Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration
Reload this Page ISPC User can create new databases in phpmyadmin
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 19th January 2008, 11:08
grafzahl grafzahl is offline
Junior Member
  
Join Date: Jan 2008
Posts: 10
Thanks: 0
Thanked 2 Times in 2 Posts
Default ISPC User can create new databases in phpmyadmin
Hello,

i think this is a big problem.

If i login in phpmyadmin 2.11.4 as User web10_u1 and go to databases i get a default web10?u1. If i click an "create" the db was really created and can filled with tables and data.

I have test to change the "_" in username with other special chars. This create another databases.

Is this a bug ???

Greets from Germany
Grafzahl
Reply With Quote
Sponsored Links
  #2  
Old 19th January 2008, 22:25
Hans Hans is offline
Moderator
  
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,252
Thanks: 208
Thanked 642 Times in 291 Posts
Send a message via Skype™ to Hans
Default
I can confirm that for example mysqluser web1_u1 can create another database like web1?db1 for example.

The questionmark can be changed in another character and another database can be created indeed. This should not be possible!

I did some tests and this unlikely behaviour was also the case with previous phpmyadmin versions. So i think it has something to do with ISPConfig 2.2.19.
__________________
Hans

BB-Hosting | Quality Web Hosting since 2005
Reply With Quote
  #3  
Old 19th January 2008, 22:50
grafzahl grafzahl is offline
Junior Member
  
Join Date: Jan 2008
Posts: 10
Thanks: 0
Thanked 2 Times in 2 Posts
Default
Okay, i have check this from first point.
MySQL is the problem. Not ISPConfig or phpmyadmin.

On Console i log in MySQL with "mysql -u web1_u1 -p". After succesful login i type "show databases;" an i see web1_db1. Now i enter "create database `web1=db1`;" like phpmyadmin do it and give another "show databases;".

I was shocked. I can see the created database.

I think the only way to solve the problem is to remove the "_" from username. This char can replaces with any other special char.

Greets from Germany
Grafzahl
Reply With Quote
  #4  
Old 20th January 2008, 10:16
Hans Hans is offline
Moderator
  
Join Date: Dec 2005
Location: Montfoort, The Netherlands
Posts: 2,252
Thanks: 208
Thanked 642 Times in 291 Posts
Send a message via Skype™ to Hans
Default
Well, i have to say that i can produce exactly the same as you told us here. It has something to do with MySQL indeed. In my case MySQL 5.0.32. It would be nice if the ? character within the databasename in phpmyadmin would be displayed as _ character and that this can not be changed by the mysqluser of the web.
__________________
Hans

BB-Hosting | Quality Web Hosting since 2005
Reply With Quote
  #5  
Old 20th January 2008, 14:28
till till is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 32,071
Thanks: 697
Thanked 4,249 Times in 3,261 Posts
Default
This is a old mysql bug. If I remember correctly, mysql promised to fix this in MySQL 4.1.x but it seems that tehy still did not fix it. I added this to the ISPConfig bugtracker to remove underscores from mysql usernames.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 31st January 2008, 00:46
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,685
Thanks: 1,899
Thanked 2,600 Times in 2,449 Posts
 
Default
I've just removed the underscores from database names and users in ISPConfig. This will be available with the next release. The changes don't affect existing databases and users.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
Hans (31st January 2008)
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
Anything I can do against illegal login-requests? schmidtedv Installation/Configuration 17 7th November 2008 09:25
log files cruz Technical 3 15th May 2007 14:35
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36
Can't add databases using phpMyAdmin tristanlee85 General 1 19th May 2006 08:45


All times are GMT +2. The time now is 03:03.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.