Rectangle 27 3

There is a setting you can alter called 'multi statement' that disables MySQL's 'safety mechanism' implemented to prevent (more than one) injection command. Typical to MySQL's 'brilliant' implementation, it also prevents user from doing efficient queries.

If you're using PHP, you can use mysqli to do multi statements (I think php has shipped with mysqli for a while now)

$con = new mysqli('localhost','user1','password','my_database');
$query = "Update MyTable SET col1='some value' WHERE id=1 LIMIT 1;";
$query .= "UPDATE MyTable SET col1='other value' WHERE id=2 LIMIT 1;";
//etc
$con->multi_query($query);
$con->close();

This is the same as sending the queries separately. The only difference is that you send it all in one network packet, but the UPDATEs will be still processed as separate queries. Better is to wrap them in one transaction, then the changes will be commited to the table at once.

How to wrap them in one transaction? Show us, please.

mysqli::begin_transaction(..)
mysql::commit(..)
START TRANSACTION
COMMIT

sql - Multiple Updates in MySQL - Stack Overflow

mysql sql sql-update
Rectangle 27 3

There is a setting you can alter called 'multi statement' that disables MySQL's 'safety mechanism' implemented to prevent (more than one) injection command. Typical to MySQL's 'brilliant' implementation, it also prevents user from doing efficient queries.

If you're using PHP, you can use mysqli to do multi statements (I think php has shipped with mysqli for a while now)

$con = new mysqli('localhost','user1','password','my_database');
$query = "Update MyTable SET col1='some value' WHERE id=1 LIMIT 1;";
$query .= "UPDATE MyTable SET col1='other value' WHERE id=2 LIMIT 1;";
//etc
$con->multi_query($query);
$con->close();

This is the same as sending the queries separately. The only difference is that you send it all in one network packet, but the UPDATEs will be still processed as separate queries. Better is to wrap them in one transaction, then the changes will be commited to the table at once.

How to wrap them in one transaction? Show us, please.

mysqli::begin_transaction(..)
mysql::commit(..)
START TRANSACTION
COMMIT

sql - Multiple Updates in MySQL - Stack Overflow

mysql sql sql-update
Rectangle 27 8

Note that setting the root passwords only applies the connections coming over IP. The connections from App Engines show to the MySQL server as coming from localhost. So make sure the password for 'root@localhost' is the one you configured in the code.

A quick way to check the state of the passwords is to connect over IP and issue the following query:

mysql> SELECT user,host,password FROM mysql.user;
+-------+-----------+-------------------------------------------+
| user  | host      | password                                  |
+-------+-----------+-------------------------------------------+
| root  | localhost |                                           |
| root  | 127.0.0.1 |                                           |
| root  | ::1       |                                           |
|       | localhost |                                           |
| root  | %         | *3D56A309CD04FA2EEF181462E59011F075C89548 |
| admin | 127.0.0.1 |                                           |
+-------+-----------+-------------------------------------------+
6 rows in set (0.11 sec)

mysql> SELECT password('xxx');
+-------------------------------------------+
| password('xxx')                           |
+-------------------------------------------+
| *3D56A309CD04FA2EEF181462E59011F075C89548 |
+-------------------------------------------+
1 row in set (0.11 sec)

mysql>

The above shows how an instance shows up after setting the root password for connections over IP ('root@%') to 'xxx'. Note that the password for 'root@localhost' is blank so connections from App Engine still do not require any passwords.

php - App engine fails to connect to Google cloud sql - Stack Overflow

php google-app-engine google-cloud-sql
Rectangle 27 8

Note that setting the root passwords only applies the connections coming over IP. The connections from App Engines show to the MySQL server as coming from localhost. So make sure the password for 'root@localhost' is the one you configured in the code.

