I am in the process of setting up a wordpress website that connects to a relay chatroom with an integrated login system, I have connected the database which is working fine however its not allowing the authentication for the users to happen.
The query that i am running in the configuration is:
"SELECT `user_email` AS `email` FROM `wp_users` WHERE `user_login` = #a# AND `user_pass` = MD5(#p#)"
What i am wanting to do is basically have the query check that the user_login exists and then authenticates with the password.
The error that i am currently receiving is as follows:
COMMAND: username#host.host used IDENTIFY and failed to identify to nonexistent account username
This is totally puzzling me now
WordPress doesn't use MD5. So your query is wrong. You can't do it with MySQL only. But you can do it with PHP.
Here is one simple way to achieve it:
Step 1:
Grab class-phpass.php file from WordPress installation (wp-includes directory) and paste it to the neighbour to your request sender file. And use this piece of code there:
require_once("class-phpass.php");
$wp_hasher = new PasswordHash(8, true);
$password='open_password_to_check_here';
$hashed_password='hashed_password_from_mysql'; //select user_pass from wp_users where user_login=#a#;
$result=$wp_hasher->CheckPassword($password,$hashed_password));
//if result is true, then auth is OK.
Alternatively (and the best way) you can use WP REST API, which contains auth process.
I am trying to add some security at MS ACCESS 2013 applications (using a Mysql BE in the backend).
The first application form will ask for user and password, compare it against a mysql custom table ("USUARIOS", for instance) and grant access if they match or don't elsewhere
But I would like passwords to be stored "encrypted", using AES_ENCRYPT or other convenient algorithm
I have input the user/password directly from mysql-workbench
INSERT INTO USUARIOS COLUMN (ALIAS, PWD)
VALUES ('luis', AES_ENCRYPT('miguel','yucg39dy(9&%$^?bcGSFD'))
but I am failing to retrieve the password to compare (from code, using VBA, loading ADO recordsets).
rs.open "SELECT AES_DECRYPT(PWD, 'yucg39dy(9&%$^?bcGSFD' FROM USUARIOS WHERE ..'
this rs doesn't return the word 'miguel' as intended
I would appreciate any hint on that. Maybe I can use password() or MD5() functions, don't need any key
I have input the user/password directly from mysql-workbench
INSERT INTO USUARIOS COLUMN (ALIAS, PWD) VALUES ('luis',
AES_ENCRYPT('miguel','yucg39dy(9&%$^?bcGSFD'))
rs.open "SELECT AES_DECRYPT(PWD, 'yucg39dy(9&%$^?bcGSFD' FROM USUARIOS WHERE ..'
It's long time ago but maybe try this:
SELECT AES_DECRYPT(PWD, 'yucg39dy(9&%$^?bcGSFD') AS PWD FROM USUARIOS WHERE ..' ('User' = 'miguel';)
All the best
You don't need to retrieve the password.
You should be doing
SELECT COUNT(*) FROM USUARIOS WHERE USER = ? AND PWD = AES_ENCRYPT(...)
and seeing whether the count was 1 or 0.
It will then become clear to you that you don't need to decrypt the passwords at all, so you can stop that insecure plan and hash them instead.
I have already set up a proftpd server with a MySQL connection.
Everything works fine.
I would like to set specific permissions for each user from the database using (PathAllowFilter, PathDenyFilter, ...)
The server running on Ubuntu 12.04 LTS distribution.
It is not so easy, there is no single module to do this. But I found a solution for this.
It's not optimal because you have to restart ProFTPd server each time you change MySQL configuration, but it works.
As you have a ProFTPd server that already run with MySQL, i will explain only the part of specific user configuration.
For this solution you need ProFTPd to be compiled with these modules:
mod_ifsession (with this module you will be able to configure <IfUser> conditions)
mod_conf_sql (with this module you will be able to load configuration from MySQL)
To help you with ProFTPd recompilation, you can run this command proftpd -V to see how your version is configured. You can found some documentation here.
