Greetings, Does anyone have any experience/recommendations regarding the following: I'm doing this app that displays information from a (mysql) database via CGI. this program prints little "change this value" icons next to the values. right now, all users log in with ther login/password, the system looks up whether that user has the rights to edit that particular field in my user-table, and decides whether to display that icon or not. (all perl-scripts connect to the db via the dbi using the same hard-coded username & password)
my question is: would it be better/securer to define access-priveleges for each of my users (ca. 100 in total) on the mysql-grant level, and let all my scripts connect to the databse using the user's login and password, and decide whether the user has "edie" rights for a field by looking that up in the grants-table. are there any pitfalls hidden in that approach? AFAIK, almst everyone seems to connect their scripts witha hardcoded login, but that simply can't be good. sorry if this is a bit OT, but i guess this is something a lot of DBI-users under CGI run into. cheers, M. P.S.: anybody have info regarding that BASIS dataserver?
