Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
331 views
in Technique[技术] by (71.8m points)

PHP 5.4 PDO could not connect to MySQL 4.1+ using the old insecure authentication

I know there are a tonne of similar questions, in fact I've read all (9) of them.

However, none of them solve my problem.

I have a shared-hosting package (the minimum). What's included in my package is the domain name, and a separate IP address where the MySQL server is hosted. For development, I'm using http://localhost/ with PHP 5.4's development server, and I'm using the MySQL server I get in my hosting package.

The problem arises only on my PC, because I have installed PHP 5.4, but my web host has installed PHP 5.2.17 and won't upgrade. The MySQL server is on MySQL 5.1.50.

Luckily, phpMyAdmin has a built-in "Change Password" feature.

There are two hashing options in phpMyAdmin for changing a password:

  • MySQL 4.1+
  • MySQL 4.0 compatible

I changed the password with the MySQL 4.1+ option, and it confirmed the update was successful.

The profile has been updated. SET PASSWORD = PASSWORD( '***' )

However, when I perform this query:

SELECT @@global.old_passwords, @@session.old_passwords, Length(PASSWORD('abc'));

It tells me the password length is still 16. Output:

1     1     16

And so the problem persists.

Could not connect to database. SQLSTATE[HY000] [2000] mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication. Please use an administration tool to reset your password with the command SET PASSWORD = PASSWORD('your_existing_password'). This will store a new, and more secure, hash value in mysql.user. If this user is used in other scripts executed by PHP 5.2 or earlier you might need to remove the old-passwords flag from your my.cnf file

I've also tried to do these queries, when logged in with the DBO user in phpMyAdmin:

SET SESSION old_passwords=0; 
[phpMyAdmin reloads to the home screen, but the value remains = 1]

SET GLOBAL old_passwords = 0;
#1227 - Access denied; you need the SUPER privilege for this operation

FLUSH PRIVILEGES;
#1227 - Access denied; you need the RELOAD privilege for this operation

This is contradictory to what is stated in the webhost's menu for setting the DBO user:

Database Owner
When you create a new database, you need to specify a Database Owner (DBO) User, which will have
full administrator access to the database.

Is this something I have to take up with my webhosts? Or can it be solved by my DBO user? Otherwise can this be bypassed in PHP? (since it works with PHP 5.2.17 but not PHP 5.4)

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

SOLVED!

Although the SET SESSION old_passwords=0; wasn't working in phpMyAdmin.

I downloaded the MySQL GUI Tools and used the MySQL Query Browser to execute the same command on non-DBO user:

SET SESSION old_passwords = 0;

SELECT @@global.old_passwords, @@session.old_passwords, Length(PASSWORD('abc'));

now returned:

1      0      41

So I simply changed the password:

SET PASSWORD = PASSWORD('my_old_password')

And now PHP 5.4 PDO connects to the database with that user!


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...