x10hosting MySQL remote odbc access

quantum1 · Mar 2, 2009

Is it possible to remote access my x10hosting MySQL database via odbc? On my cpanel I have added my remote ip to the database Remote MySQL list, but I am not sure about the x10hosting ip address to use or if this is even possible. Thank you!

xPlozion · Mar 2, 2009

no. the server's firewalls, not cpanel, has the final say as to what information leaves and enters the servers.

last time i heard, x10s firewalls prohibit and disable mySQL requests from entering and exiting these servers (thus only localhost works).

tittat · Mar 3, 2009

x10 don't allows remote mysql connection, i believe.

xav0989 · Mar 6, 2009

You can set up a script that execute and prints the content of queries

Server A/Script A does a file_get_contents call to Server B/Script B, with the query as a get parameter ( and maybe a security token). Script B execute the query and returns the value. Script A now uses the sql records.

Here is an example of the script. Might be a bit buggy.

PHP:

<?php
$db_host = "localhost";
$db_port = "";
$db_login = "username"; //edit
$db_password = "password": //edit
$db_database = "Database name"; //edit
$security_token = "A random value"; //edit

 /* no need to edit passed here */
$db_host = (empty($db_port)) ? $db_host : $db_host . ':' . $db_port;

/* We make sure that the security token is set and right, to prevent unauthorize access */
if (!isset($_GET['token']) || empty($_GET['token']) || $_GET['token'] !== $security_token) {
	/* generate a false 404 error */
	header("HTTP/1.0 404 Not Found", true, 404);
	exit();
}
if (!isset($_GET['query']) || empty($_GET['query'])) {
	exit('No query specified');
}

/* connect to database */
$db = mysql_connect($db_host, $db_login, $db_password);
mysql_select_db($db_database, $db);

/* you need to send the query as serialized */
$query = unserialize($_GET['query']);

$result = @mysql_query($query, $db);

/* invalid query */
if (!$result) {
   $message  = 'Invalid query: ' . mysql_error() . "\n";
   $message .= 'Whole query: ' . $query;
   die($message);
}

/* send the result as serialized */
echo serialize($result);
?>

quantum1 · Mar 11, 2009

xav0989,

Thank you for your code. Someone at work has shown me something like this to get remote file contents. He showed me about SOAP stuff. If I understand your code above I can set up one php that I can get to from a browser which can then do sql stuff for me and return results. Is that correct?

Thanks, again!

woodyl · Mar 17, 2009

Is there any chance that x10 will change the policy to allow ODBC connections through the firewall? That would be a great feature. Is there really a big security issue around allowing those connections?

lair360 · Mar 17, 2009

woodyl said:
Is there any chance that x10 will change the policy to allow ODBC connections through the firewall? That would be a great feature. Is there really a big security issue around allowing those connections?

Yes there is!

1.] SQL injection and attacks.
2.] data management corrupted by hackers.
3.] Server overload.

That is all...

xav0989 · Mar 17, 2009

quantum1 said:
xav0989,

Thank you for your code. Someone at work has shown me something like this to get remote file contents. He showed me about SOAP stuff. If I understand your code above I can set up one php that I can get to from a browser which can then do sql stuff for me and return results. Is that correct?

Thanks, again!

You understood correctly. As always, it would be better to have the mysql and php on the same server or server pool, but this might do...

But remember, never disclose where you hid this script, for security reason.

I will post a link containing the code for both the php server and php client.

quantum1 · Mar 17, 2009

Thank you! After you post the scripts I will use them at work to solve a remote database access problem we are having involving security, ports, stuff like that. Being able to simply access the database through the browser will be great. I can allow a raw sql query to be entered into a browser window and then present the results as a simple html table or something more fancy. This will be cool!

xav0989 · Mar 18, 2009

quantum1 said:
I can allow a raw sql query to be entered into a browser window

You should never allow somebody to enter raw sql queries. With some knowledge of sql and php, they could compromise your account.

If you want to know, I am almost finished, just making sure everything works.

I've done the testing of the server/client. It's now finished. I will post the link hopefully tomorrow. Do not use the code that I posted earlier, since there is a couple of problems.
There is also some limitations. You can use all the sql functions that do not return a resultset (UPDATE, INSERT), but you can only use SELECT to return a resultset.

OKAY GUYS! I HAVE IT!
here's the link: http://afrosoft.co.cc/page/en/scripts
You can download both the client and server code. The server goes on you x10 account, the client on the other account.

xav0989 · Apr 14, 2009

I've changed the page of the scripts. If you want the server part (the part that connects to the database, the link is http://afrosoft.co.cc/script/en/mp-server

If you want the client, or the script that connects to the mp-server, the link is http://afrosoft.co.cc/script/en/mp-client

quantum1 · Apr 15, 2009

Thank you! I have been off the forum for a week or so. I will check out your scripts and see what you have done. And, more importantly, I understand your warnings about security. Actually, the raw sql thing was for me only, or maybe hidden utilities designed by me. Thank you, again, for your time and help.

x10hosting MySQL remote odbc access

quantum1

New Member

xPlozion

New Member

tittat

Active Member

xav0989

Community Public Relation

quantum1

New Member

woodyl

New Member

lair360

New Member

xav0989

Community Public Relation

quantum1

New Member

xav0989

Community Public Relation

xav0989

Community Public Relation

quantum1

New Member

Free Web Hosting

Our Community

Legal