On Thursday 22 December 2005 09:44, Darren Austin wrote:
Since MySQL version 4.1.1 there has been a new hashing algorithm used to store database user passwords in MySQL. Unfortunately, the version of DB in roundcube (and the current version in PEAR) do not have the capability to send database user passwords in the new hashed format. The mysqli extension in PHP5 (apparently) doesn't suffer this problem.
The MySQL manual details several ways to correct this issue, but the least intrusive seems to be to "degrade" the password for just the roundcube database user to the old style hashing format, which PHP can use to authenticate. Of course, this can be done for any other databases which need to be accessed from PHP when used with MySQL => 4.1.1.
The full details of the other options are available in the manual, but the quick fix is: # mysql -u root -p mysql Enter password: <blah> mysql> SET PASSWORD FOR 'roundcube'@'localhost' = OLD_PASSWORD('new_password'); mysql> quit
The way around this that I've used (and my preferred method) is to compile a
version of php_mysql that is linked against libmysql14 instead of the older
libmysql12, thus when it connects, it will used the new password algorithm.
The solution works great, and you get to keep the greater security of a more
secure hash.
j----- k-----