Re: [PHP] MySQL/PHP Tunneling
On Sunday 11 July 2004 13:07, Karam Chand wrote: Sorry. But I just didnt remember the email addy so I took that way :). Can't resist picking on this one. All posts to the list should/would have the list address in the To: header. It's not that hard to copy paste the address into a *new* mail. Anyway just add the list address into your address book. NOW :) Now, many of the ISPs blokc 3306 for security reason and you cannot access MySQL from a 3rd party tool and have to use phpMyAdmin which is able to access the MySQL server as it is running on the same box. Sometimes, SSH tunneling is also not the option :) Most of these tools use MySQL C API() or some sort of wrapper for it to connnect to the server and do their job. Instead of connecting directly to the server using: mysql_real_connect ( ). They callup the above mentioned PHP file and pass the query as a argument. The PHP file then connects to the local mysql server,executes the query and returns all the required data as XML or a pre-determined format. In the client side the app again assembles this data and fills up MYSQL_RES* structure, the main structure in C API() to work with resultsets. Just a few points I want to bring up: 1) Any monkey can run queries on your server unless you authenticate the connection using sessions. 2) Your data will pass through the web in clear text unless you do your own encryption/decryption or use SSL. 3) Adding an access layer would obviously increase the overhead. If this is for a mission-critical application then you really are much better off getting yourself a dedicated server then you can do whatever tunnelling you want. -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* May the forces of evil become confused on the way to your house. -- George Carlin */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL/PHP Tunneling
* Thus wrote Karam Chand: --- Curt Zirzow [EMAIL PROTECTED] wrote: Now, many of the ISPs blokc 3306 for security reason and you cannot access MySQL from a 3rd party tool and have to use phpMyAdmin which is able to access the MySQL server as it is running on the same box. Sometimes, SSH tunneling is also not the option :) There usually is a reason why the port 3306 port is blocked or that mysql simply doesn't listen to outside addresses on that port. By trying to circumstant that will probably result in a violation of their TOS. And as Jason suggested, use an ISP that either supports ssh tunneling (which is preferred and more likely to occur) or find a ISP that allows port 3336 to the open world. What you describe is more in the lines of Proxying, which is probably why I was confused. And I wouldn't suggest to anyone to do that kind of proxying, the layers between everything can be *very* unstable. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL/PHP Tunneling
Hello, Well, I know there are issues regarding this (security as well as others). But tools like MySQL-Front and DBTools are just doing that and it just happens that the project i am working on needed something like that, so I was just asking :) Regards, Karam --- Curt Zirzow [EMAIL PROTECTED] wrote: * Thus wrote Karam Chand: --- Curt Zirzow [EMAIL PROTECTED] wrote: Now, many of the ISPs blokc 3306 for security reason and you cannot access MySQL from a 3rd party tool and have to use phpMyAdmin which is able to access the MySQL server as it is running on the same box. Sometimes, SSH tunneling is also not the option :) There usually is a reason why the port 3306 port is blocked or that mysql simply doesn't listen to outside addresses on that port. By trying to circumstant that will probably result in a violation of their TOS. And as Jason suggested, use an ISP that either supports ssh tunneling (which is preferred and more likely to occur) or find a ISP that allows port 3336 to the open world. What you describe is more in the lines of Proxying, which is probably why I was confused. And I wouldn't suggest to anyone to do that kind of proxying, the layers between everything can be *very* unstable. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php __ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL/PHP Tunneling
First off, when starting a new topic, don't reply to message and then change the topic. * Thus wrote Karam Chand: Hello, Recently lot of MySQL clients try to overcome host based privilege system of MySQL by using PHP tunneling method. In this method they call up a PHP file in the server and the PHP file executes a query and sends the data in XML format. This doesn't really explain much. I am using C API() and I was just wondering if somebody is working on such tunnels i.e. a PHP file and its corresponding C/++ code that will fill up MYSQL_RES structures correctly so that I can use them to C API() without any problem. Otherwise, i guess i have to write one for myself. Now, I'm utterly confused. I have no idea what you're referring to as C API() nor php tunneling. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] MySQL/PHP Tunneling
--- Curt Zirzow [EMAIL PROTECTED] wrote: First off, when starting a new topic, don't reply to message and then change the topic. Sorry. But I just didnt remember the email addy so I took that way :). * Thus wrote Karam Chand: Hello, Recently lot of MySQL clients try to overcome host based privilege system of MySQL by using PHP tunneling method. In this method they call up a PHP file in the server and the PHP file executes a query and sends the data in XML format. This doesn't really explain much. Try out www.mysqlfront.de (docs should be enough i guess :) ). Its a GUI for MySQL. It has an option for PHP tunneling and this is what I am refering to. Now, many of the ISPs blokc 3306 for security reason and you cannot access MySQL from a 3rd party tool and have to use phpMyAdmin which is able to access the MySQL server as it is running on the same box. Sometimes, SSH tunneling is also not the option :) Most of these tools use MySQL C API() or some sort of wrapper for it to connnect to the server and do their job. Instead of connecting directly to the server using: mysql_real_connect ( ). They callup the above mentioned PHP file and pass the query as a argument. The PHP file then connects to the local mysql server,executes the query and returns all the required data as XML or a pre-determined format. In the client side the app again assembles this data and fills up MYSQL_RES* structure, the main structure in C API() to work with resultsets. In short this is what happens: /* connect to the php file using your C prog. e.g. http://somehost.com/some.php?query=select * from sometable the PHP file then executes the query and writes the result as XML (for e.g.). result row col1aaa/col1 col2asasas/col2 ... /row row /row /result in the client side the app fills creates and fills up the MYSQL_RES sturcture with this data and then use various APIs like: mysql_fetch_row() mysql_fetch_fields() */ So basically instead of working on raw sockets and using MySQL protocol to fill up the required sturctures, they make a bridge between HTTP - MySQL protocol. So I just wanted to know if somebody has written a generic library like this? Otherwise, I guess I have to write one for my app. Regards, Karam I am using C API() and I was just wondering if somebody is working on such tunnels i.e. a PHP file and its corresponding C/++ code that will fill up MYSQL_RES structures correctly so that I can use them to C API() without any problem. Otherwise, i guess i have to write one for myself. Now, I'm utterly confused. I have no idea what you're referring to as C API() nor php tunneling. Curt -- First, let me assure you that this is not one of those shady pyramid schemes you've been hearing about. No, sir. Our model is the trapezoid! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php