fri, Apr 19, 2013 at 3:43 PM, Glob Design Info  wrote:
> I know this has probably been answered already.
>
> When I pass a user name and password from a form to my PHP script and then
> pass those to mysql_connect it doesn't connect. When I paste those exact
> same values into mysql_connect as string literals it works.
>
> Can anyone tell me why this happens?
>
> I know the strings are identical to the literals I try in a test but they
> don't work when submitted via form.
>
> $form_user = $_POST[ 'user' ];
> $form_pass = $_POST[ 'password' ];
>
> # Connect to remote DB
>
> $LINK = mysql_connect( $host, $form_user, $form_pass );


Please show the error you are getting from the mysql_connect


>
> And yes, my $host param is correct.
>
> Thanks,
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Matijn Woudt

On Fri, Apr 19, 2013 at 10:59 PM, Glob Design Info wrote:

> Already did that. I printed the form values in the PHP script after they
> are received and they print exactly as entered in the form. Even checked
> for extra spaces.
>
> Any functions I can pass the values to to remove the magic quotes?
>
> Thanks,


You would see the quotes if they were there in the output. There's no
reason why it should not work this way, though I doubt it's safe to do. Can
you show us the rest of the code, including the HTML form?
And exactly what error are you getting? (eg. from mysql_error())


>
>
> On 4/19/13 1:47 PM, Matijn Woudt wrote:
>
>> On Fri, Apr 19, 2013 at 10:43 PM, Glob Design Info > >wrote:
>>
>>  I know this has probably been answered already.
>>>
>>> When I pass a user name and password from a form to my PHP script and
>>> then
>>> pass those to mysql_connect it doesn't connect. When I paste those exact
>>> same values into mysql_connect as string literals it works.
>>>
>>> Can anyone tell me why this happens?
>>>
>>> I know the strings are identical to the literals I try in a test but they
>>> don't work when submitted via form.
>>>
>>> $form_user = $_POST[ 'user' ];
>>> $form_pass = $_POST[ 'password' ];
>>>
>>> # Connect to remote DB
>>>
>>> $LINK = mysql_connect( $host, $form_user, $form_pass );
>>>
>>> And yes, my $host param is correct.
>>>
>>> Thanks,
>>>
>>>
>>>  Try printing the $form_user and form_pass values, it might be that it's
>> just an error elsewhere, maybe field name is different in the html?
>> Otherwise, it might be you have some php init setting, like magic quotes
>> that does something with the input data.
>>
>> - Matijn
>>
>>
>

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Glob Design Info

Already did that. I printed the form values in the PHP script after they 
are received and they print exactly as entered in the form. Even checked 
for extra spaces.


Any functions I can pass the values to to remove the magic quotes?

Thanks,

On 4/19/13 1:47 PM, Matijn Woudt wrote:

On Fri, Apr 19, 2013 at 10:43 PM, Glob Design Info wrote:


I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script and then
pass those to mysql_connect it doesn't connect. When I paste those exact
same values into mysql_connect as string literals it works.

Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but they
don't work when submitted via form.

$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );

And yes, my $host param is correct.

Thanks,



Try printing the $form_user and form_pass values, it might be that it's
just an error elsewhere, maybe field name is different in the html?
Otherwise, it might be you have some php init setting, like magic quotes
that does something with the input data.

- Matijn



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] mysql_connect noob question

2013-04-19 Thread Matijn Woudt

On Fri, Apr 19, 2013 at 10:43 PM, Glob Design Info wrote:

> I know this has probably been answered already.
>
> When I pass a user name and password from a form to my PHP script and then
> pass those to mysql_connect it doesn't connect. When I paste those exact
> same values into mysql_connect as string literals it works.
>
> Can anyone tell me why this happens?
>
> I know the strings are identical to the literals I try in a test but they
> don't work when submitted via form.
>
> $form_user = $_POST[ 'user' ];
> $form_pass = $_POST[ 'password' ];
>
> # Connect to remote DB
>
> $LINK = mysql_connect( $host, $form_user, $form_pass );
>
> And yes, my $host param is correct.
>
> Thanks,
>
>
Try printing the $form_user and form_pass values, it might be that it's
just an error elsewhere, maybe field name is different in the html?
Otherwise, it might be you have some php init setting, like magic quotes
that does something with the input data.

- Matijn

[PHP] mysql_connect noob question

2013-04-19 Thread Glob Design Info


I know this has probably been answered already.

When I pass a user name and password from a form to my PHP script and 
then pass those to mysql_connect it doesn't connect. When I paste those 
exact same values into mysql_connect as string literals it works.


Can anyone tell me why this happens?

I know the strings are identical to the literals I try in a test but 
they don't work when submitted via form.


$form_user = $_POST[ 'user' ];
$form_pass = $_POST[ 'password' ];

# Connect to remote DB

$LINK = mysql_connect( $host, $form_user, $form_pass );

And yes, my $host param is correct.

Thanks,

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

55 matches

Mail list logo