473,324 Members | 2,473 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Create Mysql database?


How do I make PHP create a database for mysql please?
I can see how to make tables and I have read all the documents
I can find but I don't understand how to make the database itself.

All the tutorials I can find seem to bypass the issue by ignoring it?

Am I missunderstanding something?

Thanks
May 11 '07 #1
15 2646
On Fri, 11 May 2007 16:42:23 +0000, harvey wrote:
How do I make PHP create a database for mysql please?
query = "create database fred;";
May 11 '07 #2
In article <pa****************************@you.now>, an*****@you.now
says...
On Fri, 11 May 2007 16:42:23 +0000, harvey wrote:
How do I make PHP create a database for mysql please?

query = "create database fred;";
Oh god is it really that simple - this must be my day
for asking dumb questions.

Thanks for not lauging at me... at least not in public !
May 11 '07 #3
On 11 May, 17:52, harvey <harvey....@blueyonzders.comwrote:
In article <pan.2007.05.11.16.45.46.763...@you.now>, anno...@you.now
says...
On Fri, 11 May 2007 16:42:23 +0000, harvey wrote:
How do I make PHP create a database for mysql please?
query = "create database fred;";

Oh god is it really that simple - this must be my day
for asking dumb questions.

Thanks for not lauging at me... at least not in public !
remember though that it's considered good practise not to have php
use root, give php too many permissions and it will only be time
before your hard work comes back to haunt you, instead get use
to creating the db using the mysql command line (or some helpful gui)
and then immediately create a new user which has rights over this
database, and plug that into the php scripts that use that db,
limiting potential for disaster.

May 11 '07 #4
In article <11**********************@y80g2000hsf.googlegroups .com>,
ma********@gmail.com says...
remember though that it's considered good practise not to have php
use root, give php too many permissions and it will only be time
before your hard work comes back to haunt you, instead get use
to creating the db using the mysql command line (or some helpful gui)
and then immediately create a new user which has rights over this
database, and plug that into the php scripts that use that db,
limiting potential for disaster.

hmmm... I can see that this is likely to get very complicated very
quickly.

My difficlty is I am at the learning stage with PHP and mySQL but I'm
doing this to try and automate the procedures for someone who knows even
less than I do. I need it to create the database and tables and
then update the tables for him from forms in his browser -

I can do most of it but the PHP/Mysql is new to me as I said.

I've bought the Samms PHP,MYsql and Apache - All in One book and am
working through it to get this done but it tends to gloss over
or even ignore the really important stuff such as that you just
mentioned. I'm reasonably Linux oriented so most of it makes sense but
where issues don't arise at all I can miss them. (I'm not at all
impressed with most of the books I've seen I must admit but this one did
seem the best)

Do you have any advice for me on using PHP to create the database appart
from not doing it? (I suspect he doesnt have root access on his web site
either so I'm guessing he needs to use his own ISP provided access - he
does have the mySQL admin package but not the skills to use it -)

Is there anything I can do to limit the problems of creating the database
in PHP? I really don't want to try and get him to do anything manually.
Thanks again.
May 11 '07 #5
On May 11, 10:39 am, harvey <harvey....@blueyonzders.comwrote:

Is there anything I can do to limit the problems of creating the database
in PHP? I really don't want to try and get him to do anything manually.

Thanks again.

Many programs have a "database setup" script that asks for the MySQL
root password and then creates the tables and users for the main
program to use later (the db 'user' it creates has limited
functionality so it cannot mess with other databases or create/delete
tables.) It never records the root PW, once the MySQL users and
tables are done it utilizes only the limited accounts it created.
(probably only requiring root PW later for major upgrades)

May 11 '07 #6
Tom

"harvey" <ha********@blueyonzders.comwrote in message
news:MP************************@news-text.blueyonder.co.uk...
In article <pa****************************@you.now>, an*****@you.now
says...
On Fri, 11 May 2007 16:42:23 +0000, harvey wrote:
How do I make PHP create a database for mysql please?
query = "create database fred;";


Oh god is it really that simple - this must be my day
for asking dumb questions.

Thanks for not lauging at me... at least not in public !
If MySQL was already installed, running, and configured in your PHP setup,
then you should be fine. If you see permission errors though, you might need
to check up on the permission settings in your MySQL setup.

If you do need to, I'd check the MySQL documentation
(http://dev.mysql.com/doc/) on "user account management" to make sure your
username and/or network location (IP address, localhost, etc.) are
configured for access.

