server side problem?
Moderator: General Moderators
server side problem?
Hi,
I've created a webshop that works fine on my offline server and on my online test server.
Now it should run on a commercial server, but it won't work.
1. my php code creates and modifies text files, but changes are not saved. I guess this is a simple rights problem, but how can I solve it - is it a php setting or must the provider himself set the rights?
2. mysql database: There is no phpMyadmin or stuff. How can I set up a database? My code only _uses_ an existing db. In general I know only how to use those sql commands that take effect when you are already connected to a db, but how to send higher mysql commands, like create database or list all existing databases?
3. security: a guy told me to use strong passwords. Which are strong? If I use a pw similar to a php session variable and check its existence in each document, will it be safe?
Kind regards...
I've created a webshop that works fine on my offline server and on my online test server.
Now it should run on a commercial server, but it won't work.
1. my php code creates and modifies text files, but changes are not saved. I guess this is a simple rights problem, but how can I solve it - is it a php setting or must the provider himself set the rights?
2. mysql database: There is no phpMyadmin or stuff. How can I set up a database? My code only _uses_ an existing db. In general I know only how to use those sql commands that take effect when you are already connected to a db, but how to send higher mysql commands, like create database or list all existing databases?
3. security: a guy told me to use strong passwords. Which are strong? If I use a pw similar to a php session variable and check its existence in each document, will it be safe?
Kind regards...
Re: server side problem?
Passwords containing the word "Muscles".bredoteau wrote:3. security: a guy told me to use strong passwords. Which are strong?
Yes, I am kidding.
Re: server side problem?
1. Try outputting the error (change error_reporting to E_ALL), the command to change file permissions on linux is chmodbredoteau wrote:Hi,
I've created a webshop that works fine on my offline server and on my online test server.
Now it should run on a commercial server, but it won't work.
1. my php code creates and modifies text files, but changes are not saved. I guess this is a simple rights problem, but how can I solve it - is it a php setting or must the provider himself set the rights?
2. mysql database: There is no phpMyadmin or stuff. How can I set up a database? My code only _uses_ an existing db. In general I know only how to use those sql commands that take effect when you are already connected to a db, but how to send higher mysql commands, like create database or list all existing databases?
3. security: a guy told me to use strong passwords. Which are strong? If I use a pw similar to a php session variable and check its existence in each document, will it be safe?
2. you can get phpmyadmin for free, google for it. Mysql is free too, phpmyadmin is just a tool for administering mysql databases. The mysql manual teaches you how to create tables and such, phpmyadmin can also do this for you
3. passwords should be case sensitive, containing both uppercase and lowercase characters, contain symbols like underscores and also contain numbers. Passwords should never be shorter then 6 characters, thats the minimum.
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
You pass the command along like you would any ordinary queryIn general I know only how to use those sql commands that take effect when you are already connected to a db, but how to send higher mysql commands, like create database or list all existing databases?
Code: Select all
mysql_query('CREATE TABLE `blah` ... ') or die(mysql_error());- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
For the above to work (depending on setup and mysql users) you may need to have credentials connecting to the database set to a User with permissions to create databases. Don't leave it this way though - if possible.
See a lot of stuff about having such Users setup for PHP Applications which I consider a needless security risk - why put plain text credentials in a PHP file for a User capable of creating/dropping entire databases when a simple User with read/write only permissions is far far safer...
See a lot of stuff about having such Users setup for PHP Applications which I consider a needless security risk - why put plain text credentials in a PHP file for a User capable of creating/dropping entire databases when a simple User with read/write only permissions is far far safer...
Re: server side problem?
OK, but this does not enable php to create NEW files. Modifying existing files works now.1. Try outputting the error (change error_reporting to E_ALL), the command to change file permissions on linux is chmod
I could never get high-leveled messages across to MySQL (like "create database"). Creating or querying tables once I am connected to a db is no problem, so I always used phpmyadmin. I even tried to understand how phpmyadmin does the trick, but I got lost in all those files.2. you can get phpmyadmin for free, google for it. Mysql is free too, phpmyadmin is just a tool for administering mysql databases. The mysql manual teaches you how to create tables and such, phpmyadmin can also do this for you
However, I don't think I can install phpmyadmin simply by uploading it with a ftp program, right? But this is the only thing I can do, coz I am not the server myself.
Thanks!3. passwords should be case sensitive, containing both uppercase and lowercase characters, contain symbols like underscores and also contain numbers. Passwords should never be shorter then 6 characters, thats the minimum.
[/quote]
Thanks, a reasonable comment!Maugrim_The_Reaper wrote:For the above to work (depending on setup and mysql users) you may need to have credentials connecting to the database set to a User with permissions to create databases. Don't leave it this way though - if possible.
See a lot of stuff about having such Users setup for PHP Applications which I consider a needless security risk - why put plain text credentials in a PHP file for a User capable of creating/dropping entire databases when a simple User with read/write only permissions is far far safer...
Yes, I'd like to be able to set up the db and then 'kill' the user at least temporally. But heck, if only they would let me set up my db in the first place!
As said, creating tables is NO problem. How would you create a database or view all existing dbs?Jcart wrote: You pass the command along like you would any ordinary query
Code: Select all
mysql_query('CREATE TABLE `blah` ... ') or die(mysql_error());
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
To create a database:
Listing databases:
http://dev.mysql.com/doc/refman/5.1/en/.. gotto love the manual..
Code: Select all
CREATE DATABASE `test_db`Code: Select all
SHOW DATABASESYeah, but how do I transmit this? Using mysql_query doesn't work.Jcart wrote:To create a database:Listing databases:Code: Select all
CREATE DATABASE `test_db`http://dev.mysql.com/doc/refman/5.1/en/.. gotto love the manual..Code: Select all
SHOW DATABASES
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact: