I just trying to make a partially catch-all email on my Postfix-mysql config.
I think have problem on the regexp.
I want to send all notify-*#domain.com to notify#domain.com
I use the following email request (letters and numbers are valid):
notify-([a-zA-Z0-9])#domain.com
But all times, Postfix tell me that User unknown in virtual mailbox table.
This is my Postfix config
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps_regexp.cf,
mysql:/etc/postfix/mysql_alias_domain_maps.cf
/etc/postfix/mysql_virtual_alias_maps_regexp.cf
user = postfixadmin
password = XXXXXXXXXXXX
hosts = 127.0.0.1
dbname = postfixadmin
query = SELECT goto FROM alias WHERE '%s' REGEXP CONCAT('^',address,'$') AND SUBSTRING(address,1,1) != '#' AND x_regexp = '1'
I think the problem is in the email regexp, due not errors in the log file, and the mysql database have the corrected values.
I'm bot sure to fully understand your issue, but if you want to select email starting with notify-, followed by any number of letters/digits, you need to use:
notify-[a-zA-Z0-9]+#domain.com
[...] is a character class, it means "one character, one that's inside the list". So you need to allow repetition with +.
guys,I am new to mysql security,and when I search this issue on google,lots of people are warning that we should check the mysql string to see if it contains ' or not,otherwise you are at the risk of getting mysql database injected,but they didn't tell why?can you please tell me the reason? thank you very much.
Imagine you have a user table and a login form. Usually when a user logs in you want to determine whether he has an account:
THIS IS VERY BAD PHP:
"SELECT * FROM users WHERE username = '$username' AND password = MD5('$password');"
Now you have a user with the username
1';DROP TABLE users;#
What would happen?
In my website, I am using MySQL database. I am using a webservice where in I do all my database related manipulations.
Now In one of the methods of that webservice, I get the following Error.
select command denied to user '<userid>'#'<ip-address>' for table '<table-name>'
What could be wrong?
Below is the code where I get that error. I tried debugging and found that it fails at the line
MySqlDataReader result1 = command1.ExecuteReader();
Here is my code:
String addSQL = "Select Max(`TradeID`) from `jsontest`.`tbl_Positions";
MySqlConnection objMyCon = new MySqlConnection(strProvider);
objMyCon.Open();
MySqlCommand command = objMyCon.CreateCommand();
command.CommandText = addSQL;
MySqlDataReader result = command.ExecuteReader();
//int j = command.ExecuteNonQuery();
while (result.Read())
{
MaxTradeID = Convert.ToInt32(result[0]);
}
objMyCon.Close();
for (i = 1; i <= MaxTradeID; i++)
{
String newSQL = "Select `Strike`,`LongShort`,`Current`,`TPLevel`,`SLLevel` from `json`.`tbl_Position` where `TradeID` = '" + i + "'";
MySqlConnection objMyCon1 = new MySqlConnection(strProvider);
objMyCon1.Open();
MySqlCommand command1 = objMyCon1.CreateCommand();
command1.CommandText = newSQL;
MySqlDataReader result1 = command1.ExecuteReader();
objMyCon2.Close();
I'm sure the original poster's issue has long since been resolved. However, I had this same issue, so I thought I'd explain what was causing this problem for me.
I was doing a union query with two tables -- 'foo' and 'foo_bar'. However, in my SQL statement, I had a typo: 'foo.bar'
So, instead of telling me that the 'foo.bar' table doesn't exist, the error message indicates that the command was denied -- as though I don't have permissions.
database user does not have the permission to do select query.
you can grant the permission to the user if you have root access to mysql
http://dev.mysql.com/doc/refman/5.1/en/grant.html
Your second query is on different database on different table.
String newSQL = "Select `Strike`,`LongShort`,`Current`,`TPLevel`,`SLLevel` from `json`.`tbl_Position` where `TradeID` = '" + i + "'";
And the user you are connecting with does not have permission to access data from this database or this particular table.
Have you consider this thing?
This problem happened to me because I had the hibernate.default_schema set to a different database than the one in the DataSource.
Being strict on my mysql user permissions, when hibernate tried to query a table it queried the one in the hibernate.default_schema database for which the user had no permissions.
Its unfortunate that mysql does not correctly specify the database in this error message, as that would've cleared things up straight away.
select command denied to user ''#'' for table ''
This problem is a basically generated after join condition are wrong database name in your join query. So please check the your select query in join table name after database.
Then solve it for example its correct ans ware
string g = " SELECT `emptable`.`image` , `applyleave`.`id` , `applyleave`.`empid` , `applyleave`.`empname` , `applyleave`.`dateapply` , `applyleave`.`leavename` , `applyleave`.`fromdate` , `applyleave`.`todate` , `applyleave`.`resion` , `applyleave`.`contact` , `applyleave`.`leavestatus` , `applyleave`.`username` , `applyleave`.`noday` FROM `DataEMP_ems`.`applyleave` INNER JOIN `DataEMP_ems`.`emptable` ON ( `applyleave`.`empid` = `emptable`.`empid` ) WHERE ( `applyleave`.`leavestatus` = 'panding' ) ";
The join table is imputable and applyleave on the same database but online database name is diffrent then given error on this problem.
You need to grant SELECT permissions to the MySQL user who is connecting to MySQL. See:
http://dev.mysql.com/doc/refman/5.0/en/privilege-system.html
http://dev.mysql.com/doc/refman/5.0/en/user-account-management.html
I had the exact same error message doing a database export via Sequel Pro on a mac. I was the root user so i knew it wasn't permissions. Then i tried it with mysqldump and got a different error message:
Got error: 1449: The user specified as a definer ('joey'#'127.0.0.1') does not exist when using LOCK TABLES
Ahh, I had restored this database from a backup on the dev site and I hadn't created that user on this machine. "grant all on . to 'joey'#'127.0.0.1' identified by 'joeypass'; " did the trick.
hth
If you are working from a windows forms application this worked for me
"server=localhost; user id=dbuser; password=password; database=dbname; Use Procedure Bodies=false;"
Just add the "Use Procedure Bodies=false" at the end of your connection string.
For me, I accidentally included my local database name inside the SQL query, hence the access denied issue came up when I deployed.
I removed the database name from the SQL query and it got fixed.
try grant privileges again.
GRANT ALL PRIVILEGES ON the_database.* TO 'the_user'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
Disclaimer
Backup first.
Check your query sentence before executing.
Make sure you've added a WHERE (filter) clause before updating.
In case you have root access or enough privileges, you can do the following directly:
Log into your MySQL as root,
$ mysql -u root -p
Show databases;
mysql>SHOW DATABASES;
Select MySQL database, which is where all privileges info is located
mysql>USE mysql;
Show tables.
mysql>SHOW TABLES;
The table concerning privileges for your case is 'db', so let's see what columns it has:
mysql>DESC db;
In order to list the users' privileges, type the following command, for example:
mysql>SELECT user, host, db, Select_priv, Insert_priv, Update_priv, Delete_priv FROM db ORDER BY user, db;
If you can't find that user or if you see that that user has a 'N' in the Select_priv column, then you have to either INSERT or UPDATE accordingly:
INSERT:
INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv) VALUES ('localhost','DBname','UserName','Y' ,'N','N','N');
UPDATE:
UPDATE db SET Select_priv = 'Y' WHERE User = 'UserName' AND Db = 'DBname' AND Host='localhost';
Finally, type the following command:
mysql>FLUSH PRIVILEGES;
Ciao.
The problem is most probably between a . and a _. Say in my query I put
SELECT ..... FROM LOCATION.PT
instead of
SELECT ..... FROM LOCATION_PT
So I think MySQL would think LOCATION as a database name and was giving access privilege error.
I had the same problem. This is related to hibernate. I changed the database from dev to production in hibernate.cfg.xml but there were catalog attribute in other hbm.xml files with the old database name and it was causing the issue.
Instead of telling incorrect database name, it showed Permission denied error.
So make sure to change the database name everywhere or just remove the catalog attribute
my issues got fixed after upgrading to MySQL workbench latest version 8.0.18
I had the same problem. I was very frustrating with it. Maybe this is not answering the question, but I just want to share my error experience, and there may be others who suffered like me. Evidently it was just my low accuracy.
