From: "Alex Lui" <[EMAIL PROTECTED]> > I am newbie in PHP/MySQL. I am going to write an application of PHP/MySQL. I > need one password table to do user authentication job. My application user > will be given accounts for using MySQL with appropriate privileges. And, I > found table mysql.user which is similar to my proposed password table. Is it > ok to use this table to control the access right of a PHP program instead of > creating another one for that.
The mysql.user table is for controlling the actual MySQL user rights to the daemon. You don't want to use this for your application, especially as you'd now have a web-based user with rights to the reserved mysql database. That's a huge security risk. I'd highly recommend creating a new table, outside of the reserved mysql database, and leave that database for root users only. -- denonymous www.coldcircuit.net --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
