I have a list of mysql databases with Godaddy. I did not give them clear names now I cannot find out which website they pertain to. Can someone tell me where I can see the name of the website or domain the mysql is connected to. My fault, dumb thing to do.
Please do not get me blocked for asking a simple question.
Cheers
The great thing about domains hosted on GoDaddy is that you can access any of your mysql databases through any of your domains if they are all under the same account. MySql isnt connected to any particular domain name, but rather the mysql exists on the same server and is accessible by any of your domains. Please comment if you need further clarification, or edit your question.
Related
It may seem like a silly question but i've never given it any thought. For the past few months i've been building a database and only ever accessed it through my laptop ( which is what I think is called the local Host, but please correct me if I am wrong). Yesterday, intuitively I thought, what if I were away from my laptop but would really like to either access the data or amend some records, how would I be able to do it. Which is the reason for my question.
I know when I use it locally all I do is enter the database, username and password via python for example. So, what if I was at an internet cafe and wanted to pop in and access my database. How would I do this?
You have to mention your ip address of your system with defined port in that way you can access your database anywhere
How do I connect to this localhost from another computer on the same network?
Question was already asked. Go to the answer, very helpful information.
The tables in the database i use for my website was dropped in some way. I didn't do it, but i don't know who did it. My hosting company says we didn't do either. So is there a way to know who did it? If there is a solution for it, i'll be grateful. My website is offline now.
Thanks
Provided you do not have a backup: as Stanley has pointed out, your code might have been vulnerable. This is just one out of many possible solutions.
Small checklist:
Check whether the DB is accessible from outside localhost (usually it should not)
Check password security
Check who has access to your DB and whether you can trust them
Check your code for SQL injection vulnerability: What is SQL injection?
Here's my situation: I have a file, homepage.php, that I want to allow my customers to host on their servers. homepage.php needs to somehow get information from my database, but I don't want my customers to have full access to my database. What's the best way to do this and how can I make it work?
I tried to do it by including the line:
require( "http://www.mydomain.com/connect.php" );
in homepage.php but I'm not sure if that's the right way and also, it gives me an error.
What error does it give you? Also that won't work because your server parses the PHP and send back the result, rather than including the source code like you want.
Easy solution
Have a read-only account, and give those details out to your customer's pages.
Then they can set up the mysql connection with the IP/exposed port of your mysql server and log-in from there.
Better solution
Have accounts for each customer, so privileges can vary accordingly, otherwise same as above.
Best solution
Expose access via a SOAP service. If you have enough customers and they're developing with you, an API is invaluable.
Without the warning it is hard to troubleshoot the connection issue although I bet it might have something to do with it looking at localhost versus the IP of the machine where the database resides.
The best solution is to have an ini file that has the username and password in it for each individual customer and have the connect.php file look for the ini file on that customers local webserver. You can then configure the priveleges for each account to have only select access to certain tables, or update priveleges to certain users, etc.
Also if your customers will be building their own code around yours, developing a SOAP service might be useful.
Currently I have a Windows Application that I made that several companies use. Each one has their own privileges based upon a name and their public IP address to their own database.
I have a few users that travel and will not know their IP addresses in advance.
Can anyone offer some advice as to the best way to allow them access to their database, without me having to open up their database access to all IP addresses? Or is there really no way around this?
Keep in mind I am a newb when it comes to mysql stuff. But I am willing to learn!
Any thoughts are appreciated.
In my opinion the best way is to use a road-warrior VPN configuration and have static IP addresses assigned to each 'warrior' which you can use in Mysql as the host field. Check out OpenVPN for example.
Example: http://zeldor.biz/2011/05/openvpn-road-warrior-setup/
I ended up opening it to all IP addresses and using very strong names and passwords.
How do I check if a user/password pair works without actually making a connection to the database?
The DBMS in question is MySQL.
That was my original question. Since most people get this question wrong, then I should rephrase it as:
How do I check if a MySQL username/password is valid, without connecting to MySQL as that user? (thanks to derobert)
I actually found a solution, check my answer below.
If you want to check if a MySQL username/password is valid, without connecting to MySQL as that user, then you should take a look at the the users table in the mysql database.
But I'd recommend not doing this; that is really an internal MySQL implementation detail, and you really shouldn't depend on it. (e.g., what if MySQL gets LDAP auth someday?)
I think this question is open to interpretation. Most people will jump in and say "You can't.", but if what you are actually asking is "How do I use MySQL to authenticate a user but not actually use the database?" then that's a whole different ball game. Take a look at mod_auth_mysql, an Apache module which does exactly that. If we had more details on what exactly you were trying to do, folks might be more forthcoming.
Login as someone who has access to "mysql" database (schema), and do:
SELECT COUNT(*) FROM MYSQL.USER WHERE USERNAME=? AND PASSWORD=PASSWORD(?)
If the count > 0 then the username/password is correct.
If the username and password are stored in the database, then there's obviously no other way to check them other than to connect first.
The best you could do is perhaps only connect to the DB when they log in. Once they're authenticated, you could store some form of session information on disk, but it's not a great solution.
In short - not posssible if the userid/password are stored in the database.
Authentication basically means that you compare the response to a challenge with known values. If you do not have the values to compare with , you cannot authenticate.
One possible solution would be to devise some sort of scheme where the username/password are an encryption/decryption key pair. Obviously, this would be more feasible in an assigned username world, but such a policy would allow you not to hit the database if that is the primary objective.