0

This is how a connection is created to MySQL server at localhost

$Connection = mysql_connect("localhost","root","");

But MySQL seems ignoring my username and password, even if I create the connection with some nonsense username & password:

$Connection = mysql_connect("localhost","nonsense-username","");

Both cases give me the $Connection as "resource(39) of type (mysql link)". And this only happens when password is blank. Is it a default behaviour of MySQL to accept any username when password is blank?

But it is supposed to have $Connection equal 'false' when such 'nonsense-username' given. Anything wrong?

Improve this question
0

2 Answers 2

Reset to default
2

I'm going to assume that you've setup the MySQL server on your own computer, without configuring users, permissions or things like that. If that's the case, then the cause might be SQL Safe Mode. If in your php.ini file, sql.safe_mode is set to 1, then PHP will substitute any arguments you pass to mysql_connect() with their defaults. That would certainly explain this behavior. Try looking at phpinfo() to see if that's the case.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

strangely that sql.safe_mode in 'php.ini' is Off
My answer doesn't explain your note that this only happens when the password is blank. AFAIK it's not default MySQL behavior to allow any connection when the password is blank. Does this work for any nonsense username you can think of? What about an empty username?
yes, as long as the password for user 'root' is blank, mysql accepts any alphanumeric username. mysql is driving me crazy...
Why, that's certainly easily checked; just set a root password and see if that fixes things. If you are not the db admin where this site will run, you can count on it that the root password will be set, or you need to change hosing providers. If, on the other hand, you are the db admin where this site will run, it's a good idea to set a root password, and give each database its own user, with privileges just for that database. That way, if there's a security leak, only one database will be compromised. On big sites, db admins will actually create users only for certain tables, or even rows.
0

It seems you have not restarted the webserver after install of php-mysql. Please restart the webserver it should work. I spent two hours debugging that and the simple solution was restart

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.