Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: trying to understand (my)sql user rights/levels and advanced features

by phydeauxarff (Priest)
on Sep 14, 2003 at 12:44 UTC ( #291382=note: print w/ replies, xml ) Need Help??


in reply to trying to understand (my)sql user rights/levels and advanced features

Yes you can do this but you are going to have to sit down, pull up your sleeves, and start writting some code.

First, you will need an method for authentication against your mySQL data.

A quick search provides Apache authentication with Mysql ...the examples given there will get you started down the path of getting your site to authenticate against the users in your database.

You can use the above to provide read-only access to unauthenticated users by simply changing your forms based on whether the user has logged in.

Next, you need to have the ability to have users only edit the data they enter, or have permission to edit...this will take some creativity. Off the top of my head the approach I would try is to add an extra table to show who is the owner and/or the security level of each record.

This would be used as a flag to determine if the user logged in has the appropriate security level edit the record they retrieved, or if it would be read-only.

This is just a start, but it should get you running down the road....good luck.


Comment on Re: trying to understand (my)sql user rights/levels and advanced features
Re: Re: trying to understand (my)sql user rights/levels and advanced features
by parasew (Beadle) on Sep 14, 2003 at 17:30 UTC
    thanks for the hint with the Apache authentication with Mysql, i was just wondering why in general databases don't have the approach of bringing the entered data in a relation to the users, as this would bring up totally different and (in my opinion) better security from the backend.

    you would not need to put any database-user-password somewhere in your .pl or .cgi script (except the www-user that can only read).
    thanks again,
    parasew

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://291382]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (7)
As of 2014-12-27 04:31 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (176 votes), past polls