$dbh->selectrow_hashref("SHOW CREATE FUNCTION my_func");
returns
0 HASH(0x202fe70)
'Create Function' => undef
'Database Collation' => 'latin1_swedish_ci'
'Function' => 'my_func'
'character_set_client' => 'cp850'
'collation_connection' => 'cp850_general_ci'
'sql_mode' => ''
(the function definition is missing)
The same code works perfectly with SHOW CREATE VIEW, and SHOW CREATE FUNCTION works on the MySQL command line with the same credentials.
I wondered if the data type is too large for the attribute, so I tried setting LongReadLen to a very large number on the connect, but it made no difference.
I forgot that user#localhost is not the same as user#remote_host (MySQL bites me on this every time :-(
What's bizarre is that user#remote_host HAS the required privilege, while user#localhost does not (I'm in a shared hosting environment and don't have access to privileges on database mysql)
Related
Grant: this works
I have the following puppet code:
mysql_grant {'my-user-name#1.2.3.4/my-database-name.*':
ensure => 'present',
options => ['GRANT'],
privileges => ['SELECT', 'INSERT', 'DELETE', 'UPDATE'],
table => 'my-database-name.*',
user => 'my-user-name#1.2.3.4',
}
and that does grant the permissions I expect.
Revoke: this doesn't work
If I change my mind and say this:
mysql_grant {'my-user-name#1.2.3.4/my-database-name.*':
ensure => 'absent',
options => ['GRANT'],
privileges => ['SELECT', 'INSERT', 'DELETE', 'UPDATE'],
table => 'my-database-name.*',
user => 'my-user-name#1.2.3.4',
}
I note that it doesn't revoke permission (not even if I change s/GRANT/REVOKE/). Any pointers on how to automate revocation? I haven't been able to find it in the manual or by googling.
Repeat: I'm lost without copy and paste
Now suppose I want to permit access from several hosts. My puppet-fu fails me on how to not repeat the block (i.e., just copy-paste with different IP addresses). I'm sure puppet defines tools for this, but I've not figured out that part yet.
Thanks for any pointers!
For the repeat part I can think of two ways:
puppetDB
hiera
PuppetDB
Whenever you want the fact of a node to do something on a second node, use puppetDB. This is called exported resources. This is also explained in the puppet-mysql documentation.
Example1: Add the SSH Hostkeys of all machines to the known_keys of all other machines.
Example2: Add all machines to monitoring, creating their own host definition.
Example3: On a certain class of machine, allow them to connect to MySQL.
In each case, you first install puppetDB via the puppet-puppetdb module. You will need puppet4 for this. PuppetDB will only start if you have 8+ GB of memory.
You then have to write the resource export and the resource import. On all nodes that have a fact that you want (like ip / fqdn), you write the export:
##mysql_grant {"my-user-name#${::ipaddress}/**my-database-name.*":
ensure => 'absent',
options => ['GRANT'],
privileges => ['SELECT', 'INSERT', 'DELETE', 'UPDATE'],
table => 'my-database-name.*',
user => "my-user-name#${::ipaddress}",
}
The '##' creates the export. Note that the exported resource is lower case. Also note the double quote instead of single quote whenever a variable is used.
What will happen whenever a node sees this, is that it will fill out this exported resource with its fact (in this case ::ipaddress), and send it to puppetDB. You can either add this part to all nodes you want to grant access, partially defeating its purpose, or you can have a manifest that is applied to all nodes and do something along the lines of:
if $::fqdn include? 'app'{
##mysql_grant {"my-user-name#${::ipaddress}/**my-database-name.*":
ensure => 'absent',
options => ['GRANT'],
privileges => ['SELECT', 'INSERT', 'DELETE', 'UPDATE'],
table => 'my-database-name.*',
user => "my-user-name#${::ipaddress}",
}
}
Then you need to write an import statement on the node that should apply this.
Mysql_grant <<| |>>
Please note the upper case.
Another quick example, which we apply to all our linux nodes:
# collect all the public host RSA keys for known hosts
##sshkey { $hostname:
ensure => present,
type => 'rsa',
host_aliases => [$::ipaddress, $::fqdn],
key => $sshrsakey,
}
# and populate known_hosts
Sshkey <<| |>>
#https://projects.puppetlabs.com/issues/21811
file { '/etc/ssh/ssh_known_hosts':
ensure => present,
path => '/etc/ssh/ssh_known_hosts',
mode => '0644',
}
Hiera
Hiera is build for exactly this purpose, to seperate code from data. Please refer to the hiera documentation for how to set it up.