A quick way to check the state of the passwords is to connect over IP and issue the following query:

mysql> SELECT user,host,password FROM mysql.user;
+-------+-----------+-------------------------------------------+
| user  | host      | password                                  |
+-------+-----------+-------------------------------------------+
| root  | localhost |                                           |
| root  | 127.0.0.1 |                                           |
| root  | ::1       |                                           |
|       | localhost |                                           |
| root  | %         | *3D56A309CD04FA2EEF181462E59011F075C89548 |
| admin | 127.0.0.1 |                                           |
+-------+-----------+-------------------------------------------+
6 rows in set (0.11 sec)

mysql> SELECT password('xxx');
+-------------------------------------------+
| password('xxx')                           |
+-------------------------------------------+
| *3D56A309CD04FA2EEF181462E59011F075C89548 |
+-------------------------------------------+
1 row in set (0.11 sec)

mysql>

The above shows how an instance shows up after setting the root password for connections over IP ('root@%') to 'xxx'. Note that the password for 'root@localhost' is blank so connections from App Engine still do not require any passwords.

php - App engine fails to connect to Google cloud sql - Stack Overflow

php google-app-engine google-cloud-sql
Rectangle 27 1

Start the MySQL server instance or daemon with the --skip-grant-tables option (security setting).

$ mysqld --skip-grant-tables
$ mysql -u root mysql

$mysql> UPDATE user SET Password=PASSWORD('my_password') where USER='root';
$mysql> FLUSH PRIVILEGES;

If you face the unknown field Password error above use:

update user set authentication_string=password('my_password') where user='root';

Finally, restart the instance/daemon without the --skip-grant-tables option.

$ /etc/init.d/mysql restart

Not working,even not able to execute $ mysqld --skip-grant-tables

mysql - 1045 - Access denied for user after executing query - Stack Ov...

mysql phpmyadmin mysql-error-1064
Rectangle 27 201

DATABASES
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql', 
        'NAME': 'DB_NAME',
        'USER': 'DB_USER',
        'PASSWORD': 'DB_PASSWORD',
        'HOST': 'localhost',   # Or an IP Address that your DB is hosted on
        'PORT': '3306',
    }
}

You also have the option of utilizing MySQL option files, as of Django 1.7. You can accomplish this by setting your DATABASES array like so:

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'OPTIONS': {
            'read_default_file': '/path/to/my.cnf',
        },
    }
}

You also need to create the /path/to/my.cnf file with similar settings from above

[client]
database = DB_NAME
host = localhost
user = DB_USER
password = DB_PASSWORD
default-character-set = utf8

With this new method of connecting in Django 1.7, it is important to know the order connections are established:

1. OPTIONS.
2. NAME, USER, PASSWORD, HOST, PORT
3. MySQL option files.

In other words, if you set the name of the database in OPTIONS, this will take precedence over NAME, which would override anything in a MySQL option file.

If you are just testing your application on your local machine, you can use

python manage.py runserver

Adding the ip:port argument allows machines other than your own to access your development application. Once you are ready to deploy your application, I recommend taking a look at the chapter on Deploying Django on the djangobook

Mysql default character set is often not utf-8, therefore make sure to create your database using this sql:

CREATE DATABASE mydatabase CHARACTER SET utf8 COLLATE utf8_bin

If you are using Oracle's MySQL connector your ENGINE line should look like this:

'ENGINE': 'mysql.connector.django',

python - Setting Django up to use MySQL - Stack Overflow

python mysql django debian
Rectangle 27 3

Andy's answer helps but if you have concern on exposing your database password in your django setting, I suggest to follow django official configuration on mysql connection: https://docs.djangoproject.com/en/1.7/ref/databases/

# settings.py
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'OPTIONS': {
            'read_default_file': '/path/to/my.cnf',
        },
    }
}


# my.cnf
[client]
database = NAME
user = USER
password = PASSWORD
default-character-set = utf8

To replace 'HOST': '127.0.0.1' in setting, simply add it in my.cnf:

# my.cnf
[client]
database = NAME
host = HOST NAME or IP
user = USER
password = PASSWORD
default-character-set = utf8
'OPTIONS': {
   'init_command': 'SET storage_engine=INNODB',
}

python - Setting Django up to use MySQL - Stack Overflow

python mysql django debian
Rectangle 27 3

Note: This tutorial was last tested with gitlab 8.2 installed from source.

