如何检查通过php是否可访问的mysql表
[英]How to check a mysql table accessible or not via php
问题描述
I have self hosted web application and I'm trying to access information_schema table some how it can be disabled in some servers. 
我有一个自托管的Web应用程序,我试图访问information_schema表,以了解如何在某些服务器中将其禁用。 How can check it whether it is accessible or not? 如何检查它是否可访问?
3 个解决方案
解决方案1
2 2015-10-09 15:03:42
Sample Solution To resolve this: 示例解决方案若要解决此问题:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>MySQL Connection Test</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<style type="text/css">
#wrapper {
width: 600px;
margin: 20px auto 0;
font: 1.2em Verdana, Arial, sans-serif;
}
input {
font-size: 1em;
}
#submit {
padding: 4px 8px;
}
</style>
</head>
<body>
<div id="wrapper">
<?php
$action = htmlspecialchars($_GET['action'], ENT_QUOTES);
?>
<?php if (!$action) { ?>
<h1>MySQL connection test</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>?action=test" id="mail" method="post">
<table cellpadding="2">
<tr>
<td>Hostname</td>
<td><input type="text" name="hostname" id="hostname" value="" size="30" tabindex="1" /></td>
<td>(usually "localhost")</td>
</tr>
<tr>
<td>Username</td>
<td><input type="text" name="username" id="username" value="" size="30" tabindex="2" /></td>
<td></td>
</tr>
<tr>
<td>Password</td>
<td><input type="text" name="password" id="password" value="" size="30" tabindex="3" /></td>
<td></td>
</tr>
<tr>
<td>Database</td>
<td><input type="text" name="database" id="database" value="" size="30" tabindex="4" /></td>
<td>(optional)</td>
</tr>
<tr>
<td></td>
<td><input type="submit" id="submit" value="Test Connection" tabindex="5" /></td>
<td></td>
</tr>
</table>
</form>
<?php } ?>
<?php if ($action == "test") {
// The variables have not been adequately sanitized to protect against SQL Injection attacks: http://us3.php.net/mysql_real_escape_string
$hostname = trim($_POST['hostname']);
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$database = trim($_POST['database']);
$link = mysql_connect("$hostname", "$username", "$password");
if (!$link) {
echo "<p>Could not connect to the server '" . $hostname . "'</p>\n";
echo mysql_error();
}else{
echo "<p>Successfully connected to the server '" . $hostname . "'</p>\n";
// printf("MySQL client info: %s\n", mysql_get_client_info());
// printf("MySQL host info: %s\n", mysql_get_host_info());
// printf("MySQL server version: %s\n", mysql_get_server_info());
// printf("MySQL protocol version: %s\n", mysql_get_proto_info());
}
if ($link && !$database) {
echo "<p>No database name was given. Available databases:</p>\n";
$db_list = mysql_list_dbs($link);
echo "<pre>\n";
while ($row = mysql_fetch_array($db_list)) {
echo $row['Database'] . "\n";
}
echo "</pre>\n";
}
if ($database) {
$dbcheck = mysql_select_db("$database");
if (!$dbcheck) {
echo mysql_error();
}else{
echo "<p>Successfully connected to the database '" . $database . "'</p>\n";
// Check tables
$sql = "SHOW TABLES FROM `$database`";
$result = mysql_query($sql);
if (mysql_num_rows($result) > 0) {
echo "<p>Available tables:</p>\n";
echo "<pre>\n";
while ($row = mysql_fetch_row($result)) {
echo "{$row[0]}\n";
}
echo "</pre>\n";
} else {
echo "<p>The database '" . $database . "' contains no tables.</p>\n";
echo mysql_error();
}
}
}
}
?>
</div><!-- end #wrapper -->
</body>
</html>
Reference: [https://ardamis.com/2008/05/26/a-php-script-for-testing-a-mysql-database-connection/][1] 参考: [https://ardamis.com/2008/05/26/a-php-script-for-testing-a-mysql-database-connection/][1]
解决方案2
1 已采纳 2015-10-09 14:50:28
Run SHOW DATABASES and see if information_schema is in the list. 运行SHOW DATABASES并查看information_schema是否在列表中。
But this shouldn't matter right? 但这没关系吧? If you're self hosting you can configure it however you need it. 如果您是自托管的,则可以配置它,但是需要它。
解决方案3
1 2015-10-09 15:00:00
Set database as information_schema and run query "show tables " from selected database . 将数据库设置为information_schema并从所选数据库中运行查询“显示表”。 If you have read access then you will get all the tables from that db. 如果您具有读取访问权限,则将从该数据库获取所有表。 check result of all queries. 检查所有查询的结果。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.