Is there a SQL query to get userwise provisioned account in OIM? - identity

I need a query to check if the account is provisioned to user from database.
Any clues?

Query to get all the enabled/provisioned accounts to specific user:
SELECT OBJ.OBJ_NAME
FROM OBJ,OBI,OIU,OST,USR
WHERE OBJ.OBJ_KEY=OBI.OBJ_KEY
AND OBI.OBI_KEY=OIU.OBI_KEY
AND OIU.USR_KEY=USR.USR_KEY
AND OIU.OST_KEY=OST.OST_KEY
AND OST.OBJ_KEY=OBJ.OBJ_KEY
AND USR.USR_LOGIN='[Insert User Login here]'
AND OST.OST_STATUS IN ('Enabled','Provisioned');

Select * from OIU where usr_key = ?;
Join to ORC to see the resource that is provisioned, POL if this is associated with an access policy, OBI to see the approval process.

Related

Anti MultiAccount [MySQL]

I'm creating Anti MultiAccount in MySQL.I have big problems with MultiAccounts in my game so I need strong security.
Now I'm make that every connection in my game log in mysql.With information about ip and time login.
Every time when player connect on my server I use this.
INSERT INTO MULTI(IP, Name,Country,date) VALUES ('127.0.0.1', 'Test' , 'Croatia' ,UNIX_TIMESTAMP())
Now I don't know how that Admins can see possible multiaccounts so I need:
1) How to get all user IP from MULTI table but without repetition same IP's
2) How to get all connected players but without repetition
For example:
A player is login with IP adress 127.0.0.1
B player is also login with 127.0.0.1 IP adress
So A and B player are conncted!They are possible multiaccounts,how to get them(But without repetition of course)
(Sorry for English)
Not sure what exactly do you want to select, but here is my approach:
http://sqlfiddle.com/#!9/91208b/1
SELECT DISTINCT multi.* FROM multi
INNER JOIN
(SELECT ip
FROM multi
GROUP BY ip
HAVING COUNT(DISTINCT name)>1
) filter
ON multi.ip = filter.ip

Look up my current userID with mySql

This scripts selects an account form my MySQL database with the userID 1:
$_SESSION['user_id'] = 1;
If my MySQL account has id 1 then it will change that account.
I wonder how you can change the = 1; so it automatically looks up which account you are on at the moment? Right now it only works with the account with userID 1.
MySQL database name for my userid is "userID".
Usually you would say something like
SELECT * FROM user_profiles WHERE user_id=1 in MySQL.
Also, I would recommend that you use PDO and properly escape the user input using
htmlspecialchars($_SESSION['user_id'])
in your PHP file since the user_id input most likely can be manipulated by the user.
You are using Session so it can not change the userID unless you destroy that session by using this PHP function:
session_destroy();
And if you want to know your current userID:
echo $_SESSION['user_id'];

simple SQL query to display values from a table based on condition

Assume there is client and a server
Client:: Android mobile
Server:: AWS server
Server has mysql database installed in it
Database name:: Person
Tables in person Database:: "sam" and "carl"
Now mobile sends a request...
How to write an SQL query so that if mobile sends request i/p as
"sam" display all the values of sam table
But if the mobile sends an i/p as carl then dipslay all the values
of carl table
[Note]
I have used statement SELECT * FROM TABLE_NAME
What i am trying to achieve is a condition response when a client request comes in
I/p means :: say i get carl as ip .... i want to perform one query else sam as input ... i want to perform another query
what query statement should i need to write ?
hope i am stating my problem correctly
Thanks
First, you have to get the IP address of the Android client in your server code. In PHP (source):
$client_ip = $_SERVER['REMOTE_ADDR']
Or, if you have multiple Apache web servers behind ELB (source):
$http_headers = apache_request_headers();
$client_ip = $http_headers["X-Forwarded-For"];
Now your PHP code can choose which query to run according to the value of $client_ip. If the address is Sam's, run select * from sam, if it is Carl's, run select * from carl. If it's an unknown IP address, then you can respond with an error message.
Anyway, I don't think IP-based identification is a good idea. If Carl or Sam reboots his Android phone, its IP address will change, and the connection will no longer work.
There are problems with your database design, too. For example, if your current Sam and Carl tables contain chat messages, then the following schema would be better:
- User table: ID, Name, IPAddress
- Message table: ID, UserID, SendingTime, Text
For these tables, the query which lists the messages of the current user would look like this:
SELECT User.Name, Message.SendingTime, Message.Text
FROM User, Message
WHERE User.ID = Message.UserID AND User.IPAddress = 'xxx.xxx.xxx.xxx'
Here 'xxx.xxx.xxx.xxx' would be the value of $client_ip.
For this u have to require one more table where you store IP address and their table name and create query like this
Select tableName from IPTable where ip= 'xxx.xxx.xxx.xxx'
and using that table name in your second query
select * from tablename