What you end up doing is that you will create a yaml file that has all your data in it:
mysql::grants:
db1:
username: my-user-name
database: my-database-name
ip: 1.2.3.4
ensure: present
options:
- GRANT
privileges:
- SELECT
- INSERT
- DELETE
- UPDATE
table: my-database-name.*
db2:
username: my-user-name
database: my-database-name
ip: 1.2.3.5
ensure: present
options:
- GRANT
privileges:
- SELECT
- INSERT
- DELETE
- UPDATE
table: my-database-name.*
Then you just go ahead and put this in your mysql node (although creating a small module would be cleaner):
$grants = hiera('mysql::grants', undef)
create_resources('mysql::grant', $grants)
Puppet will parse all of hiera, then creating a grant for every db found.
Try using mysql_grant on a new user, then using puppet apply with the -d (debug) and -v (verbose) options on your manifest.
This should give you a load of output that shows what it's doing. What it will be doing is running sql commands on your database such as
grant all on db.* to user
These will also be shown when you run
show grants for user
Then change to 'absent', and repeat.
Now you know exactly what SQL commands puppet is running on your DB.
Then you can try those commands directly in the DB to see if they do what you expect.
Note: using ensure => 'absent' is the correct thing to do to remove permissions, changing grant to revoke won't help.
I'd like to dump my databases to a file.
Certain website hosts don't allow remote or command line access, so I have to do this using a series of queries.
All of the related questions say "use mysqldump" which is a great tool but I don't have command line access to this database.
I'd like CREATE and INSERT commands to be created at the same time - basically, the same performance as mysqldump. Is SELECT INTO OUTFILE the right road to travel, or is there something else I'm overlooking - or maybe it's not possible?
Use mysqldump-php a pure-PHP solution to replicate the function of the mysqldump executable for basic to med complexity use cases - I understand you may not have remote CLI and/or mysql direct access, but so long as you can execute via an HTTP request on a httpd on the host this will work:
So you should be able to just run the following purely PHP script straight from a secure-directory in /www/ and have an output file written there and grab it with a wget.
mysqldump-php - Pure PHP mysqldump on GitHub
PHP example:
<?php
require('database_connection.php');
require('mysql-dump.php')
$dumpSettings = array(
'include-tables' => array('table1', 'table2'),
'exclude-tables' => array('table3', 'table4'),
'compress' => CompressMethod::GZIP, /* CompressMethod::[GZIP, BZIP2, NONE] */
'no-data' => false,
'add-drop-table' => false,
'single-transaction' => true,
'lock-tables' => false,
'add-locks' => true,
'extended-insert' => true
);
$dump = new MySQLDump('database','database_user','database_pass','localhost', $dumpSettings);
$dump->start('forum_dump.sql.gz');
?>
With your hands tied by your host, you may have to take a rather extreme approach. Using any scripting option your host provides, you can achieve this with just a little difficulty. You can create a secure web page or strait text dump link known only to you and sufficiently secured to prevent all unauthorized access. The script to build the page/text contents could be written to follow these steps:
For each database you want to back up:
Step 1: Run SHOW TABLES.
Step 2: For each table name returned by the above query, run SHOW CREATE TABLE to get the create statement that you could run on another server to recreate the table and output the results to the web page. You may have to prepend "DROP TABLE X IF EXISTS;" before each create statement generated by the results of these queryies (!not in your query input!).
Step 3: For each table name returned from step 1 again, run a SELECT * query and capture full results. You will need to apply a bulk transformation to this query result before outputing to screen to convert each line into an INSERT INTO tblX statement and output the final transformed results to the web page/text file download.
The final web page/text download would have an output of all create statements with "drop table if exists" safeguards, and insert statements. Save the output to your own machine as a ".sql" file, and execute on any backup host as needed.
I'm sorry you have to go through with this. Note that preserving mysql user accounts that you need is something else entirely.
Use / Install PhpMySQLAdmin on your web server and click export. Many web hosts already offer you this as a service pre-configured, and it's easy to install if you don't already have it (pure php): http://www.phpmyadmin.net/
This allows you to export your database(s), as well as perform other otherwise tedious database operations very quickly and easily -- and it works for older versions of PHP < 5.3 (unlike the Mysqldump.php offered as another answer here).
I am aware that the question states 'using query' but I believe the point here is that any means necessary is sought when shell access is not available -- that is how I landed on this page, and PhpMyAdmin saved me!
