Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

newbie php/mysql grant permissions 1

Status
Not open for further replies.
leegold

leegold

Technical User
Joined
Mar 19, 2002
Messages
39
Location
US
I'm a little confused about how to grant user permission whe they come to my web page. Two cases come to mind.

1. Say I have a db I just want to display to a user. Any one who surfs to my page can see this db. So, would I just grant select privilages to everybody? What would be the php code?

2. Say I make a shopping cart someday. Then wouldn't all users need permission to insert of modify tables in some way?

#1 is more important to me right now - just want to render a db on the web to a surfer - just show the data.

Thanks
 
Sort by date Sort by votes
You're not going to be creating multiple users -- just one.

All your scripts will use that single userid to log into MySQL. Your scripts can then manipulate any user's data.



Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
There is a conecptual part that you need to contemplate:
The visitor requests a URL, which is served by your web server. If it is a PHP script the server interprets the code. That code may contain a connection to a MySQL server. It is in fact your PHP interpreting server who talks to the MySQL server.
Hence, you need basically 2 users, if you want only 1:
a) A read-only user that is used to serve public information to the visitors.
b) A read-write user that is used to insert,delete,update records etc.

Your visitors as such never need any permissions. You define the users and their permissions through your PHP code and the queries issued by the code. These queries are pre-defined and you can program it so that only these pre-defined actiona are possible.

This is a different story when you are looking at a MySQL administration tool. That is specifically built to issue any query. The same is true, regardless: The PHP code makes connection to MySQL using one defined r/w or admin user.
 
Upvote 0 Downvote
Sorry I still don't understand the concept.

I want everybody to be able to select my db through php. Maybe if I see the code for the GRANT to allow *everybody* to see (I assume select) the db I could understand.

I assume this doesn't happen automagically - I asume I must grant any surfer the permission to select from the db - so I'm not seeing how in php that is done.

IE. What'd do in PHP to allow allow your db to be viewed on the web - what permission do you grant to the surfer? Is it automagic?


Lee
 
Upvote 0 Downvote
All the requests to the database are made by one user , apache or IIS whatever is the webserver daemon for the server, the only user that needs any ability to read or access the data is the webserver daemon.

joepublic send his request to the webserver, the WEBSERVER queries the db and returns the result.



______________________________________________________________________
There's no present like the time, they say. - Henry's Cat.
 
Upvote 0 Downvote
Here's an example:
Code: 
# Establish a connection to MySQL
$dbLink = mysql_connect('mysqlhost','pubUser','myPassWord') OR die("Cannot connect: ".mysql_error());

# make a query
$SQL = "SELECT * FROM myTable";
$result = mysql_query($SQL);
//etc....

When someone browses to this PHP script the connection is made with the pre-filled parameters:
mysqlhost -> the name of the MySQL server (mostly localhost if on the same machine)
pubUser -> The MySQL user name used to connect [this is the only one that needs to be defined on the MySQL side]
myPassWord -> The MySQL password for the pubUser

Anyone who has access to the page can retrieve the results which are delivered via the user pubUser. No other permissions are necessary. You need to create the user in MySQL and grant the user the privileges you want everyone to have. Everyone is all visitors to your public scripts.
 
Upvote 0 Downvote
So considering the previos post, in mysql I need:

GRANT SELECT ON database_name.* TO pubUser@’%’ IDENTIFIED BY ‘myPassWord’;

Correct? Then any surfer will be able to see the db(?)

Thanks for the help,
Lee
 
Upvote 0 Downvote
yes but you can limit where pubuser connects from (i.e not %) as pubUser wont change locations ... localhost perhaps ?

______________________________________________________________________
There's no present like the time, they say. - Henry's Cat.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cdlvj
  • Locked
  • Question Question
PHP Debugging
Replies
1
Views
769
cdlvj
cdlvj
W
  • Locked
  • Question Question
how to send checked row data in php
Replies
0
Views
619
wiltang2004
W
SashaBuilder3
  • Locked
  • Question Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
1K
SashaBuilder3
SashaBuilder3
R
  • Locked
  • Question Question
How Can I Use MySQL To Send Data To An Email
Replies
1
Views
879
Chris Miller
Chris Miller
lexer
  • Locked
  • Question Question
Join two mysql tables for populate datatable
Replies
3
Views
771
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top