SELECTing in a WHERE clause, inside a SELECT statement

I'm not exactly sure on the correct technical wording, so excuse my title, but here's the problem. I have a MySQL database, and in the user table I have *user_name*, a *password_salt*, and an md5 password containing the password then salt. In a program, users connect and I get one query to send to validate a user.
When a user connects I need a way of selecting their user_name, and comparing the given password to the stored password, which requires retrieving the salt somewhere in the WHERE statement (I guess).
This is my hypothetical "example":
SELECT user_name
FROM users
WHERE user_name='$nick' AND
password = md5(CONCAT('$md5pass', md5((select password_salt FROM users where user_name='$nick'))))
LIMIT 1
Resolution Update: Got it working, thanks for the suggestions, a normal select sufficed, the problem was that the sql-auth api wasn't receiving the password unless the port was specified.
Actually you can freely use any column from table declared in "FROM" clause not only in "SELECT" clause, but also in "WHERE" clause, so I don't see a need to subquery here. Let it be simply:
SELECT user_name
FROM users
WHERE user_name='$nick' AND
password = md5(CONCAT('$md5pass', md5(password_salt)))
LIMIT 1
This way a row is selected only if it matches both:
- user name is correct
- the password in row matches given password
I am not sure though if I used md5() functions correctly. I copied your example.
SELECT user_name
FROM users
WHERE user_name='$nick' AND
password = md5(CONCAT('$md5pass', password_salt))
LIMIT 1
Try this instead:
SELECT user_name
FROM users
WHERE user_name='$nick' AND
password = md5(CONCAT('$md5pass', md5(password_salt)))
LIMIT 1

MYSQL Query in Database View

SELECT `aversio`.`module`.`module` AS `module`
FROM
`projectmodule`
JOIN `module` ON `aversio`.`projectmodule`.`moduleID` = `aversio`.`module`.`moduleID`
JOIN `project` ON `aversio`.`project`.`projectID` = `aversio`.`projectmodule`.`projectID`
WHERE `aversio`.`module`.`actief` = _utf8'1'
AND `aversio`.`projectmodule`.`verwijderd` = _utf8'0'
AND `aversio`.`projectmodule`.`verwijderd` = _utf8'0'
MYSQL Error : There is no 'aversio'#'%' registered
What this error mean
That actually looks like a permissions issue, like you are trying to connect as aversio to a MySQL server instance which is not configured to allow that user from any (%) domain.
The syntax 'aversio'#'%' looks like the format 'username'#'host', and mysql uses % as the catch-all (any) host wildcard.
Make sure that you create the MySQL user named aversio, and give them the correct permissions on your DB.
EDIT:
IIRC, a user of that name may exist, but with a different domain (i.e. the users table is keyed on the combo of user and host. I've seen this kind of thing happen when I move code from a dev server to a staging server and try to connect fro mthe new host, having forgotten to modify the permissions in MySQL.