This tutorial aims to describe how to modify a Gitlab installation to use the users credentials to authenticate with the LDAP server. By default Gitlab relies on anonymous binding or a special querying user to ask the LDAP server about the existence of a user before authenticating her with her own credentials. For security reasons, however, many administrators disable anonymous binding and forbid the creation of special querying LDAP users.

In this tutorial we assume that we have a gitlab setup at gitlab.example.com and an LDAP server running on ldap.example.com, and users have a DN of the following form: CN=username,OU=Users,OU=division,OU=department,DC=example,DC=com.

First, we replace the omniauth-ldap module with this derivation. To achieve this we apply the following patch to gitlab/Gemfile:

diff --git a/Gemfile b/Gemfile
index 1171eeb..f25bc60 100644
--- a/Gemfile
+++ b/Gemfile
@@ -44,4 +44,5 @@ gem 'gitlab-grack', '~> 2.0.2', require: 'grack'
 # LDAP Auth
 # GitLab fork with several improvements to original library. For full list of changes 
 # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
-gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
+#gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
+gem 'gitlab_omniauth-ldap', :git => 'https://github.com/zakkak/omniauth-ldap.git', require: 'net-ldap', require: "omniauth-ldap"

Now, we need to perform the following actions:

lib/omniauth/strategies/ldap.rb
gitlab/vendor/bundle/ruby/2.x.x/bundler/gems/omniauth-ldap
diff --git a/lib/omniauth/strategies/ldap.rb b/lib/omniauth/strategies/ldap.rb
index 9ea62b4..da5e648 100644
--- a/lib/omniauth/strategies/ldap.rb
+++ b/lib/omniauth/strategies/ldap.rb
@@ -39,7 +39,7 @@ module OmniAuth
         return fail!(:missing_credentials) if missing_credentials?

         # The HACK!  FIXME: do it in a more generic/configurable way
-        @options[:bind_dn]  = "CN=#{request['username']},OU=Test,DC=my,DC=example,DC=com"
+        @options[:bind_dn]  = "CN=#{request['username']},OU=Users,OU=division,OU=department,DC=example,DC=com"
         @options[:password] = request['password']
         @adaptor = OmniAuth::LDAP::Adaptor.new @options

With this module, gitlab uses the user's credentials to bind to the LDAP server and query it, as well as, to authenticate the user herself.

This however will only work as long as the users do not use ssh-keys to authenticate with Gitlab. When authenticating through an ssh-key, by default Gitlab queries the LDAP server to find out whether the corresponding user is (still) a valid user or not. At this point, we cannot use the user credentials to query the LDAP server, since the user did not provide them to us. As a result we disable this mechanism, essentially allowing users with registered ssh-keys but removed from the LDAP server to still use our Gitlab setup. To prevent such users from being able to still use your Gitlab setup, you will have to manually delete their ssh-keys from any accounts in your setup.

gitlab/lib/gitlab/ldap/access.rb
diff --git a/lib/gitlab/ldap/access.rb b/lib/gitlab/ldap/access.rb
index 16ff03c..9ebaeb6 100644
--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@@ -14,15 +14,16 @@ module Gitlab
       end

       def self.allowed?(user)
-        self.open(user) do |access|
-          if access.allowed?
-            user.last_credential_check_at = Time.now
-            user.save
-            true
-          else
-            false
-          end
-        end
+        true
+        # self.open(user) do |access|
+        #   if access.allowed?
+        #     user.last_credential_check_at = Time.now
+        #     user.save
+        #     true
+        #   else
+        #     false
+        #   end
+        # end
       end

       def initialize(user, adapter=nil)
@@ -32,20 +33,21 @@ module Gitlab
       end

def allowed?
-        if Gitlab::LDAP::Person.find_by_dn(user.ldap_identity.extern_uid, adapter)
-          return true unless ldap_config.active_directory
+        true
+        # if Gitlab::LDAP::Person.find_by_dn(user.ldap_identity.extern_uid, adapter)
+        #   return true unless ldap_config.active_directory

