Re: opening a server to generalized queries but not too far

Raj Shekhar writes: One option here might be to use mysql proxy as a man-in-the-middle and filter out unwanted queries... This seems more or less the same as what I'm doing now with php. The same question applies there - what would you look for in your filter? -- MySQL General Mailing List

Re: opening a server to generalized queries but not too far

In infinite wisdom don-mysq...@isis.cs3-inc.com (Don Cohen) wrote: The question is what I have to prohibit in order to prevent either updates or access to other tables, or perhaps other things that I should be worried about but haven't yet thought of. One option here might be to use mysql

Re: opening a server to generalized queries but not too far

Sounds like you just want to GRANT access to specific tables (and with limited commands), which is exactly what MySQL's privilege system does. Refer to http://dev.mysql.com/doc/refman/5.1/en/grant.html http://dev.mysql.com/doc/refman/5.1/en/grant.htmlFor example, you can grant only SELECT

Re: opening a server to generalized queries but not too far

Adam Alkins writes: Sounds like you just want to GRANT access to specific tables (and with limited commands), which is exactly what MySQL's privilege system does. How about this part? Finally, suppose I want to limit access to the table to the rows where col1=value1. If I just add that

Re: opening a server to generalized queries but not too far

MySQL doesn't have row level permissions, but this is what VIEWS are for. If you only want access to specific rows, create a view with that subset of data. You can create a function (privilege bound) to create the view to make this more dynamic. If you want direct access to the database, then you

RE: opening a server to generalized queries but not too far

-Original Message- From: Don Cohen [mailto:don-mysq...@isis.cs3-inc.com] The http request I have in mind will be something like https://server.foo.com?user=johnpassword=wxyz;... and the resulting query something like select ... from table where user=john and ... (I will first

RE: opening a server to generalized queries but not too far

Daevid Vincent writes: For the love of God and all that is holy, do NOT put the user/pass on the URL like that!! What's so unholy (or even unwise) about it? Or use mod_auth_mysql to maintain your 'authorized' users to your page. Why is this so much better? In my case it's worse cause

RE: opening a server to generalized queries but not too far

On Wed, June 16, 2010 14:47, Don Cohen wrote: Daevid Vincent writes: For the love of God and all that is holy, do NOT put the user/pass on the URL like that!! What's so unholy (or even unwise) about it? The username and password shows up in logs on the server and in the browser's

RE: opening a server to generalized queries but not too far

-Original Message- From: Don Cohen [mailto:don-mysq...@isis.cs3-inc.com] Sent: Wednesday, June 16, 2010 2:48 PM To: Daevid Vincent Cc: mysql@lists.mysql.com Subject: RE: opening a server to generalized queries but not too far Daevid Vincent writes: For the love of God and

RE: opening a server to generalized queries but not too far

Daevid Vincent writes: For the love of God and all that is holy, do NOT put the user/pass on the URL like that!! What's so unholy (or even unwise) about it? Oh my goodness, where to begin... Well barring the fact that it'll be in the user's cache and browser It won't because