Tom
--
Newsguy.com
90+ Days Retention
Higher levels of article completion
Broader newsgroups coverage
May 11 '07 #7
On Fri, 11 May 2007 10:16:55 -0700, shimmyshack wrote:
On 11 May, 17:52, harvey <harvey....@blueyonzders.comwrote:
>In article <pan.2007.05.11.16.45.46.763...@you.now>, anno...@you.now
says...
On Fri, 11 May 2007 16:42:23 +0000, harvey wrote:
How do I make PHP create a database for mysql please?
query = "create database fred;";

Oh god is it really that simple - this must be my day
for asking dumb questions.
Just think of PHP as your front end to your SQL server... anything you can
do in standard ANSI SQL you can do with PHP.
>Thanks for not lauging at me... at least not in public !

remember though that it's considered good practise not to have php
use root, give php too many permissions and it will only be time
before your hard work comes back to haunt you, instead get use
to creating the db using the mysql command line (or some helpful gui)
and then immediately create a new user which has rights over this
database, and plug that into the php scripts that use that db,
limiting potential for disaster.
PHP/Apache/mysql/etc should never run as root and never have to. There
should be no correlation between the accounts used by your public apps and
the system accounts on the box.

That's a fine solution unless you're creating databases dynamically...
which is the only reason I can think of to create a DB with a web
application in the first place.

There is a simple solution however. Control the rights of the web app
using your mysql install. I have one user that has read-only access to the
databases for use when doing look-ups, one user that I grant write access
to the databases for operations that need to write to the database and one
with access to create databases.

I set the default user for my connection to the read-only account and have
to purposefully change the account being used if I want to do anything
other than just read.

You can't inject SQL if the account you're using doesn't have rights to
write to the database.

May 11 '07 #8

"harvey" <ha********@blueyonzders.comwrote in message
news:MP************************@news-text.blueyonder.co.uk...
In article <11**********************@y80g2000hsf.googlegroups .com>,
ma********@gmail.com says...
>remember though that it's considered good practise not to have php
use root, give php too many permissions and it will only be time
before your hard work comes back to haunt you, instead get use
to creating the db using the mysql command line (or some helpful gui)
and then immediately create a new user which has rights over this
database, and plug that into the php scripts that use that db,
limiting potential for disaster.


hmmm... I can see that this is likely to get very complicated very
quickly.

My difficlty is I am at the learning stage with PHP and mySQL but I'm
doing this to try and automate the procedures for someone who knows even
less than I do. I need it to create the database and tables and
then update the tables for him from forms in his browser -

I can do most of it but the PHP/Mysql is new to me as I said.

I've bought the Samms PHP,MYsql and Apache - All in One book and am
working through it to get this done but it tends to gloss over
or even ignore the really important stuff such as that you just
mentioned. I'm reasonably Linux oriented so most of it makes sense but
where issues don't arise at all I can miss them. (I'm not at all
impressed with most of the books I've seen I must admit but this one did
seem the best)

Do you have any advice for me on using PHP to create the database appart
from not doing it? (I suspect he doesnt have root access on his web site
either so I'm guessing he needs to use his own ISP provided access - he
does have the mySQL admin package but not the skills to use it -)

Is there anything I can do to limit the problems of creating the database
in PHP? I really don't want to try and get him to do anything manually.
Its actually quite easy. I too haven't done much in it but I'm pretty much
able to do all basic database stuff I need to.

Essentially you first log into the database using a function, create a sql
query string(which is probably going to be the hardest part but it too is
quite simple once you get over the mental block), and then query the
database with another function.

for example, heres a query for my database to check some stuff

$query="DELETE FROM ips WHERE ip='".mysql_real_escape_string($RMADDR,
$ldblink)."';";
$result = queryldb($query, $ldblink);
function logonldb($database)
{
$user="login";
$password="password";

$link = mysql_connect('localhost', $user, $password);
if (!$link) { dberror("Connection Error!"); }

$db_selected = mysql_select_db($database, $link);
if (!$db_selected) { dberror("Database Error!"); }

return $link;
}
and I use loginldb to log into the database and return the link that is used
in the calls. You also have to log out with somethign like
function logoffldb($link)
{
mysql_close($link);
}

the query function is defined as

function queryldb($query, $link)
{

$result = mysql_query($query, $link);
return $result;
}

also, if you are to get a result then you want to convert the query call
into an array using something like the following

if ($result != false) { $row = mysql_fetch_assoc($result); if ($row ==
false) { unset($row);}} else unset($row);
My wrappers are kinda unnecessary but hopefully you can see how basic it is.
Its just a few function calls and a little bit of setup(query string and
result conversion).
Its much easier than I ever expected and was a relief.