I had this:
SELECT t_comment.username,a.email FROM t_comment
LEFT JOIN (
SELECT username,email FROM t_un
) a
ON t_comment.username,a.email
which is supposed to be like this:
SELECT t_comment.username,a.email FROM t_comment
LEFT JOIN (
SELECT username,email FROM t_un
) a
ON t_comment.username=a.username
Then my problem was resolved on that day, I'd been struggled in two hours, just for this issue.
I am sure this has been resolved, just want to point out I had a typo in the database name and it was still throwing this error on the table name. So you might want to check for typos in this case.
Similar to other answers I had miss typed the query.
I had -
SELECT t.id FROM t.table LEFT JOIN table2 AS t2 ON t.id = t2.table_id
Should have been
SELECT t.id FROM table AS t LEFT JOIN table2 AS t2 ON t.id = t2.table_id
Mysql was trying to find a database called t which the user didn't have permission for.
I create a table named "PathTable" in a MS-Access DB.
The table is like this:
------------------------------
| IP | Input | Output |
------------------------------
| 127.0.0.1 | XXXXX | YYYYYY |
------------------------------
When I programed these
String CommandString = "SELECT Input, Output FROM PathTable WHERE IP = '127.0.0.1'";
OleDbCommand CommandObj = new OleDbCommand( CommandString, m_Connection );
OleDbDataReader ReaderObj = CommandObj.ExecuteReader();
the code always throw OleDbException, and the ErrorDescription is E_FAIL(0x80004005),
But if I replaced the commandString with
SELECT * FROM PathTable WHERE IP = '127.0.0.1'
The problem never happended again.
So, my question is: Does OleDbCommand only excute "select * "? Thanks.
Maybe these are reserved words. Try quoting them:
SELECT [Input], [Output] FROM PathTable WHERE IP = '127.0.0.1'
I am sending you the list of Microsoft reserved words, Please check, you are using reserved keyword that's why you are facing this problem.
http://support.microsoft.com/kb/321266
It's possible 'input' or 'output' are reserved words in Access SQL so try adding [] square brackets around those field names.
Input and Output may be keywords. Try surrounding them with square brackets. i.e.
[Input]
[Output]
File Not Found - Another possible cause of this exception is if the File your trying to load/read does not exist.
I have found it useful to perform a "File.Exists" before trying to open the file just to make sure my code detects this specific cause of the "IErrorInfo.GetDescription failed with E_FAIL(0x80004005)" exception correctly.
How I will make every password in my user table encrypted(md5()) except one particular row using a single query?
UPDATE table SET Password = MD5(Password)
I will say though that MD5 isn't a very good level of encryption and you should consider something stronger such as ENCRYPT with a custom salt. Read about it here
EDIT: Looks like the original question changed. Here's the altered query to accomodate
UPDATE table SET Password = MD5(Password) WHERE ID!=[specified index]
EDIT: Worth noting
MD5 Encryption Hacked
Hash Functions in MySQL
There are a lot more hash functions than MD5 to use for storing passwords in you MySQL database.
You can find a list of them on MySQL :: 11.10.2. Encryption and Compression Functions.
Save Password (hash):
UPDATE users SET password = SHA('secret_password') WHERE ....;
Check Password:
SELECT COUNT(*) FROM users WHERE name = 'username' && password = SHA('typed_password');
If the result is > 0, the user provided the correct password.
When hashing passwords, do not forget to salt them, so that same passwords do not yield same hashes:
SET #salt := CONV(FLOOR(RAND() * 0x100000000), 10, 16)
UPDATE passwords
SET password = CONCAT(#salt, SHA(CONCAT(#salt, #typed_password)))
SELECT 1
FROM passwords
WHERE SHA(CONCAT(SUBSTRING(password, 1, 8), #typed_password)) = SUBSTRING(password, 9, 40)
Concerning you edit: do you have an ID or username that identifies this row?
UPDATE mytable
SET password = MD5(password)
WHERE id <> 123
Edited in response to edit in OP.
UPDATE userTable
SET password = MD5(password)
WHERE NOT (<criteria to identify row to exclude>)
I think it is a little bit more update
SET PASSWORD FOR 'existinguser'#'localhost' = PASSWORD('newpass');
or
UPDATE user SET password = PASSWORD('newpass');
Hope this help