-          # Block user in GitLab if he/she was blocked in AD
-          if Gitlab::LDAP::Person.disabled_via_active_directory?(user.ldap_identity.extern_uid, adapter)
-            user.block unless user.blocked?
-            false
-          else
-            user.activate if user.blocked? && !ldap_config.block_auto_created_users
-            true
-          end
-        else
-          false
-        end
+        #   # Block user in GitLab if he/she was blocked in AD
+        #   if Gitlab::LDAP::Person.disabled_via_active_directory?(user.ldap_identity.extern_uid, adapter)
+        #     user.block unless user.blocked?
+        #     false
+        #   else
+        #     user.activate if user.blocked? && !ldap_config.block_auto_created_users
+        #     true
+        #   end
+        # else
+        #   false
+        # end
rescue
false
end

In gitlab.yml use something like the following (modify to your needs):

#
# 2. Auth settings
# ==========================

## LDAP settings
# You can inspect a sample of the LDAP users with login access by running:
#   bundle exec rake gitlab:ldap:check RAILS_ENV=production
ldap:
  enabled: true
  servers:
    ##########################################################################
    #
    # Since GitLab 7.4, LDAP servers get ID's (below the ID is 'main'). GitLab
    # Enterprise Edition now supports connecting to multiple LDAP servers.
    #
    # If you are updating from the old (pre-7.4) syntax, you MUST give your
    # old server the ID 'main'.
    #
    ##########################################################################
    main: # 'main' is the GitLab 'provider ID' of this LDAP server
      ## label
      #
      # A human-friendly name for your LDAP server. It is OK to change the label later,
      # for instance if you find out it is too large to fit on the web page.
      #
      # Example: 'Paris' or 'Acme, Ltd.'
      label: 'LDAP_EXAMPLE_COM'

      host: ldap.example.com
      port: 636
      uid: 'sAMAccountName'
      method: 'ssl' # "tls" or "ssl" or "plain"
      bind_dn: ''
      password: ''

      # This setting specifies if LDAP server is Active Directory LDAP server.
      # For non AD servers it skips the AD specific queries.
      # If your LDAP server is not AD, set this to false.
      active_directory: true

      # If allow_username_or_email_login is enabled, GitLab will ignore everything
      # after the first '@' in the LDAP username submitted by the user on login.
      #
      # Example:
      # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
      # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
      #
      # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
      # disable this setting, because the userPrincipalName contains an '@'.
      allow_username_or_email_login: false

      # To maintain tight control over the number of active users on your GitLab installation,
      # enable this setting to keep new users blocked until they have been cleared by the admin
      # (default: false).
      block_auto_created_users: false

      # Base where we can search for users
      #
      #   Ex. ou=People,dc=gitlab,dc=example
      #
      base: 'OU=Users,OU=division,OU=department,DC=example,DC=com'

      # Filter LDAP users
      #
      #   Format: RFC 4515 http://tools.ietf.org/search/rfc4515
      #   Ex. (employeeType=developer)
      #
      #   Note: GitLab does not support omniauth-ldap's custom filter syntax.
      #
      user_filter: '(&(objectclass=user)(objectclass=person))'

setting up gitlab LDAP-authentication without special gitlab user - St...

ldap gitlab
Rectangle 27 3

Note: This tutorial was last tested with gitlab 8.2 installed from source.

