The answer is you create one user for the PHP (webserver) process to use. Then you keep track of user permissions in your application code. This probably involves creating your own user table within your own database and storing users of your site there. Then in the other tables you associate items with users, like in your fav_book table one of the fields would be user_id, and would allow you to figure out which user the favorite entry belonged to.
You do not create mysql users to represent application users however as the users don't access the database, the webserver does. On Thu, 2004-11-04 at 20:53 +0000, Matthew Benton wrote: > Hello all, > > Basic question about creating a database that will be accessed by many users. > Do I create one web user account with no password in the mysql.user table or > add each user to the mysql.user table as they join up to my site? (Lots of > books and documentation says how to create users, the privelege system etc, > but none seem to address this basic structural question - presumably because > it's obvious to anyone who already knows). I'm planning a mysql and PHP site. > > Taking a mundane example - lets say a second hand bookstore has a site which > lets users search through a list of books, and lets subscribed users select > favorite books, 0-n number of books, in a table fav_books. Each fav_book > tuple is then related to at least one user. When the favourite book comes > into stock the store sends a message to the user to let them know it's > available. (I said it was a mundane example!). > > If the bookstore created a default user then I suppose anyone can alter > anyone elses data in the fav_book table (undesirable) ? Would they create a > table of authenticated_users for example instead of putting them in the > mysql.user table, then use PHP to retain a record of which user is logged in > at that time and so which tuples in the fav_book table they can change? > Alternatively if each user is listed in mysql.user table they would all get > the same priveleges and the bookstore would have to create a seperate > fav_book table for each user to contain just their data. With as many tables > as users it would be surely impossible to run background processes which > check the new stock against books people are looking for? > > As I say it's a basic question about web use of a database - hope the answer > isn't too obvious. > > Thanks for any help > matt > > > --------------------------------- > ALL-NEW Yahoo! Messenger - all new features - even more fun! -- John A. McCaskey Software Development Engineer Klir Technologies, Inc. [EMAIL PROTECTED] 206.902.2027 -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
