When we began creating an application using Struts2 framework with Hibernate and MySQL, we ran into a problem which was related to MySQL timing out its connection after a span of 8 hours when left unused. It conceived a lot of time at our end but we were able to nail down the issue at the end. Steps that we had taken to correct the issue related to Hibernate MySql connection timeout problem are listed below - Download Hibernate C3P0 and copy .jar files - Set c3p0.properties - Make changes to hibernate.cfg.xml - Test MySQL connection timeout - Hibernate, MySQL connection timeout related error messages (more…)

List the listening ports and check if mysql is listed on it. $ netstat -tln | grep mysql If you cannot find the port number for mysql view my.cnf file to see if you can find the port number. If you see a line "skip-networking" try commenting out the line and then restart mysql daemon. $ vi /etc/my.cnf [mysqld] set-variable=local-infile=0 datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock # Default to using old password format for compatibility with mysql 3.x # clients (those using the mysqlclient10 compatibility package). old_passwords=1 skip-networking [mysql.server] user=mysql basedir=/var/lib [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid $ service mysqld restart

Whitelist validation refers to data validation techniques such as checking the data type, data length, input range, nature of data by its format (for e.g. phone number will be ten digits separated by hyphens satisfying the format nnn-nnn-nnnn). Regular expressions may be used for format validation in inputs. Blacklist validation refers to rejecting data based on a know bad list filter. This is not a powerful solution as the list of possible exclusions will be many and it is difficult to implement all possible scenarios. Blacklist validation should be used in conjunction with whitelist validation but in cases where whitelist validation cannot be applied at least blacklist validation should be implemented.

Dynamic SQL (concatenated sql string) is a coding practice where by the queries are built in the program and sent to SQL Server for execution. This can allow the code to be injected into the dynamic queries causing a damage to the database. A good alternative is to use parameterised queries where placeholders are set for the variables. The possibility of queries getting infected with injected code is completely removed with parameterized queries. In addition to parameterized queries, it is alway a best practice to sanitize the input parameters before using them in queries. Also the data input should be encoded appropriately especially in case of dynamic sql usage and to apply appropriate encoding when extracted from the database to avoid cross-site script execution.

The above error message most likely occurs when users change password in one environment (via command line or phpmyadmin) and do not see the changes reflect in other OR if they have forgotten the password that is being set for the environment in question. Following command should help you set/change MySQL password $ mysql -u root -p (more…)

In linux, following commands are used to start/stop/restart mysql $/etc/init.d/mysqld start $/etc/init.d/mysqld restart $/etc/init.d/mysqld stop In windows, mysql runs as a service. C:> net stop mysql C:> net start mysql