Once you have compiled your ProFTPd server and it's run, you will have to log on your MySQL server.
If you read mod_conf_sql, they say to create 3 tables ftpctxt, ftpconf, ftpmap. We will not create these tables unless you want to have global configuration from MySQL.
We will fake the MySQL configuration with "views".
1. First you add each specific configuration as user column (make sure to have a default value):
ALTER TABLE ftpuser #
ADD PathDenyFilter VARCHAR( 255 ) NOT NULL DEFAULT '(\.ftp)|(\.hta)[a-z]+$';`
ALTER TABLE ftpuser
ADD PathAllowFilter VARCHAR( 255 ) NOT NULL DEFAULT '.*$';`
....
2. Create the conf view:
User's id and configuration column are concatenated to make an unique id
User's configuration column is used as type
User's configuration value is used as info
View is an union of selects (for every column an union is required)
CREATE VIEW ftpuser_conf AS SELECT concat(ftpuser.id,'-PathDenyFilter')
AS id,'PathDenyFilter' AS type,ftpuser.PathDenyFilter AS info from ftpuser
UNION
SELECT concat(ftpuser.id,'-PathAllowFilter')
AS id,'PathAllowFilter' AS type, ftpuser.PathAllowFilter AS info
from ftpuser;
3. Create the ctxt view
This view is a concatenation of a "Default" row and user's rows ("Default" row has 1 as id and user's rows have user's id + 1 as id.
Concatenate "userconf-" and user's id as name
"IfUser" as type
User's username as info
CREATE VIEW ftpuser_ctxt AS
SELECT 1 AS id,NULL AS parent_id, 'default' AS name, 'default' AS type, NULL AS info
UNION
SELECT (ftpuser.id + 1) AS id,1 AS parent_id,
concat('userconf-',ftpuser.userid) AS name,
'IfUser' AS type,ftpuser.userid AS info
FRON ftpuser;
4. Create the map view
User's id and configuration column are concatenated for conf_id
User's id + 1 for ctxt_id
View is an union of selects (for every column an union is required)
CREATE VIEW ftpuser_map
AS SELECT concat(ftpuser.id,'-PathDenyFilter')
AS conf_id,(ftpuser.id + 1) AS ctxt_id
from ftpuser
union
select concat(ftpuser.id,'-PathAllowFilter')
AS conf_id,(ftpuser.id + 1) AS ctxt_id
from ftpuser;
5. Add these lines to your ProFTPd configuration
<IfModule mod_conf_sql.c>
Include sql://user:password#host/db:database/ctxt:ftpuser_ctxt:id,parent_id,type,info/conf:ftpuser_conf:id,type,info/map:ftpuser_map:conf_id,ctxt_id/base_id=1
</IfModule>
Where:
user => your MySQL username
password => your MySQL password
host => your MySQL host
database => your MySQL database
6. Restart your ProFTPd server
I hope this will help you. Good luck
SELECT `aversio`.`module`.`module` AS `module`
FROM
`projectmodule`
JOIN `module` ON `aversio`.`projectmodule`.`moduleID` = `aversio`.`module`.`moduleID`
JOIN `project` ON `aversio`.`project`.`projectID` = `aversio`.`projectmodule`.`projectID`
WHERE `aversio`.`module`.`actief` = _utf8'1'
AND `aversio`.`projectmodule`.`verwijderd` = _utf8'0'
AND `aversio`.`projectmodule`.`verwijderd` = _utf8'0'
MYSQL Error : There is no 'aversio'#'%' registered
What this error mean
That actually looks like a permissions issue, like you are trying to connect as aversio to a MySQL server instance which is not configured to allow that user from any (%) domain.
The syntax 'aversio'#'%' looks like the format 'username'#'host', and mysql uses % as the catch-all (any) host wildcard.
Make sure that you create the MySQL user named aversio, and give them the correct permissions on your DB.