This tutorial aims to describe how to modify a Gitlab installation to use the users credentials to authenticate with the LDAP server. By default Gitlab relies on anonymous binding or a special querying user to ask the LDAP server about the existence of a user before authenticating her with her own credentials. For security reasons, however, many administrators disable anonymous binding and forbid the creation of special querying LDAP users.

In this tutorial we assume that we have a gitlab setup at gitlab.example.com and an LDAP server running on ldap.example.com, and users have a DN of the following form: CN=username,OU=Users,OU=division,OU=department,DC=example,DC=com.

First, we replace the omniauth-ldap module with this derivation. To achieve this we apply the following patch to gitlab/Gemfile:

diff --git a/Gemfile b/Gemfile
index 1171eeb..f25bc60 100644
--- a/Gemfile
+++ b/Gemfile
@@ -44,4 +44,5 @@ gem 'gitlab-grack', '~> 2.0.2', require: 'grack'
 # LDAP Auth
 # GitLab fork with several improvements to original library. For full list of changes 
 # see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master
-gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
+#gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap"
+gem 'gitlab_omniauth-ldap', :git => 'https://github.com/zakkak/omniauth-ldap.git', require: 'net-ldap', require: "omniauth-ldap"

Now, we need to perform the following actions:

lib/omniauth/strategies/ldap.rb
gitlab/vendor/bundle/ruby/2.x.x/bundler/gems/omniauth-ldap
diff --git a/lib/omniauth/strategies/ldap.rb b/lib/omniauth/strategies/ldap.rb
index 9ea62b4..da5e648 100644
--- a/lib/omniauth/strategies/ldap.rb
+++ b/lib/omniauth/strategies/ldap.rb
@@ -39,7 +39,7 @@ module OmniAuth
         return fail!(:missing_credentials) if missing_credentials?

         # The HACK!  FIXME: do it in a more generic/configurable way
-        @options[:bind_dn]  = "CN=#{request['username']},OU=Test,DC=my,DC=example,DC=com"
+        @options[:bind_dn]  = "CN=#{request['username']},OU=Users,OU=division,OU=department,DC=example,DC=com"
         @options[:password] = request['password']
         @adaptor = OmniAuth::LDAP::Adaptor.new @options

With this module, gitlab uses the user's credentials to bind to the LDAP server and query it, as well as, to authenticate the user herself.

This however will only work as long as the users do not use ssh-keys to authenticate with Gitlab. When authenticating through an ssh-key, by default Gitlab queries the LDAP server to find out whether the corresponding user is (still) a valid user or not. At this point, we cannot use the user credentials to query the LDAP server, since the user did not provide them to us. As a result we disable this mechanism, essentially allowing users with registered ssh-keys but removed from the LDAP server to still use our Gitlab setup. To prevent such users from being able to still use your Gitlab setup, you will have to manually delete their ssh-keys from any accounts in your setup.

gitlab/lib/gitlab/ldap/access.rb
diff --git a/lib/gitlab/ldap/access.rb b/lib/gitlab/ldap/access.rb
index 16ff03c..9ebaeb6 100644
--- a/lib/gitlab/ldap/access.rb
+++ b/lib/gitlab/ldap/access.rb
@@ -14,15 +14,16 @@ module Gitlab
       end

       def self.allowed?(user)
-        self.open(user) do |access|
-          if access.allowed?
-            user.last_credential_check_at = Time.now
-            user.save
-            true
-          else
-            false
-          end
-        end
+        true
+        # self.open(user) do |access|
+        #   if access.allowed?
+        #     user.last_credential_check_at = Time.now
+        #     user.save
+        #     true
+        #   else
+        #     false
+        #   end
+        # end
       end

       def initialize(user, adapter=nil)
@@ -32,20 +33,21 @@ module Gitlab
       end

def allowed?
-        if Gitlab::LDAP::Person.find_by_dn(user.ldap_identity.extern_uid, adapter)
-          return true unless ldap_config.active_directory
+        true
+        # if Gitlab::LDAP::Person.find_by_dn(user.ldap_identity.extern_uid, adapter)
+        #   return true unless ldap_config.active_directory

