Professional Web Applications Themes

User Access to MySQL Database - MySQL

I have created a MySQL database for my company which is accessed by PHP pages. I would like to permit some users to edit the records but allow others read-only access. However, I don't want to have to enter a password every time I want to edit a record. Is there a way to use our network login to do this? If not, what is the easiest way to accomplish this? The database is running on our server and is not accessible via the net. Any help will be greatly appreciated....

  1. #1

    Default User Access to MySQL Database

    I have created a MySQL database for my company which is accessed by PHP
    pages. I would like to permit some users to edit the records but allow
    others read-only access. However, I don't want to have to enter a password
    every time I want to edit a record. Is there a way to use our network login
    to do this? If not, what is the easiest way to accomplish this? The
    database is running on our server and is not accessible via the net.

    Any help will be greatly appreciated.
    Bob Sanderson Guest

  2. #2

    Default Re: User Access to MySQL Database


    Bob Sanderson wrote:
    > I have created a MySQL database for my company which is accessed by PHP
    > pages. I would like to permit some users to edit the records but allow
    > others read-only access. However, I don't want to have to enter a password
    > every time I want to edit a record. Is there a way to use our network login
    > to do this? If not, what is the easiest way to accomplish this? The
    > database is running on our server and is not accessible via the net.
    >
    > Any help will be greatly appreciated.
    This is one way to do it

    In mysql use CREATE USER and GRANT to set up a user account with read
    only permissions, you probably have a user account with full
    permissions to use but you may want to setup another user account with
    limited write permissions to give to others.

    In the php script call a system command to get the login name of the
    current user. On *nix systems its 'whoami', on windows I think its
    whoami.exe but don't quote me on that..

    Check the result of whoami and change the user and password arguments
    in mysql_connect accordingly.

    Regards

    Tim

    Tim Guest

  3. #3

    Default Re: User Access to MySQL Database

    Tim wrote:
    > Bob Sanderson wrote:
    >> I have created a MySQL database for my company which is accessed by
    >> PHP pages. I would like to permit some users to edit the records but
    >> allow others read-only access. However, I don't want to have to
    >> enter a password every time I want to edit a record. Is there a way
    >> to use our network login to do this? If not, what is the easiest way
    >> to accomplish this? The database is running on our server and is not
    >> accessible via the net.
    >>
    >> Any help will be greatly appreciated.
    >
    > This is one way to do it
    >
    > In mysql use CREATE USER and GRANT to set up a user account with read
    > only permissions, you probably have a user account with full
    > permissions to use but you may want to setup another user account with
    > limited write permissions to give to others.
    >
    > In the php script call a system command to get the login name of the
    > current user. On *nix systems its 'whoami', on windows I think its
    > whoami.exe but don't quote me on that..
    But wouldn't the whoami run on the server, whilst the user is logged on to
    the client?


    Paul Lautman Guest

  4. #4

    Default Re: User Access to MySQL Database


    Paul Lautman wrote:
    > Tim wrote:
    > > Bob Sanderson wrote:
    > >> I have created a MySQL database for my company which is accessed by
    > >> PHP pages. I would like to permit some users to edit the records but
    > >> allow others read-only access. However, I don't want to have to
    > >> enter a password every time I want to edit a record. Is there a way
    > >> to use our network login to do this? If not, what is the easiest way
    > >> to accomplish this? The database is running on our server and is not
    > >> accessible via the net.
    > >>
    > >> Any help will be greatly appreciated.
    > >
    > > This is one way to do it
    > >
    > > In mysql use CREATE USER and GRANT to set up a user account with read
    > > only permissions, you probably have a user account with full
    > > permissions to use but you may want to setup another user account with
    > > limited write permissions to give to others.
    > >
    > > In the php script call a system command to get the login name of the
    > > current user. On *nix systems its 'whoami', on windows I think its
    > > whoami.exe but don't quote me on that..
    >
    > But wouldn't the whoami run on the server, whilst the user is logged on to
    > the client?
    Yeah you're right, dont know what I was thinking. Ta

    Tim

    Tim Guest

  5. #5

    Default Re: User Access to MySQL Database

    >I have created a MySQL database for my company which is accessed by PHP
    >pages. I would like to permit some users to edit the records but allow
    >others read-only access.
    Ok, decide what will enforce this: PHP or MySQL? MySQL permissions
    do not easily handle requirements like "a user may only edit his own
    record, but no others".

