Skip to main content

MySQL 4.1+ using old authentication

When I was working with XAMPP in Ubuntu and asked write PHP script to connect to remote MySQL server which is using PASSWORD hash function to save the password for user, and I found following error.

Warning: mysql_connect() [function.mysql-connect]: Premature end of data (mysqlnd_wireprotocol.c:554) in path/to/the/file/where/connection/script/is/written/

Warning: mysql_connect() [function.mysql-connect]: OK packet 1 bytes shorter than expected in path/to/the/file/where/connection/script/is/written/

Warning: mysql_connect() [function.mysql-connect]: mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication. Please use an administration tool to reset your password with the command SET PASSWORD = PASSWORD('your_existing_password'). This will store a new, and more secure, hash value in mysql.user. If this user is used in other scripts executed by PHP 5.2 or earlier you might need to remove the old-passwords flag from your my.cnf file in path/to/the/file/where/connection/script/is/written/

As you will see, the core issue here is that MySQL can have passwords with hashes stored in the old 16-character format, which is not supported by PHP 5.3′s new mysqlnd library.
Since I couldn’t find a good solution with a quick Google, here is how I solved this without having to downgrade PHP or MySQL (as some of the solutions suggested):

1. Change MySQL to NOT to use old_passwords
It seems that even MySQL 5.x versions still default to the old password hashes. You need to change this in “my.cnf” (e.g. /etc/my.cnf): remove or comment out the line that says
old_passwords = 1
Restart MySQL. If you don’t, MySQL will keep using the old password format, which will mean that you cannot upgrade the passwords using the builtin PASSWORD() hashing function. You can test this by running:
 
mysql> SELECT Length(PASSWORD('xyz'));
+-------------------------+
| Length(PASSWORD('xyz')) |
+-------------------------+
|                      16 |
+-------------------------+
1 row in set (0.00 sec)
The old password hashes are 16 characters, the new ones are 41 characters.
2. Change the format of all the passwords in the database to the new format
Connect to the database, and run the following query:
mysql> SELECT user,  Length(`Password`) FROM `mysql`.`user`;

This will show you which passwords are in the old format, ex:
+----------+--------------------+
| user     | Length(`Password`) |
+----------+--------------------+
| root     |                 41 |
| root     |                 16 |
| user2    |                 16 |
| user2    |                 16 |
+----------+--------------------+
Notice here that each user can have multiple rows (one for each different host specification).
To update the password for each user, run the following:
UPDATE mysql.user SET Password = PASSWORD('password') WHERE user = 'username';
Finally, flush privileges:
FLUSH PRIVILEGES;
 
Labels:

Comments

  1. FerencWednesday, June 22, 2011 1:38:00 PM

    Thank You!

    I just solved my problem (new local php version connecting to older mysql server remotely) by changing the php version in my local server settings.
    Thanks for the help.

    ReplyDelete
  2. fonjiTuesday, April 10, 2012 3:14:00 PM

    Thank you so very much!

    ReplyDelete
  3. the great quuxThursday, May 03, 2012 10:41:00 PM

    woah, thanks dude!!

    ReplyDelete
  4. the great quuxThursday, May 03, 2012 10:41:00 PM

    thank you so much!!

    ReplyDelete
  5. AnonymousThursday, June 07, 2012 9:26:00 AM

    Cheers - just ran into this problem after upgrading PHP on FreeBSD 7.4-RELEASE. Previously had been using the mysqlclient option, thought I'd try the new mysqlnd option instead => FAIL ...

    Thankfully resolving the issue on FreeBSD was as easy as just disabling the MYSQLND option in /usr/ports/databases/php5-mysql (make config)

    ReplyDelete
  6. phpinterviewquestions.comFriday, July 20, 2012 10:49:00 AM

    SET SESSION old_passwords=FALSE;
    SET PASSWORD = PASSWORD('[your password]');

    ReplyDelete
  7. UnknownMonday, March 25, 2013 2:33:00 PM

    Thank You sir!
    I just solved my problem.
    I am your student 2012 Oct 5th Batch
    Name : Mahesh

    ReplyDelete

Post a Comment

Want to tell something about this post. Please feel free to write...

Popular posts from this blog

Survey says: PHP passes Microsoft Active Server Pages

By JT Smith on June 11, 2002 (8:00:00 AM) With a faltering economy forcing companies to cut spending whenever possible, less expensive and freely available Open Source software solutions may be gaining in popularity. Those wanting proof can look no further to PHP taking the top server-side scripting spot in a recent Internet host survey. In April 2002, Netcraft's monthly Web server survey revealed that 24 percent, or around 9 million of the 37 million sites it surveyed, were using Hypertext Preprocessor (PHP) for a server side scripting language. For the first time, an Open Source scripting solution had passed Microsoft's proprietary Active Server Pages scripting to claim the top spot on the Netcraft survey. For both the April and May Netcraft surveys, PHP and ASP were almost too close to call, with Microsoft's product offering coming in just a hair under 24 percent of all hosts running a server-side script...
Post a Comment
Find more....

PHP script to upload file securely

How to Write a Secure PHP Script for File Uploads File uploads are a common feature in web applications, but they can introduce significant security risks if not handled properly. In this article, we'll walk through the steps to securely upload files to a server using PHP. We'll cover key security measures such as file validation, limiting file types, setting file size limits, and managing file storage. We will also create reusable functions to handle the upload process. 1. Create the HTML Form First, we need an HTML form that allows users to select and upload a file. Ensure that the form uses the POST method and includes the enctype="multipart/form-data" attribute. <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Secure File Upload</title> </head> <body> <form action="upload.php" method="post" enctype="multipart/...
Post a Comment
Find more....

The 7 Types of Leadership: Inspiring Examples and Insights

Leadership is a multifaceted concept with various styles that cater to different needs and situations. Understanding these styles can help you develop your leadership skills and adapt to diverse scenarios. In this article, we'll explore seven prominent leadership styles, each accompanied by insightful examples from influential authors. Let's dive in! Type 1: Transformational Leadership 🚀 Transformational Leadership: Inspiring Change and Innovation Transformational leadership focuses on inspiring and motivating followers to achieve extraordinary outcomes and, in the process, develop their own leadership capacity. Example from Author: James MacGregor Burns James MacGregor Burns, in his book "Leadership," describes transformational leaders as those who seek to change the status quo by appealing to their followers' values and sense of higher purpose. 🔸 Characteristics: - Inspirational Motivation - Intellectual Stimulation - Individualized Consideration - Idealized I...
Post a Comment
Find more....