-          # Block user in GitLab if he/she was blocked in AD
-          if Gitlab::LDAP::Person.disabled_via_active_directory?(user.ldap_identity.extern_uid, adapter)
-            user.block unless user.blocked?
-            false
-          else
-            user.activate if user.blocked? && !ldap_config.block_auto_created_users
-            true
-          end
-        else
-          false
-        end
+        #   # Block user in GitLab if he/she was blocked in AD
+        #   if Gitlab::LDAP::Person.disabled_via_active_directory?(user.ldap_identity.extern_uid, adapter)
+        #     user.block unless user.blocked?
+        #     false
+        #   else
+        #     user.activate if user.blocked? && !ldap_config.block_auto_created_users
+        #     true
+        #   end
+        # else
+        #   false
+        # end
rescue
false
end

In gitlab.yml use something like the following (modify to your needs):

#
# 2. Auth settings
# ==========================

## LDAP settings
# You can inspect a sample of the LDAP users with login access by running:
#   bundle exec rake gitlab:ldap:check RAILS_ENV=production
ldap:
  enabled: true
  servers:
    ##########################################################################
    #
    # Since GitLab 7.4, LDAP servers get ID's (below the ID is 'main'). GitLab
    # Enterprise Edition now supports connecting to multiple LDAP servers.
    #
    # If you are updating from the old (pre-7.4) syntax, you MUST give your
    # old server the ID 'main'.
    #
    ##########################################################################
    main: # 'main' is the GitLab 'provider ID' of this LDAP server
      ## label
      #
      # A human-friendly name for your LDAP server. It is OK to change the label later,
      # for instance if you find out it is too large to fit on the web page.
      #
      # Example: 'Paris' or 'Acme, Ltd.'
      label: 'LDAP_EXAMPLE_COM'

      host: ldap.example.com
      port: 636
      uid: 'sAMAccountName'
      method: 'ssl' # "tls" or "ssl" or "plain"
      bind_dn: ''
      password: ''

      # This setting specifies if LDAP server is Active Directory LDAP server.
      # For non AD servers it skips the AD specific queries.
      # If your LDAP server is not AD, set this to false.
      active_directory: true

      # If allow_username_or_email_login is enabled, GitLab will ignore everything
      # after the first '@' in the LDAP username submitted by the user on login.
      #
      # Example:
      # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
      # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
      #
      # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
      # disable this setting, because the userPrincipalName contains an '@'.
      allow_username_or_email_login: false

      # To maintain tight control over the number of active users on your GitLab installation,
      # enable this setting to keep new users blocked until they have been cleared by the admin
      # (default: false).
      block_auto_created_users: false

      # Base where we can search for users
      #
      #   Ex. ou=People,dc=gitlab,dc=example
      #
      base: 'OU=Users,OU=division,OU=department,DC=example,DC=com'

      # Filter LDAP users
      #
      #   Format: RFC 4515 http://tools.ietf.org/search/rfc4515
      #   Ex. (employeeType=developer)
      #
      #   Note: GitLab does not support omniauth-ldap's custom filter syntax.
      #
      user_filter: '(&(objectclass=user)(objectclass=person))'

setting up gitlab LDAP-authentication without special gitlab user - St...

ldap gitlab
Rectangle 27 1

The percent symbol means: any host, including remote and local connections.

The localhost allows only local connections.

(so to start off, if you don't need remote connections to your database, you can get rid of the appuser@'%' user right away)

...there is a reason for setting both types of accounts, this is explained in the mysql docs: http://dev.mysql.com/doc/refman/5.7/en/adding-users.html.

