Jack writes:
> 1. What should i do if i want to limit the user which can only edit the > record belongs to him/her. i mean user can only update to his own record but > not the others!! This sort of security is best handled at the application level. If you don't want your users to access the database directly, only relying on the database's user system is usually not a good and/or feasible solution. > 2. Is there anyway that the PHP can pass the Windows Domain Username and > password to Mysql's User table? Well, if you can get them from somewhere I'm sure it wouldn't be too hard to add users to MySQL. The question is just how you would get them. Even Windows doesn't store its passwords in plaintext, so you'd have to either a) obtain the passwords from elsewhere, in which case you could just as well get the usernames from elsewhere too, or b) crack the users' passswords, and if you can do that that easily you could just as well not use passwords at all. I guess the real solution would be to modify MySQL to use a Windows box to authenticate its users. I'm not sure what's been going on with Kerberos and stuff like that lately, but it ought to be possible to add this feature to MySQL. Unless you can pay someone to do it, I guess you'd have to do it yourself, though. > 3.I had made a login page for the user, but when the user input the password > which i assigned to her, it prompts incorrect password then later on i found > out that the user table's password field had encryted . So what can i do if > i want to make a login page to user which the password will be able to match > the password in Mysql.User table. See 1. //C - hungry -- Carl Troein - Círdan / Istari-PixelMagic - UIN 16353280 [EMAIL PROTECTED] | http://pixelmagic.dyndns.org/~cirdan/ Amiga user since '89, and damned proud of it too. --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