EDIT:
IIRC, a user of that name may exist, but with a different domain (i.e. the users table is keyed on the combo of user and host. I've seen this kind of thing happen when I move code from a dev server to a staging server and try to connect fro mthe new host, having forgotten to modify the permissions in MySQL.
In my website, I am using MySQL database. I am using a webservice where in I do all my database related manipulations.
Now In one of the methods of that webservice, I get the following Error.
select command denied to user '<userid>'#'<ip-address>' for table '<table-name>'
What could be wrong?
Below is the code where I get that error. I tried debugging and found that it fails at the line
MySqlDataReader result1 = command1.ExecuteReader();
Here is my code:
String addSQL = "Select Max(`TradeID`) from `jsontest`.`tbl_Positions";
MySqlConnection objMyCon = new MySqlConnection(strProvider);
objMyCon.Open();
MySqlCommand command = objMyCon.CreateCommand();
command.CommandText = addSQL;
MySqlDataReader result = command.ExecuteReader();
//int j = command.ExecuteNonQuery();
while (result.Read())
{
MaxTradeID = Convert.ToInt32(result[0]);
}
objMyCon.Close();
for (i = 1; i <= MaxTradeID; i++)
{
String newSQL = "Select `Strike`,`LongShort`,`Current`,`TPLevel`,`SLLevel` from `json`.`tbl_Position` where `TradeID` = '" + i + "'";
MySqlConnection objMyCon1 = new MySqlConnection(strProvider);
objMyCon1.Open();
MySqlCommand command1 = objMyCon1.CreateCommand();
command1.CommandText = newSQL;
MySqlDataReader result1 = command1.ExecuteReader();
objMyCon2.Close();
I'm sure the original poster's issue has long since been resolved. However, I had this same issue, so I thought I'd explain what was causing this problem for me.
I was doing a union query with two tables -- 'foo' and 'foo_bar'. However, in my SQL statement, I had a typo: 'foo.bar'
So, instead of telling me that the 'foo.bar' table doesn't exist, the error message indicates that the command was denied -- as though I don't have permissions.
database user does not have the permission to do select query.
you can grant the permission to the user if you have root access to mysql
http://dev.mysql.com/doc/refman/5.1/en/grant.html
Your second query is on different database on different table.
String newSQL = "Select `Strike`,`LongShort`,`Current`,`TPLevel`,`SLLevel` from `json`.`tbl_Position` where `TradeID` = '" + i + "'";
And the user you are connecting with does not have permission to access data from this database or this particular table.
Have you consider this thing?
This problem happened to me because I had the hibernate.default_schema set to a different database than the one in the DataSource.
Being strict on my mysql user permissions, when hibernate tried to query a table it queried the one in the hibernate.default_schema database for which the user had no permissions.
Its unfortunate that mysql does not correctly specify the database in this error message, as that would've cleared things up straight away.
select command denied to user ''#'' for table ''
This problem is a basically generated after join condition are wrong database name in your join query. So please check the your select query in join table name after database.
Then solve it for example its correct ans ware
string g = " SELECT `emptable`.`image` , `applyleave`.`id` , `applyleave`.`empid` , `applyleave`.`empname` , `applyleave`.`dateapply` , `applyleave`.`leavename` , `applyleave`.`fromdate` , `applyleave`.`todate` , `applyleave`.`resion` , `applyleave`.`contact` , `applyleave`.`leavestatus` , `applyleave`.`username` , `applyleave`.`noday` FROM `DataEMP_ems`.`applyleave` INNER JOIN `DataEMP_ems`.`emptable` ON ( `applyleave`.`empid` = `emptable`.`empid` ) WHERE ( `applyleave`.`leavestatus` = 'panding' ) ";
The join table is imputable and applyleave on the same database but online database name is diffrent then given error on this problem.
