1. GRANT insert,select,delete,update ON mydatabase.* TO myuser@'%'
IDENTIFIED BY 'mypassword'
When your user access mydatabase via a script (PERL,PHP), access it with
this user and password combination.
2. To hide username and password, use PHP include files. Place this file
in a directory which is NOT where you store your web-pages and scripts.
Store the following file in a sub-directory named "includes". For example:
file: mydatabase.inc
<?php
mysql_connect( "server_name","myuser","mypassword") or die("Error-connect:
".mysql_error());
mysql_select_db("mydatabase") or die ("Error-select_db: ".mysql_error() );
?>
---------
file: login.php3
<?php
include "./includes/mydatabase.inc"
...rest of your script...
?>
This way, if the server breaks and starts spewing forth your raw PHP script,
instead of interpreting it, the browser will display only the line
'include "./includes/mydatabase.inc" ' instead of the actual username and
password. Ensure your ./includes directory is password protected to prevent
FTP snooping.
Checkout MySQL manual 4.3 and PHP manual LV.
-----Original Message-----
From: Anne [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 01, 2001 1:17 PM
To: [EMAIL PROTECTED]
Subject: DB permissions Question
I"m sorry, this is a very basic question -- but I am new to using SQL via
the web. I am on my own server, able to create databases/tables and
manipulate them to my heart's content at the command line connecting as
root. I cannot connect to the DBs any other way, however (e.g. logging in
at regular admin or user level). And of course, when I try to run any sort
of a query via a web browser using PHP code, I get a permissions error.
Question 1: How do I set up permissions on the DB to accept record
insert/update/select for any user.
Question 2: For the function mysql_connect within PHP I don't understand
what I should be using for "user" and "Password" to allow for this access.
Apologies for this newbie question. References to a site that can take me
through this and/or a simple explanation will be excellent!
Anne
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
