Is there a way to upgrade xampp to the latest version. Once I installed Open AudIT, the security team run the scan over the virtual machine that hosts the application and detected several vulnerabilities that need to be corrected, all of them related to Apache, PHP, and MySQL

    CommentAdd your comment...

    1 answer


      I would...

      Take a backup of MySQL

      c:\xampp\mysql\bin\mysqldump.exe -u root -popenauditrootuserpassword openaudit > c:\open-audit.sql

      Stop Apache and MySQL services.

      Move c:\xampp to c:\xampp.old

      Install new Xampp.

      Copy the following folders from c:\xampp.old to c:\xampp.

      • htdocs
      • open-audit

      Start the MySQL service.

      Run the below to create the database, setup the Open-AudIT user and import your database.

      c:\xampp\mysql\bin\mysql.exe -u root -e "create database openaudit;"
      c:\xampp\mysql\bin\mysql.exe -u root -e "CREATE USER openaudit@localhost IDENTIFIED BY 'openauditpassword';"
      c:\xampp\mysql\bin\mysql.exe -u root -e "GRANT ALL PRIVILEGES ON openaudit.* TO openaudit@localhost IDENTIFIED BY 'openauditpassword'; FLUSH PRIVILEGES;"
      c:\xampp\mysql\bin\mysql.exe -u root openaudit < c:\open-audit.sql

      Start the Apache service.

      Attempt to connect to Open-AudIT.

      NOTE #1 - I have not tested this, but it should workl. If it fails, stop the services (Apache, MySQL), rename the c:\xampp directory to c:\xampp.bad and rename c:\xampp.old to c:\xampp. Then start the services (MySQL and Apache) and you should be back to where you started.

      NOTE #2 - I do not know what version of PHP is currently offered in Xampp, but if it is PHP 8, I would expect some breakage. PHP 8 and Open-AudIT have not been compatibility tested (yet).

      1. Ricardo Mateo

        I have tried the procedure, on the last part when I try to restore the database I'm getting the following error:

        C:\xampp\mysql\bin>mysql.exe -u root openaudit < c:\open-audit.sql
        ERROR: ASCII '\0' appeared in the statement, but this is not allowed unless option --binary-mode is enabled and mysql is run in non-interactive mode. Set --binary-mode to 1 if ASCII '\0' is expected. Query: ' ■-'.

      2. Ricardo Mateo

        I tried to enable the binary mode with no luck, we had to change to CentOs which is easier to update without breaking Open-AudIT.

        Thank you for your replies 

      CommentAdd your comment...