If you have an have an anonymous user on your localhost, which you can spot with:

select Host from mysql.user where User='' and Host='localhost';

and if you just create the user appuser@'%' (and you not the appuser@'localhost'), then when the appuser mysql user connects from the local host, the anonymous user account is used (it has precedence over your appuser@'%' user).

And the fix for this is (as one can guess) to create the appuser@'localhost' (which is more specific that the local host anonymous user and will be used if your appuser connects from the localhost).

Using % for host when creating a MySQL user - Stack Overflow

mysql
Rectangle 27 0

I faced the exact same issue. while setting up the ror app all the rake commands worked fine. mysql was simply accessible from linux console by simply typing "mysql" and it take to mysql console and database.yml was using root user with empty password.

Exact same setup was working on other dev instances but after spending a full day i got the solution.

*evelopment: &development
  adapter: mysql2
  database: development
  encoding: utf8
  username: root
  password:
  host: localhost
  socket: /var/run/mysqld/mysqld.sock*

Then application tries to connect to mysql as "mysql -u root -h localhost" and in my case this command was giving following error.

*$mysql -u root -h 127.0.0.1
ERROR 1698 (28000): Access denied for user 'root'@'localhost'*

After adjusting root user with following, issue resolved.

*sudo mysql -u root
use mysql;
update user set plugin='' where User='root';
flush privileges;
exit;*

Rails Passenger & mysql Access denied for user - Stack Overflow

mysql ruby-on-rails apache passenger
Rectangle 27 0

You have to find a way to connect to your MySQL instance. There are two ways, TCP (networking, even if that network address is 127.0.0.1) and sockets (a file such as /var/run/mysqld/mysql.sock). Generally, MySQL is configured out of the box to listen on both, and again in general there's little difference between the two. You have to be careful when creating or editing permissions that they match the connection type, user bob@localhost is different from user bob@127.0.0.1. I tend to use sockets and that's also what your script is trying to do by default. You could tell it to connect via TCP, but it's just as easy to tell it the proper path to the socket.

Anyway, for me the quickest way to figure it out is to try the command line tool. If you can do mysql -u root -p at the command line and get a MYSQL> shell prompt, type in "STATUS" and look for the Connection line, which might read Localhost via UNIX socket; and a bit further down you might see a line like "UNIX socket: /var/run/mysqld/mysql.sock" in which case you just tell your PHP script or global PHP configuration about the socket path, because right now it's looking in /tmp/mysql.sock which doesn't exist.

You can also see this when you log in to phpMyAdmin, it should display on the right hand side of the page some "Database Server" information -- look here for the "Server" line which might read something like "phpMyAdmin demo - MySQL (192.168.30.23 via TCP/IP" (a clear indication you're connecting over TCP).

Anyway, whichever method you use to find the path to the socket or deciding to use TCP networking, see the PHP manual page for information about using that to connect. You can also just set the global path in php.ini for the socket (which is what I'd suggest you do), then you don't have to set it manually in each script as it just uses the php.ini setting as a default. You may need to set each of the values for pdo_mysql.default_socket, mysql.default_socket, and mysqli.default_socket (though in your code you're only using mysqli, so technically you only need to set the last value...but why risk confusing your future self with questions like "why would mysqli work but pdo fail?" -- just set them all now and don't worry about it).

php - Trouble Connection to phpMyAdmin MySQL database - Stack Overflow

php mysql database phpmyadmin database-connection
Rectangle 27 0

You must create a MySQL database first. Then go to settings.py file and edit the 'DATABASES' dictionary with your MySQL credentials:

DATABASES = {
 'default': {
 'ENGINE': 'django.db.backends.mysql',
 'NAME': 'YOUR_DATABASE_NAME',
 'USER': 'YOUR_MYSQL_USER',
 'PASSWORD': 'YOUR_MYSQL_PASS',
 'HOST': 'localhost',   # Or an IP that your DB is hosted on
 'PORT': '3306',
 }
}

python - Setting Django up to use MySQL - Stack Overflow

python mysql django debian