Ice IT Support Posted October 27, 2011 Share Posted October 27, 2011 Hi all, I have a page located at http://customers.iceitsupport.net/howardstreet/index.php that returns this issue: Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'iceitsup_*'@'localhost' (using password: YES) in /home/iceitsup/public_html/Other/Customers/howardstreet/index.php on line 8 All password settings are correct and the user exists and has been assigned to the database. I tried connecting by using the host 'stevie.heliohost.org' and putting '%' in the remote mysql box, but the issue persists. Thanks! P.S. You may enter 'lab' in the username field. No passwords are required. Quote Link to comment Share on other sites More sharing options...
Guest xaav Posted October 27, 2011 Share Posted October 27, 2011 What happens when you connect with your cPanel username and password? Quote Link to comment Share on other sites More sharing options...
Ice IT Support Posted October 30, 2011 Author Share Posted October 30, 2011 It works, thanks! But I don't understand why my "custom" username doesn't work. Quote Link to comment Share on other sites More sharing options...
Guest xaav Posted October 30, 2011 Share Posted October 30, 2011 cPanel isn't granting the permissions on that database to your custom user for some reason. Quote Link to comment Share on other sites More sharing options...
Ice IT Support Posted October 30, 2011 Author Share Posted October 30, 2011 That's alright, this database is only here temporarily, so no need to worry about it. Thanks for your help! Quote Link to comment Share on other sites More sharing options...
hdhdhd Posted November 7, 2011 Share Posted November 7, 2011 have you checked if you added the user correctly and the correct user? Believe me even the best make mistakes sometimes Quote Link to comment Share on other sites More sharing options...
vol7ron Posted November 8, 2011 Share Posted November 8, 2011 Access denied for user 'iceitsup_*'@'localhost' (using password: YES) in /home/iceitsup/public_html/Other/Customers/howardstreet/index.php on line 8 You should never reveal this much information. I now know where your script is, what your username is (or shaped like), and what password you're attempting. In addition, you gave me the database type and location. I think this whole thread should be deleted for security. Quote Link to comment Share on other sites More sharing options...
hdhdhd Posted November 8, 2011 Share Posted November 8, 2011 I AGREE THIS THREAD ISN'T HEALTHY FOR HIM Quote Link to comment Share on other sites More sharing options...
Krydos Posted November 8, 2011 Share Posted November 8, 2011 hdhdhd, I suggest you read http://www.helionet.org/index/topic/2-the-official-spam-guide/ http://www.helionet.org/index/topic/1544-the-official-etiquette-guide/ and http://www.helionet.org/index/topic/3-the-official-enforcement-guide/ If the OP wants anything edited or deleted he need only ask. Quote Link to comment Share on other sites More sharing options...
Guest xaav Posted November 9, 2011 Share Posted November 9, 2011 Just wanted to point out that the password isn't "YES," it's just whether he is using a password or not. Quote Link to comment Share on other sites More sharing options...
Ice IT Support Posted November 9, 2011 Author Share Posted November 9, 2011 I see no need to delete any information for the following reasons: The part of the username released is generic (this format is used on all accounts @ HH) and it is my cPanel username, which is required to be posted anyway.The script path is also generic (all HH accounts are located at /home or /home1 and all website documents are in the public_html folder) and the rest of the path is used to navigate to the page in your web browser (the URL that is also required as an example for the error) Quote Link to comment Share on other sites More sharing options...
vol7ron Posted November 10, 2011 Share Posted November 10, 2011 Just wanted to point out that the password isn't "YES," it's just whether he is using a password or not. Ahh good catch I see no need to delete any information for the following reasons: The part of the username released is generic (this format is used on all accounts @ HH) and it is my cPanel username, which is required to be posted anyway.The script path is also generic (all HH accounts are located at /home or /home1 and all website documents are in the public_html folder) and the rest of the path is used to navigate to the page in your web browser (the URL that is also required as an example for the error) So you're exposing what's known only to HH members, to the rest of the internet, regardless of it's commonality with other CPanel/LAMP installs? And now, I see you are adding more information. I was trying to be helpful, but I am sort of taking your denial as a challenge. Am I correct? Quote Link to comment Share on other sites More sharing options...
Ice IT Support Posted November 10, 2011 Author Share Posted November 10, 2011 What other information did I add? By default, most cPanel installs are configured to store account data on /home, as this has been the case for other hosts I have used. Same with the database usernames. Also I am not trying to challenge anyone. In fact I appreciate your concern, I was simply giving my reasons to why I am not concerned about who sees this information. Quote Link to comment Share on other sites More sharing options...
lladnar Posted November 17, 2011 Share Posted November 17, 2011 Quote Link to comment Share on other sites More sharing options...
Xoviat Posted November 24, 2011 Share Posted November 24, 2011 I hadn't read this before I posted my own thread on exactly the same subject yesterday. I believe that it's something which needs to be addressed as it's just not good practice for regular site users to be wandering around with super user privs. One slip up in the design of a user input and you risk the most extreme example of an SQL injection problem there is. Are there people going around with multiple users assigned and the connections working just fine? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.