Jon
May 11 '07 #9

"Jon Slaughter" <Jo***********@Hotmail.comwrote in message
news:Yx****************@newssvr21.news.prodigy.net ...
>
"harvey" <ha********@blueyonzders.comwrote in message
news:MP************************@news-text.blueyonder.co.uk...
>In article <11**********************@y80g2000hsf.googlegroups .com>,
ma********@gmail.com says...
>>remember though that it's considered good practise not to have php
use root, give php too many permissions and it will only be time
before your hard work comes back to haunt you, instead get use
to creating the db using the mysql command line (or some helpful gui)
and then immediately create a new user which has rights over this
database, and plug that into the php scripts that use that db,
limiting potential for disaster.


hmmm... I can see that this is likely to get very complicated very
quickly.

My difficlty is I am at the learning stage with PHP and mySQL but I'm
doing this to try and automate the procedures for someone who knows even
less than I do. I need it to create the database and tables and
then update the tables for him from forms in his browser -

I can do most of it but the PHP/Mysql is new to me as I said.

I've bought the Samms PHP,MYsql and Apache - All in One book and am
working through it to get this done but it tends to gloss over
or even ignore the really important stuff such as that you just
mentioned. I'm reasonably Linux oriented so most of it makes sense but
where issues don't arise at all I can miss them. (I'm not at all
impressed with most of the books I've seen I must admit but this one did
seem the best)

Do you have any advice for me on using PHP to create the database appart
from not doing it? (I suspect he doesnt have root access on his web site
either so I'm guessing he needs to use his own ISP provided access - he
does have the mySQL admin package but not the skills to use it -)

Is there anything I can do to limit the problems of creating the database
in PHP? I really don't want to try and get him to do anything manually.

Its actually quite easy. I too haven't done much in it but I'm pretty much
able to do all basic database stuff I need to.

Essentially you first log into the database using a function, create a sql
query string(which is probably going to be the hardest part but it too is
quite simple once you get over the mental block), and then query the
database with another function.

for example, heres a query for my database to check some stuff

$query="DELETE FROM ips WHERE ip='".mysql_real_escape_string($RMADDR,
BTW, the mysql_real_escape_string is used any time the data your sticking
into the database might be used for sql injections. This is where they can
mess whith your query to change it to something else and screw up your
database or get its data. I just wrap it around every variable that I use
just incase.
May 11 '07 #10
>I set the default user for my connection to the read-only account and have
>to purposefully change the account being used if I want to do anything
other than just read.

You can't inject SQL if the account you're using doesn't have rights to
write to the database.
There are plenty of people who would love to inject
select * from credit_card_account_list;
even if the account you're using has no rights to write to the database.
May 11 '07 #11
harvey wrote:
How do I make PHP create a database for mysql please?
I can see how to make tables and I have read all the documents
I can find but I don't understand how to make the database itself.

All the tutorials I can find seem to bypass the issue by ignoring it?

Am I missunderstanding something?

Thanks
Harvey,

Other users have given you great advice. The only caution I can add -
many shared hosting providers don't allow you to create databases except
through their control panel.

Of course, if this is your server, that isn't a problem.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
May 12 '07 #12
On Fri, 11 May 2007 23:02:45 +0000, Gordon Burditt wrote:
>>I set the default user for my connection to the read-only account and
have to purposefully change the account being used if I want to do
anything other than just read.

You can't inject SQL if the account you're using doesn't have rights to
write to the database.

There are plenty of people who would love to inject
select * from credit_card_account_list;
even if the account you're using has no rights to write to the database.
Obviously I was speaking of injections to cause data corruption.

Anyone stupid enough to use credit_card_account_list as a table name
deserves to go out of business.

May 15 '07 #13
On May 15, 4:24 pm, Ivan Marsh <anno...@you.nowwrote:
On Fri, 11 May 2007 23:02:45 +0000, Gordon Burditt wrote:
>I set the default user for my connection to the read-only account and
have to purposefully change the account being used if I want to do
anything other than just read.
>You can't inject SQL if the account you're using doesn't have rights to
write to the database.
There are plenty of people who would love to inject
select * from credit_card_account_list;
even if the account you're using has no rights to write to the database.

Obviously I was speaking of injections to cause data corruption.

Anyone stupid enough to use credit_card_account_list as a table name
deserves to go out of business.
one may gather all the data in a database by blind injecting a query
which asks "true or false" questions. Subtle bahavioural changes in
the app (timings of response, etc...) can lead to knowledge of the
result, without the need to receive error messages back through http,
this prevents WAFs, logs and so on from discovering the existence of
the attack until it has successfully obtained all the info from the
database, "is the first letter of the first table in the database
greater than m?" etc.. etc...
this thwarts security by obscurity, such as calling the credit_card
table something like image_data_for_banner_adverts....

