Ice IT Support Posted October 27, 2011 Posted October 27, 2011 Hi all, I have a page located at http://customers.iceitsupport.net/howardstreet/index.php that returns this issue: Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'iceitsup_*'@'localhost' (using password: YES) in /home/iceitsup/public_html/Other/Customers/howardstreet/index.php on line 8 All password settings are correct and the user exists and has been assigned to the database. I tried connecting by using the host 'stevie.heliohost.org' and putting '%' in the remote mysql box, but the issue persists. Thanks! P.S. You may enter 'lab' in the username field. No passwords are required.
Guest xaav Posted October 27, 2011 Posted October 27, 2011 What happens when you connect with your cPanel username and password?
Ice IT Support Posted October 30, 2011 Author Posted October 30, 2011 It works, thanks! But I don't understand why my "custom" username doesn't work.
Guest xaav Posted October 30, 2011 Posted October 30, 2011 cPanel isn't granting the permissions on that database to your custom user for some reason.
Ice IT Support Posted October 30, 2011 Author Posted October 30, 2011 That's alright, this database is only here temporarily, so no need to worry about it. Thanks for your help!
hdhdhd Posted November 7, 2011 Posted November 7, 2011 have you checked if you added the user correctly and the correct user? Believe me even the best make mistakes sometimes
vol7ron Posted November 8, 2011 Posted November 8, 2011 Access denied for user 'iceitsup_*'@'localhost' (using password: YES) in /home/iceitsup/public_html/Other/Customers/howardstreet/index.php on line 8 You should never reveal this much information. I now know where your script is, what your username is (or shaped like), and what password you're attempting. In addition, you gave me the database type and location. I think this whole thread should be deleted for security.
Krydos Posted November 8, 2011 Posted November 8, 2011 hdhdhd, I suggest you read http://www.helionet.org/index/topic/2-the-official-spam-guide/ http://www.helionet.org/index/topic/1544-the-official-etiquette-guide/ and http://www.helionet.org/index/topic/3-the-official-enforcement-guide/ If the OP wants anything edited or deleted he need only ask.
Guest xaav Posted November 9, 2011 Posted November 9, 2011 Just wanted to point out that the password isn't "YES," it's just whether he is using a password or not.
Ice IT Support Posted November 9, 2011 Author Posted November 9, 2011 I see no need to delete any information for the following reasons: The part of the username released is generic (this format is used on all accounts @ HH) and it is my cPanel username, which is required to be posted anyway.The script path is also generic (all HH accounts are located at /home or /home1 and all website documents are in the public_html folder) and the rest of the path is used to navigate to the page in your web browser (the URL that is also required as an example for the error)
vol7ron Posted November 10, 2011 Posted November 10, 2011 Just wanted to point out that the password isn't "YES," it's just whether he is using a password or not. Ahh good catch I see no need to delete any information for the following reasons: The part of the username released is generic (this format is used on all accounts @ HH) and it is my cPanel username, which is required to be posted anyway.The script path is also generic (all HH accounts are located at /home or /home1 and all website documents are in the public_html folder) and the rest of the path is used to navigate to the page in your web browser (the URL that is also required as an example for the error) So you're exposing what's known only to HH members, to the rest of the internet, regardless of it's commonality with other CPanel/LAMP installs? And now, I see you are adding more information. I was trying to be helpful, but I am sort of taking your denial as a challenge. Am I correct?
Ice IT Support Posted November 10, 2011 Author Posted November 10, 2011 What other information did I add? By default, most cPanel installs are configured to store account data on /home, as this has been the case for other hosts I have used. Same with the database usernames. Also I am not trying to challenge anyone. In fact I appreciate your concern, I was simply giving my reasons to why I am not concerned about who sees this information.
Xoviat Posted November 24, 2011 Posted November 24, 2011 I hadn't read this before I posted my own thread on exactly the same subject yesterday. I believe that it's something which needs to be addressed as it's just not good practice for regular site users to be wandering around with super user privs. One slip up in the design of a user input and you risk the most extreme example of an SQL injection problem there is. Are there people going around with multiple users assigned and the connections working just fine?
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now