Обсуждение: Trying to SELECT via web server using PHP
Greetings,
I've got pgsql running fine from the command line, but I'm having problems using PHP to do a select...suggestions?
<html>
<body>
<?php
$conn = pg_Connect("host=localhost port=5432 dbname=customers");
$result = pg_exec($conn, 'select * from employees');
echo $result;
pg_exec ($database, "commit");
pg_exec ($database, "end");
?>
</body>
</html>
<body>
<?php
$conn = pg_Connect("host=localhost port=5432 dbname=customers");
$result = pg_exec($conn, 'select * from employees');
echo $result;
pg_exec ($database, "commit");
pg_exec ($database, "end");
?>
</body>
</html>
results in:
Warning: PostgresSQL query failed: ERROR: employees: Permission denied. in /home/httpd/html/connect2.php3 on line 6
Warning: 0 is not a PostgresSQL link index in /home/httpd/html/connect2.php3 on line 8
Warning: 0 is not a PostgresSQL link index in /home/httpd/html/connect2.php3 on line 9
Warning: 0 is not a PostgresSQL link index in /home/httpd/html/connect2.php3 on line 8
Warning: 0 is not a PostgresSQL link index in /home/httpd/html/connect2.php3 on line 9
If I change the host, the thing really blows a gasket.
TIA,
> Greetings,
>
> I've got pgsql running fine from the command line, but I'm having =
> problems using PHP to do a select...suggestions?
>
> <html>
> <body>
> <?php
> $conn =3D pg_Connect("host=3Dlocalhost port=3D5432 dbname=3Dcustomers");
> $result =3D pg_exec($conn, 'select * from employees');
> echo $result;
> pg_exec ($database, "commit");
> pg_exec ($database, "end");
> ?>
> </body>
> </html>
>
> results in:
> Warning: PostgresSQL query failed: ERROR: employees: Permission denied. =
> in /home/httpd/html/connect2.php3 on line 6
>
> Warning: 0 is not a PostgresSQL link index in =
> /home/httpd/html/connect2.php3 on line 8
>
> Warning: 0 is not a PostgresSQL link index in =
> /home/httpd/html/connect2.php3 on line 9
>
> If I change the host, the thing really blows a gasket.
>
There may be a couple of things wrong here:
(1) You've granted "nobody" read rights to the table(s)? Don't forget
that user "nobody" is default user of Apache -- and perhaps other
Web servers as well.
(2) My pg_connect statements are all of the form:
pg_connect("localhost","5432","","","library");
Some of the parameters can be omitted but I believe the quotes &
commas are needed.
(3) You are "echoing" your output into a table with a "while"? If not
all you'll get --at best-- is one entry.
Hope that helps .....
....Bill Sneed, Prospect, Maine....
On Sat, 20 Nov 1999, Bill Sneed wrote: > (1) You've granted "nobody" read rights to the table(s)? Don't forget > that user "nobody" is default user of Apache -- and perhaps other > Web servers as well. This is diverging a little bit, but since it comes up quite a lot, I'll say it again: It is absolutely insane to grant user "nobody" any table access rights! It is also a perhaps unfortunate circumstance that the Apache project just silently sets the default user to user "nobody". Reasoning: A number of system daemons and other programs use the user "nobody" when they want to be extremely secure and want to make sure they don't have access to anything. Granting that user access to anything is therefore wrong. If you need your webserver to do all kinds of things on your server, invent a different username, such as "httpd", and run the webserver as that. Before you know it, your "nobody" also owns files, directories, suid programs, if you don't pay attention it might even have catalog update privileges in PostgreSQL. Then some guy comes along and sends email to kmem@yourdomain, the MDA wisely switches to nobody as a preventive measure, and all hell breaks loose once the mail gets into your procmail filters. Just an example. -- Peter Eisentraut Sernanders vaeg 10:115 peter_e@gmx.net 75262 Uppsala http://yi.org/peter-e/ Sweden