Hello, I wrote a simple script that will safeguard your database in the blink of an eye, 10 seconds is the time given, together with the script installation. : P
The script was made for the beginners who do not know how protect our database!
For the script to work, you can use it immediately after installing xampp, where the "root" is the default password set to blank.
What action will the script?
How to install script?
Immediately after the installation of Xampp, go to the htdocs folder and change the contents of the file "index.php" to the PHP code shown in the thread, then start Apache and visit http://localhost/index.php, and then delete the index.php!
Remember to save your generated password to the user "root"
Script:
Regards,
Azi.
The script was made for the beginners who do not know how protect our database!
For the script to work, you can use it immediately after installing xampp, where the "root" is the default password set to blank.
What action will the script?
- Removing the user "PMA" for any host, and for the local host, if exists.
- Removing the user "ROOT" for any host, if exists.
- Change user password "ROOT" for the local host, on randomly generated.
How to install script?
Immediately after the installation of Xampp, go to the htdocs folder and change the contents of the file "index.php" to the PHP code shown in the thread, then start Apache and visit http://localhost/index.php, and then delete the index.php!
Remember to save your generated password to the user "root"
Script:
PHP:
<?php
error_reporting(0);
$connect = mysql_connect("localhost", "root", "");
if(!$connect){
echo "Unable to connect to the database for root@localhost. password must be empty (default).";
}else{
$query1 = mysql_query("DROP USER 'root'@'%';");
if($query1){
echo "\"ROOT\"@\"%\" - account for any host has been deleted.!";
}
$query2 = mysql_query("DROP USER 'pma'@'localhost';");
if($query2){
echo "\"PMA\"@\"LOCALHOST\" - account for local host has been deleted.";
}
$query3 = mysql_query("DROP USER 'pma'@'%';");
if($query3){
echo "\"PMA\"@\"%\" - account for any host has been deleted.!";
}
$newpass = rand(1000000000, 9999999999);
$query4 = mysql_query("SET PASSWORD FOR 'root'@'localhost' = PASSWORD( '".$newpass."' )");
if($query4){
echo "<font color=\"red\">\"ROOT\"@\"LOCALHOST\" - root account for localhost password has been changed to: <b>".$newpass."</b>, save this password and don't show it for anybody! If you lost password you can't connect to our database anymore!<BR>Now you can use user \"root\" with this password to connect with your database.</font>";
}
}
?>
Regards,
Azi.