You need to grant SELECT permissions to the MySQL user who is connecting to MySQL. See:
http://dev.mysql.com/doc/refman/5.0/en/privilege-system.html
http://dev.mysql.com/doc/refman/5.0/en/user-account-management.html
I had the exact same error message doing a database export via Sequel Pro on a mac. I was the root user so i knew it wasn't permissions. Then i tried it with mysqldump and got a different error message:
Got error: 1449: The user specified as a definer ('joey'#'127.0.0.1') does not exist when using LOCK TABLES
Ahh, I had restored this database from a backup on the dev site and I hadn't created that user on this machine. "grant all on . to 'joey'#'127.0.0.1' identified by 'joeypass'; " did the trick.
hth
If you are working from a windows forms application this worked for me
"server=localhost; user id=dbuser; password=password; database=dbname; Use Procedure Bodies=false;"
Just add the "Use Procedure Bodies=false" at the end of your connection string.
For me, I accidentally included my local database name inside the SQL query, hence the access denied issue came up when I deployed.
I removed the database name from the SQL query and it got fixed.
try grant privileges again.
GRANT ALL PRIVILEGES ON the_database.* TO 'the_user'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
Disclaimer
Backup first.
Check your query sentence before executing.
Make sure you've added a WHERE (filter) clause before updating.
In case you have root access or enough privileges, you can do the following directly:
Log into your MySQL as root,
$ mysql -u root -p
Show databases;
mysql>SHOW DATABASES;
Select MySQL database, which is where all privileges info is located
mysql>USE mysql;
Show tables.
mysql>SHOW TABLES;
The table concerning privileges for your case is 'db', so let's see what columns it has:
mysql>DESC db;
In order to list the users' privileges, type the following command, for example:
mysql>SELECT user, host, db, Select_priv, Insert_priv, Update_priv, Delete_priv FROM db ORDER BY user, db;
If you can't find that user or if you see that that user has a 'N' in the Select_priv column, then you have to either INSERT or UPDATE accordingly:
INSERT:
INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv) VALUES ('localhost','DBname','UserName','Y' ,'N','N','N');
UPDATE:
UPDATE db SET Select_priv = 'Y' WHERE User = 'UserName' AND Db = 'DBname' AND Host='localhost';
Finally, type the following command:
mysql>FLUSH PRIVILEGES;
Ciao.
The problem is most probably between a . and a _. Say in my query I put
SELECT ..... FROM LOCATION.PT
instead of
SELECT ..... FROM LOCATION_PT
So I think MySQL would think LOCATION as a database name and was giving access privilege error.
I had the same problem. This is related to hibernate. I changed the database from dev to production in hibernate.cfg.xml but there were catalog attribute in other hbm.xml files with the old database name and it was causing the issue.
Instead of telling incorrect database name, it showed Permission denied error.
So make sure to change the database name everywhere or just remove the catalog attribute
my issues got fixed after upgrading to MySQL workbench latest version 8.0.18
I had the same problem. I was very frustrating with it. Maybe this is not answering the question, but I just want to share my error experience, and there may be others who suffered like me. Evidently it was just my low accuracy.
I had this:
SELECT t_comment.username,a.email FROM t_comment
LEFT JOIN (
SELECT username,email FROM t_un
) a
ON t_comment.username,a.email
which is supposed to be like this:
SELECT t_comment.username,a.email FROM t_comment
LEFT JOIN (
SELECT username,email FROM t_un
) a
ON t_comment.username=a.username
Then my problem was resolved on that day, I'd been struggled in two hours, just for this issue.
I am sure this has been resolved, just want to point out I had a typo in the database name and it was still throwing this error on the table name. So you might want to check for typos in this case.
Similar to other answers I had miss typed the query.
I had -
SELECT t.id FROM t.table LEFT JOIN table2 AS t2 ON t.id = t2.table_id
Should have been
SELECT t.id FROM table AS t LEFT JOIN table2 AS t2 ON t.id = t2.table_id
Mysql was trying to find a database called t which the user didn't have permission for.