tags:

views:

71

answers:

4
Q: 

PHP MySQL connection

I'm been looking through the Internet for an answer for a long time. How could I control users and connections between php and MySQL. My question is, when we create a mysql database through php, actually we create the user in a user table in mysql. When I connect to the database, all the user we created is using same mysql user account to connect to database. Do I need to create any user in mysql user table (I mean the system table holds users)? So the user we use to login to the website will match the user in sql database user table? Then, each user has his own mysql user account to connect to database. What should I do to handle situation like this? Cheers

+4  A: 

I think I understood your question, you are asking about user management on the database side.

You have, per default, a single user in the database, that has (of course) ALL privileges. This user will be named root most of the time (depending of your DBMS, but in the case of MySQL, this is the case).

So you have IMO two choices:

  • Create a new user per application that as only the needed privileges like READ, INSERT or UPDATE. If your application requires it, give him DELETE priviliges.
  • Use the root for all the applications that access the database.
  • Create a user that will have the most common rights, that will be used for ALL applications that need to interact with the database.

Whatever you do, keep in mind that the user can do ANYTHING he has the privilages to, so be carefull with GRANTing too high privilages.

I consider it a best practice (at least this was always the case for me and I think it worked quite well) to have a users on a per-application basis, e.g. when I want an application Blog, I create a user blog that has INSERT, UPDATE, SELECT, [whatever is needed] rights.

One more edit: So to answer your question short: You don't need a MySQL user for each application user.

DrColossos  2010-07-02 17:52:46
+1  A: 

Each user in your application should not be a user in MySQL. Generally, you should have one MySQL user that your entire application uses.

mmattax  2010-07-02 17:55:58
A: 

Better yet, create one user per application. Give that user rights to execute stored procedures and nothing else. Create stored procedures for any type of database activity you allow that user. It gives you another security barrier.

Yossi  2010-07-02 18:00:13
A: 

Thank you guys. I apologize for my bad explanations. I just try to figure out how to manage users between web application and actually database users. I got this solved by all your help. Thanks again.

sambo  2010-07-02 18:25:58

related questions

Remove Quotes and Commas from a String in MySQL
What's the best way of converting a mysql database to a sqlite one?
How do you manage databases in development, test, and production?
Multiple foreign keys?
Add 1 to a field (MySQL)
Issues using MS Access as a front-end to a MySQL database back-end?
Bigger than a char but smaller than a blob
How do I retrieve my MySQL username and password?
Long-time LAMP Developer moving to VB.NET
How do I Concatenate entire result sets in MySQL?
Full complete MySQL database replication? Ideas? What do people do?
SQL: Distribution of table in time
SQLite vs MySQL
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Multiple Updates in MySQL
MySQL/Apache Error in PHP MySQL query
What all do I need to escape when sending a (My)SQL query?
Auto Generate Database Diagram MySQL
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
Python and MySQL
SQL Server 2005 implementation of MySQL REPLACE INTO?
How to export data from SQL Server 2005 to MySQL
Throw Error In MySQL Trigger
Binary Data in MySQL