Marcin Lewandowski <[EMAIL PROTECTED]> wrote on 02/08/2005 05:29:39 PM:
> Chuck Herrick napisał(a): > > 200 - 400 tables is too many. > > Is it too many for merge, innodb or both? > > > Try having one CUSTOMERS table. You know who is logged in, so you can > > use that information in a WHERE clause. > > Yes, but If somebody would find a password (maybe using brute-force > attack) to one account, could delete data of other users... > > -- > Marcin Lewandowski > [ mailto:[EMAIL PROTECTED] gg:188068 jid:[EMAIL PROTECTED] ] > [ http://www.nosoftwarepatents.com/pl/m/intro/index.html ] > No, they couldn't if you don't give them direct rights to edit that table. Make them use your PHP interface to set and reset their passwords. That way you have a secret password in your app that allows only you to access that table and they will only be able to change the records you let them change. If you don't allow them to edit EVERYONE's information, they won't be able to. I agree with the other respondent. One table per user is excessive, especially when we are talking about login information (one row per table?). Shawn Green Database Administrator Unimin Corporation - Spruce Pine
