Thread: Strange. I can logon with an invalid or no password atall
My program is reporting "Logged on." even if I enter an invalid or no password atall. Here is my login function and below is the function that calls it: bool DBConn::Connect(const std::string &host, const std::string &user, const std::string &pass) // Connects to the database { std::string cs = "hostaddr = '" + host + "' port = '' dbname = 'TBDB' user = '" + user + "' password = '" + pass + "' connect_timeout = '10'"; pg_conn = PQconnectdb(cs.c_str()); if (!pg_conn) return false; if (PQstatus(pg_conn) != CONNECTION_OK) return false; return true; } void TBClientFrame::Login(const wxString &user, const wxString &pass) { std::string host("127.0.0.1"); std::string user_str = std::string(user.mb_str(*wxConvCurrent)); std::string pass_str = std::string(pass.mb_str(*wxConvCurrent)); if (db_conn.Connect(host, user_str, pass_str)) wxMessageBox(wxT("Logged on."), wxT("Client Info.")); else { fprintf(stderr, "%s", db_conn.ErrorMsg()); } } It does report an error if the user name is invalid. What could cause this strange behaviour.
Daniel <danwgrace@gmail.com> writes: > My program is reporting "Logged on." even if I enter an invalid or no > password atall. You sure the server is configured to ask for a password? http://www.postgresql.org/docs/8.4/static/client-authentication.html regards, tom lane
> void TBClientFrame::Login(const wxString &user, const wxString &pass) > { > std::string host("127.0.0.1"); > std::string user_str = std::string(user.mb_str(*wxConvCurrent)); > std::string pass_str = std::string(pass.mb_str(*wxConvCurrent)); > if (db_conn.Connect(host, user_str, pass_str)) > wxMessageBox(wxT("Logged on."), wxT("Client Info.")); > else > { > fprintf(stderr, "%s", db_conn.ErrorMsg()); > } > } > > It does report an error if the user name is invalid. What could cause > this strange behaviour. What is in your pg_hba.conf file? Seems like you've got it set to 'trust' for (at least) 127.0.0.1 - try changing that to 'md5' and restarting postgres. -- Postgresql & php tutorials http://www.designmagick.com/
Thanks. I did not realise it was so configurable.
Better too many options than not enough eh? On Thu, Dec 3, 2009 at 2:47 PM, Daniel <danwgrace@gmail.com> wrote: > Thanks. I did not realise it was so configurable. > > -- > Sent via pgsql-general mailing list (pgsql-general@postgresql.org) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general > -- When fascism comes to America, it will be intolerance sold as diversity.