    If MySQL permissions are used to enforce permissions, the user using
    the web page enters his MySQL login and password. For convenience,
    save these in a session variable so re-entering these on each access
    is not needed.

    If PHP permissions are used to enforce permissions, the PHP pages
    need a login setup. You could use .htaccess, letting Apache enforce
    the access and use $_SERVER['AUTH_USER'] as a basis for figuring
    out who's logged in. The pages usually use a MySQL login owned by
    the page itself, capable of making changes (and it's probably
    embedded in the page. My recommendation is to put the login/password
    combination in a PHP include file *outside* the doent tree). If
    PHP itself is doing the login logic (rather than Apache) there's
    probably a database table for web page logins, passwords, and level
    of privilege of each user. It's up to PHP to decide what MySQL
    queries to allow to each web user. Web users and MySQL users are
    different; a web user need not have a MySQL username at all.
    >However, I don't want to have to enter a password
    >every time I want to edit a record.
    Sessions can let you enter the password once a session.
    >Is there a way to use our network login
    >to do this? If not, what is the easiest way to accomplish this? The
    >database is running on our server and is not accessible via the net.
    It had better be accessible to the server running PHP, or you're
    not going to get very far.

    Gordon L. Burditt
    Gordon Burditt Guest

  6. #6

    Default Re: User Access to MySQL Database

    Bob Sanderson wrote:
    > I have created a MySQL database for my company which is accessed by PHP
    > pages. I would like to permit some users to edit the records but allow
    > others read-only access.
    > However, I don't want to have to enter a password
    > every time I want to edit a record. Is there a way to use our network login
    > to do this? If not, what is the easiest way to accomplish this? The
    > database is running on our server and is not accessible via the net.
    Make a different landing page for each user.
    E.g:
    if user permitted to edit records, landing to:
    [url]http://intranet/page1.php[/url]
    if user read only, landing to: [url]http://intranet/page2.php[/url]
    >From the server side, you can make a settings,
    page1.php, only can be accessed from computer1, computer2
    page2.php, only can be accessed from computer3, computer4

    like that. Hope it will help you.

    thanks,

    Lorento
    --
    [url]http://www.mastervb.net[/url]
    [url]http://www.padbuilder.com[/url]
    [url]http://www.immersivelounge.com[/url]

    lorento Guest

  7. #7

    Default Re: User Access to MySQL Database

    Bob Sanderson wrote:
    > I have created a MySQL database for my company which is accessed by PHP
    > pages. I would like to permit some users to edit the records but allow
    > others read-only access. However, I don't want to have to enter a password
    > every time I want to edit a record. Is there a way to use our network login
    > to do this? If not, what is the easiest way to accomplish this? The
    > database is running on our server and is not accessible via the net.
    >
    > Any help will be greatly appreciated.
    It's not hard, Bob.

    First o fall, it will be a lot easier to handle this in PHP. Just keep one
    database password for all the operations.

    When the user signs in with thiner own userid, determine if they can edit
    records, and if so, which ones(s). Set the appropriate flag(s) in the $_SESSION
    array and check them later.

    Alternatively, if the choice is to edit all rows or no rows, you could give each
    person their own MySQL logon/password and keep the information in the $_SESSION
    array. If it is there, use it. If it's not there, ask them for it. But this
    won't work if they can only edit a subset of records unless you implement a view
    for each possible subset and grant appropriate permissions on the view.

    --
    ==================
    Remove the "x" from my email address
    Jerry Stuckle
    JDS Computer Training Corp.
    [email]jstucklexattglobal.net[/email]
    ==================
    Jerry Stuckle Guest

Similar Threads

  1. Can CF MX 6.1 access MySQL database as a Data Source?
    By EQPro in forum Coldfusion Server Administration
    Replies: 6
    Last Post: November 28th, 04:28 PM
  2. MySQL Access denied for user - Plesk / FC 2
    By rossn8tor@hotmail.com in forum Coldfusion Server Administration
    Replies: 1
    Last Post: November 9th, 04:31 PM
  3. Mac user can't connect to mySQL database
    By benkayuk in forum Macromedia ColdFusion
    Replies: 5
    Last Post: March 4th, 03:25 PM
  4. Replies: 4
    Last Post: February 7th, 08:26 PM
  5. Replies: 2
    Last Post: July 14th, 05:30 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139