codine24/7's Profile User Rating: -----

Reputation: 0 Apprentice
Group:
Active Members
Active Posts:
55 (0.07 per day)
Joined:
12-February 12
Profile Views:
1,033
Last Active:
User is offline Jul 26 2013 04:25 PM
Currently:
Offline

Previous Fields

Dream Kudos:
0
Icon   codine24/7 has not set their status

Posts I've Made

  1. In Topic: took privileges away from root

    Posted 2 Jun 2013

    View PostAtli, on 02 June 2013 - 01:37 PM, said:

    If you have access to a terminal (through SSH or telnet?) then you should be able to stop the MySQL server and re-start it with the --skip-grant-tables option. That should allow you to log in with any user and modify the user permissions as needed, and then restart the server normally once you're done.

    The --skip-grant-tables option basically skips the entire user privileges part of the server, giving every user root-like permissions.



    i did that and i had to run this file to allow me to restart the mysql server and be able to grant privileges

    mysql -vv < restore_root_privileges.sql

    update mysql.user set Super_priv='y' where user='root';
    update mysql.user set Select_priv='y' where user='root';
    update mysql.user set Insert_priv='y' where user='root';
    update mysql.user set Update_priv='y' where user='root';
    update mysql.user set Delete_priv='y' where user='root';
    update mysql.user set Create_priv='y' where user='root';
    update mysql.user set Drop_priv='y' where user='root';
    update mysql.user set Reload_priv='y' where user='root';
    update mysql.user set Shutdown_priv='y' where user='root';
    update mysql.user set Process_priv='y' where user='root';
    update mysql.user set File_priv='y' where user='root';
    update mysql.user set Grant_priv='y' where user='root';
    update mysql.user set References_priv='y' where user='root';
    update mysql.user set Index_priv='y' where user='root';
    update mysql.user set Alter_priv='y' where user='root';
    update mysql.user set Show_db_priv='y' where user='root';
    update mysql.user set Super_priv='y' where user='root';
    update mysql.user set Create_tmp_table_priv='y' where user='root';
    update mysql.user set Lock_tables_priv='y' where user='root';
    update mysql.user set Execute_priv='y' where user='root';
    update mysql.user set Repl_slave_priv='y' where user='root';
    update mysql.user set Repl_client_priv='y' where user='root';
    update mysql.user set Create_view_priv='y' where user='root';
    update mysql.user set Show_view_priv='y' where user='root';
    update mysql.user set Create_routine_priv='y' where user='root';
    update mysql.user set Alter_routine_priv='y' where user='root';
    update mysql.user set Create_user_priv='y' where user='root';

    Thank you very much
  2. In Topic: took privileges away from root

    Posted 2 Jun 2013

    View PostAtli, on 02 June 2013 - 01:37 PM, said:

    If you have access to a terminal (through SSH or telnet?) then you should be able to stop the MySQL server and re-start it with the --skip-grant-tables option. That should allow you to log in with any user and modify the user permissions as needed, and then restart the server normally once you're done.

    The --skip-grant-tables option basically skips the entire user privileges part of the server, giving every user root-like permissions.


    that worked somewhat

    but now i get this

    GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT OPTION;


    ERROR 1290 (HY000): The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement

    is

    THANKS for the speedy reply btw
  3. In Topic: unsecure image contents

    Posted 1 Mar 2013

    you need to filter your input. It could be xss or images with other data inside them are being uploaded to your site.

    posting some code of your issue would help a lot.

    all ssl does is protect you from man in the middle. it dose not do a thing for filtering input
  4. In Topic: MySQLi Where Like syntax

    Posted 28 Feb 2013

    you should honestly be using prepared statements for user input.


    
    ob_start();
    
    $db_args = array('host'=>'','username'=>'','password'=>'','db'=>'');
    
    $sql = 'SELECT * FROM tblname WHERE colname = ?';   
    
    $mysql = new Mysqli($db_args['host'],$db_args['username'] , $db_args['password' , $db_args['db']]);     
    //mysqli database connection object
            
            if( !$mysql->connect_errno )//if no connection error
            {
                $stmt = $mysql->stmt_init();//create statement
                
                if($stmt->prepare( $sql ))//prepare sql
                {
                    $stmt->bind_param('s' , $filtered_user_input);
    //bind prepared statement
                        
                    $stmt->execute();
                    
                    $stmt->store_result();//not required but good practice
                    
                    $out_param_col_one = NULL;//out put paramaters
                    $out_param_col_two = NULL;
                    
                    $stmt->bind_result($out_param ,  $out_param_col_two);
    
                    while($stmt->fetch())
                    {
                       echo $out_param_col_one.'<br />';
                       echo $out_param_col_two;//display data
                    }
    
                    $stmt->free_result();//not required
    
                    $stmt->close();//close statement or prepare other sql
                 }
                    $mysql->close();//close database connection
               }
    ob_end_flush();
    
    


    prepared statements
    http://php.net/manua...qli.prepare.php

    mysqli
    http://www.php.net/m...lass.mysqli.php

    mysqli_stmt
    http://www.php.net/m...mysqli-stmt.php
  5. In Topic: php pear mail

    Posted 6 Feb 2013

    setsebool -P httpd_can_network_connect 1

    i ran this under roor in the terminal and it all worked!

    im not sure exactly what it did, i think it just allowed my sockets to connect to a different network.

    Would anyone recoment phpMailer over pear mail? or even vise versa?

My Information

Member Title:
D.I.C Head
Age:
Age Unknown
Birthday:
Birthday Unknown
Gender:

Contact Information

E-mail:
Click here to e-mail me

Friends

codine24/7 hasn't added any friends yet.

Comments

codine24/7 has no profile comments yet. Why not say hello?