SixSense 42 Posted March 28, 2016 Share Posted March 28, 2016 This warning only show up with mysql version 5.6 & 5.7. If you have a lower version please ignore this post. Warning on shell & mysql log: Using a password on the command line interface can be insecure. I know a lot of people use the mysql_query (standard) function from questlib.lua and they get this warning. If you use a mysql user change the above "YOURUSERNAME" and use the command: mysql_config_editor set --login-path=local --host=localhost --user=YOURUSERNAME --password If you use the root mysql user, use the command:mysql_config_editor set --login-path=local --host=localhost --user=root --password Put your password. OK We can see, the system creates a new crypted file: .mylogin.cnf You can see this file on /home/YOURUSERNAME/.mylogin.cnf or for root: /root/.mylogin.cnf Is crypted but you can see what's inside (password is hidden by *****) with the command:mysql_config_editor print --all If you want to enter mysql just use the command: mysql --login-path=local Now .. lets open questlib.lua and remove the mysql_query function and add this new one .. because is not need to read anymore what's inside of CONFIG file (username/password). mysql_query = function(query) math.randomseed(os.time()) local fi,t,out = 'mysql_data_'..math.random(10^9)+math.random(2^4,2^10),{},{} os.execute('mysql --login-path=local -e'..string.format('%q',query)..' > '..fi) for av in io.open(fi,'r'):lines() do table.insert(t,split(av,'\t')) end; os.remove(fi); for i = 2, table.getn(t) do table.foreach(t,function(a,b) out[i-1] = out[i-1] or {} out[i-1][a] = tonumber(b) or b or 'NULL' out[t[1][a]] = out[t[1][a]] or {} out[t[1][a]][i-1] = tonumber(b) or b or 'NULL' end) end out.__lines = t[1] return outend That is all. Have a nice day! 3 Link to comment Share on other sites More sharing options...
Recommended Posts