Usernames, passwords, and then perform the queries select ... where customerid = "<the variable name you feed>" Its all handled by your app.
Curtis On Wed, 10 Mar 2004, Mulugeta Maru wrote: > Hi Mike, > > I am sorry for the confusion I might have caused. May be it would help to > give a clear example. > > Table - Customers (CustomerID, CustomerName, Address, etc) > > Table - Transaction(TransactionID,CustomerID,Date,Amount) > > Note: CustomerID in Customer Table is a Primary Key. TransactionID is a > Primary Key and CustomerID is a Foreign Key in Transaction Table). > > Question: How would I be able to give my customers access to the database so > that they can update the customer table (for example address change) and add > transactions to the transaction table. What I do not want to happen is that > customer A is able to modify customer B's record. > In short how would you restrict customer a to see transactions that pertain > to him/her. > > Many thanks. > ----- Original Message ----- > From: "Mike Johnson" <[EMAIL PROTECTED]> > To: "MySQL" <[EMAIL PROTECTED]> > Sent: Wednesday, March 10, 2004 4:55 PM > Subject: RE: Security > > > > From: Maru, Mulugeta [mailto:[EMAIL PROTECTED] > > > > > When I go online to access my bank account I only see > > > transactions pertain to my account only. I think when ever I > > > make a transaction the database records my account number in > > > the transaction table. When I log-in using my account number > > > and password the system checks whether it is correct or not > > > and run another query to get all transaction that match my > > > account number. > > > > > > Do I make sense? > > > > > > (sent offlist by mistake, please excuse the dupe) > > > > The point being made is that you're looking at your bank account > information in a client that is set to read records only pertaining to your > account. > > > > The native mysql client is not such a program and was never intended to > be. While you can customize access for users to certain databases or certain > tables within those databases, it's simply not built as a multi-user > transactional client for limiting access to data in commonly-used tables. > > > > It begs the question why you're giving your clients access to the native > mysql client itself rather than developing an application to do this, in > which you could quite easily limit such access. > > > > > > -- > > Mike Johnson > > Web Developer > > Smarter Living, Inc. > > phone (617) 886-5539 > > > > -- > > MySQL General Mailing List > > For list archives: http://lists.mysql.com/mysql > > To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED] > > > > > > > -- -- Curtis Maurand mailto:[EMAIL PROTECTED] http://www.maurand.com -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