If you get:
Error: SQLSTATE[42000]: Syntax error or access violation: 1104 The SELECT would examine more than MAX_JOIN_SIZE rows; check your WHERE and use SET SQL_BIG_SELECTS=1 or SET MAX_JOIN_SIZE=# if the SELECT is okay
After uploading cake php app and database from xampp localhost to a remote server.
Having tried importing the cake database into a new db on local machine and works fine. So I couldn't see it being the information imported.
Had no idea how to fix this. Its a simple and common problem with an easy fix as below.
After much hair pulling I managed to find the problem/fix with the help of my good friend ten1 on cakephp IRC chat.
When this is a cakephp specific issue which it was in my case you need to do the un-thinkable and edit the core.
The file you need to edit is AclNode.php Located here: /lib/Cake/Model/AclNode.php
You need to add a line before line 113
112 }
$db->query('SET SQL_BIG_SELECTS=1'); //Add this line
113 $result = $db->read($this, $queryData, -1);
114 $path = array_values($path);
This is generally only a problem on servers with shared hosting.
Rather than editing core file you could add a beforeFind method to your app/models/app_model.php file, if wanted it to affect all over or to your particular model file, like the following:
function beforeFind() {
$this->query('SET SQL_BIG_SELECTS=1');
}
For Cakephp 3 following works:
'Datasources' => [
'default' => [
'init' => array(
PDO::MYSQL_ATTR_INIT_COMMAND => 'SET SESSION SQL_BIG_SELECTS=1',
), // Add this to the existing array
I have a Perl script which retrieves data from MySQL Database. this is the code:
sub startSession{
my $self = shift;
my $dsn = "dbi:".$self{platform}.":".$self{database}.":".$self{host}.":".$self{port};
print "$dsn\n" ;
$self{dbHandle} = DBI->connect($dsn,$user,$password);
}
I have provided every information from an external file. I get the error message
DBI connect('dbname:**.**.**.**:3306','',...) failed: Access denied for user 'root'#'dbserver' (using password: NO) at line 89
Can't call method "prepare" on an undefined value at at line 97
I am very sure the root can connect from any host and the password is also correct.
First, your immediate problem, is as #Sinan Ünür says, that you need to change $self{platform} to $self->{platform}, etc.
Your second immediate problem is that it appears you're getting $user and $password from nowhere (they are not passed to the function, so they are undefined unless they are global variables), which would explain the using password: NO part of the error. Maybe those should be $self->{user} and $self->{password}?
You should considering put this at the top of your module, at least during development, to automatically catch errors like these:
use warnings qw(all);
use strict;
But I'd also comment, that from a design perspective, you really ought to treat DSNs as opaque strings. Each database has its own DSN format. So if you ever want to target a different database, you'll need a different DSN format. Or, possibly, someday MySQL will use a different format (it already has two). Either way, it'll be much easier to change it one place, in a configuration file, than to track down each place you concatenate the various pieces together.
The key part of the warning that I see is "using password: NO". Check that the password is being set properly.
Presumably, $self is a hashref, not a plain hash, and you don't have warnings on. So, turn them on, and use $self->{platform} etc.
I have a script that I want to cron scheduled. Its all fine and dandy when I tested in the browser, working as it should but when run from php cli (php cron.php), mysql_real_escape_string loses the value given.
Any idea why?
UPDATED with code and a connection made before mysql_real_escape_string (but still not working)
$dbh = new PDO("mysql:host=localhost;dbname=xxx", 'xxx', 'xxx');
foreach ($prosArr[$i] as $val => $key) {
$fieldsStr .= "`".trim($val). '` , ';
$fieldVal .= '"'.mysql_real_escape_string($key). '" , ';
}
Here is output print_r of $prosArr[$i] obtained straight from the same CLI script
Array
(
[ProductCode] => 10077
[BranchCode] => 100
[RetailPrice] => 499.0000
[PromotionPrice] => 0.0000
[FullPrice] => 499.0000
)
Do not use mysql_real_escape_string() with PDO. They are different libraries and have are not meant to be used with each other.
Use PDO::Quote or parametrized queries instead.
To use mysql_real_escape_string, you should connect to MySQL first.
On the documentation in the note section
A MySQL connection is required before using mysql_real_escape_string()
otherwise an error of level E_WARNING is generated, and FALSE is
returned. If link_identifier isn't defined, the last MySQL connection
is used.
EDIT: You should use the prepared statement and not mix mysql and PDO API