May 15 '07 #14
On Tue, 15 May 2007 09:46:52 -0700, shimmyshack wrote:
On May 15, 4:24 pm, Ivan Marsh <anno...@you.nowwrote:
>On Fri, 11 May 2007 23:02:45 +0000, Gordon Burditt wrote:
>>I set the default user for my connection to the read-only account and
have to purposefully change the account being used if I want to do
anything other than just read.
>>You can't inject SQL if the account you're using doesn't have rights
to write to the database.
There are plenty of people who would love to inject
select * from credit_card_account_list;
even if the account you're using has no rights to write to the
database.

Obviously I was speaking of injections to cause data corruption.

Anyone stupid enough to use credit_card_account_list as a table name
deserves to go out of business.

one may gather all the data in a database by blind injecting a query
which asks "true or false" questions. Subtle bahavioural changes in the
app (timings of response, etc...) can lead to knowledge of the result,
without the need to receive error messages back through http, this
prevents WAFs, logs and so on from discovering the existence of the
attack until it has successfully obtained all the info from the
database, "is the first letter of the first table in the database
greater than m?" etc.. etc...
this thwarts security by obscurity, such as calling the credit_card
table something like image_data_for_banner_adverts....
That being true is it not still more difficult to guess something that's
randomly generated or something that has meaning?
May 15 '07 #15
On May 15, 6:51 pm, Ivan Marsh <anno...@you.nowwrote:
On Tue, 15 May 2007 09:46:52 -0700, shimmyshack wrote:
On May 15, 4:24 pm, Ivan Marsh <anno...@you.nowwrote:
On Fri, 11 May 2007 23:02:45 +0000, Gordon Burditt wrote:
I set the default user for my connection to the read-only account and
have to purposefully change the account being used if I want to do
anything other than just read.
>You can't inject SQL if the account you're using doesn't have rights
to write to the database.
There are plenty of people who would love to inject
select * from credit_card_account_list;
even if the account you're using has no rights to write to the
database.
Obviously I was speaking of injections to cause data corruption.
Anyone stupid enough to use credit_card_account_list as a table name
deserves to go out of business.
one may gather all the data in a database by blind injecting a query
which asks "true or false" questions. Subtle bahavioural changes in the
app (timings of response, etc...) can lead to knowledge of the result,
without the need to receive error messages back through http, this
prevents WAFs, logs and so on from discovering the existence of the
attack until it has successfully obtained all the info from the
database, "is the first letter of the first table in the database
greater than m?" etc.. etc...
this thwarts security by obscurity, such as calling the credit_card
table something like image_data_for_banner_adverts....

That being true is it not still more difficult to guess something that's
randomly generated or something that has meaning?
blind injection is mostly a sledge hammer (but I guess could be coded
to be "cleverer"), so it just asks many questions.

May 15 '07 #16

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
by: lkrubner | last post by:
I have a webserver through Rackspace. I create a domain. I create an FTP user. I upload some files. I create a database called testOfSetupScript and then I create a database user named setup. I...
4
by: Mmm_moo_cows | last post by:
Hi, I'm new to the world of mysql and i'm having alot of trouble with it. All i want to do is create a page with a response form, e.g. name etc and some radio buttons (part of a uni project,...
8
by: W.Davis | last post by:
Group, I'm using ver 5 with winXP. I can access the test database, but can't create a table. I can't create ANY database as I keep getting error 1044 (42000): Access denied for user: '...
1
by: Oscar A. Moreno | last post by:
This is a newbie question. I have installed MySQL 4.1.7-Standard in MacOS X (10.3.5). I have ONLY database test. According to the manual there should be TWO. test and mysql. I have re-run...
0
by: Manzoorul Hassan | last post by:
I just Installed MySQL v4.1.14 and had created a Database (from a script). But I would like to redo the Database portion of it but am not able to drop the Database. If I do a "show database;" I...
2
by: Alicia | last post by:
Does anyone know why I am getting a "Syntax error in Create Table statement". I am using Microsoft Access SQL View to enter it. Any other problems I may run into? CREATE TABLE weeks (...
1
by: Henry16 | last post by:
Hi. Impossible to create a database using MySQL !!! Message : #1006 - Can't create database 'boby'. (errno: 13) I was told : chown mysql.mysql -R /var/lib/mysql chmod 750 -R /var/lib/mysql...
14
by: mistral | last post by:
Need php script to create mySQL database programmatically; since hosting configuration may not allow create database from script, script also need eliminate/rewrite all restrictions in appropriate...
2
by: Hetal | last post by:
Hi... I am a newbie VB.NET developer and i am looking at working with ADO.NET rather than ADO. In one of our native VB application with ADO, we used to create 1 connection object and that would...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.