$name= $_POST["dbname"];
$pass= $_POST["dbpass"];
$rname= $_POST["rootname"];
$rpass=$_POST["rootpass"];
if ($rname='leave blank for default root name' or $name='')
{
$rname="root";
}
if ($rpass='leave blank if no password assigned')
{
$rpass='';
}
$con = mysql_connect("localhost", $rname, $rpass);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
if (mysql_query("CREATE DATABASE {$name}",$con))
{
echo "Database created";
}
else
{
echo "Error creating database: " . mysql_error();
}
(mysql_query("DATABASEPASSWORD {$pass}",$con));
mysql_close($con);
?>
this is the php script i am using to create database,i am passing rootname=root and rootpass=toor
but i am getting an error
Warning: mysql_connect(): Access denied for user 'root'@'localhost'
(using password: NO) in /var/www/webdefender/script/dbcreate.php on
line 17 Could not connect: Access denied for user 'root'@'localhost'
(using password: NO)
but when i use
$con = mysql_connect("localhost", 'root','toor' );
it works fine
Please help
Answer
You're assigning values in your first 2 checks instead of checking them for equality.
$a = 1; // assigning
$a == 1; // this is a check if 1 is $a is equal to 1
So you're basically resetting your $rpass value to '' (empty string) in:
if ($rpass='leave blank if no password assigned')
{
$rpass='';
}
Change your checks to use == and it will work.
Please to be aware that using root access from scripts is a HUGE security hazard.
No comments:
Post a Comment