0

i am trying to connect to mysql,but it gives a warning mysqli_connect(): (HY000/1045): Access denied for user 'root'@'localhost' (using password: YES) .I think the username and password is correct,because i have access to mysql in komand line.I also created another user and granted him all priveleges but still i have this warning.

I have access to phpMyAdmin.I am using wamp server(apache 2.4.9) and mysql 5.1

     <?php
      $conn = mysqli_connect("localhost", "root", "password");
       ?>
KHM
  • 65
  • 2
  • 8
  • Simple fix: The `root` user account come by default with no password. So change the connection parameters to `$conn = mysqli_connect("localhost", "root", "", 'database_name');` – RiggsFolly Aug 29 '15 at 15:34

3 Answers3

2

Let the following 2 lines fail if user exists and blahblah doesnt matter for now:

create user 'root'@'localhost' identified by 'blahblah';
create user 'root'@'127.0.0.1' identified by 'blahblah';

Do your grants:

grant all on *.* to 'root'@'localhost';
grant all on *.* to 'root'@'127.0.0.1';

Change the password to something you will remember:

set password for 'root'@'localhost' = password('NewPassword');
set password for 'root'@'127.0.0.1' = password('NewPassword');

See how many root users you have. A real user is a user/host combo. The password will show up hashed:

select user,host,password from mysql.user where user='root';

or

select user,host,authentication_string from mysql.user where user='root';

The 2nd one above is for MySQL 5.7

If you get more than the two users above, drop the others such as:

drop user 'root'@'%';   -- this is the wildcard hostname, can be a security risk
drop user 'root'@'::1';

Still have only 2? I hope so. Use the select stmts above to check.

Don't connect a user app using root. root is for maintenance only. It doesn't matter if it is server-side code, or if an admin is running it. Code that is not secured and/or injected with harmful statements gets to run as root. So there, that is why.

Drew
  • 24,120
  • 9
  • 38
  • 72
  • can i drop the host='127.0.0.1'? – KHM Aug 29 '15 at 17:25
  • I wouldn't just in case. That is a safe one. And by having the same passwords like I showed above, you are covered in the case that it is resolved to `127.0.0.1` depending on angle getting in. – Drew Aug 29 '15 at 17:27
  • The wildcard with root (`'root'@'%'`) , and anonymous ones are the ones to drop if you want tight security. – Drew Aug 29 '15 at 17:27
  • now, having `'jane123'@'%'` is a different issue, she can be a good wildcard candidate (consideration) for hostname, assuming locked down security. But not for root, imo – Drew Aug 29 '15 at 17:28
  • i did all the steps,but i still using ('$conn = mysqli_connect("localhost", "root", "") ') to connect to database,how can i change the default password,i want it to be like this($conn = mysqli_connect("localhost", "root", "password") ') – KHM Aug 30 '15 at 03:48
  • if you literally followed all of my steps, literally, without changing anything, and in the end you only have 2 users named root, one for localhost and one for 127.0.0.1, and no other ones for root (when you look in table `mysql.user`) ... then you would do `$conn = mysqli_connect("localhost", "root", "NewPassword")` – Drew Aug 30 '15 at 05:44
  • if that doesnt work, you would need to go over to like `http://www.pastie.org/`, and do each of my steps, `and show the output from each step documented in pastie`, and share that pastie link url, for me to help. Good luck. – Drew Aug 30 '15 at 05:50
  • i have two users, 'root'@localhost and 'root'@'127.0.0.1' ,$conn = mysqli_connect("localhost", "root", "NewPassword") this is not working.I have access to phpmyadmin if i change the password in config.inc .do you think that i have some errors in configuration of mysql or wamp? – KHM Aug 30 '15 at 06:05
  • didnt see the pastie, you must still be putting it together – Drew Aug 30 '15 at 06:17
0

wamp's mysql default configuration sets username root with no password

$conn = mysqli_connect("localhost", "root", "");

the above code should work

evexoio
  • 1,247
  • 10
  • 21
-2

if you are using localhost. it doesnt have password. you will just setup it like this:

<?php
mysql_connect("localhost", "root", "") or die(mysql_error());
mysql_select_db("database name here") or die(mysql_error());
?>
kim de castro
  • 289
  • 4
  • 16