Beefy Boxes and Bandwidth Generously Provided by pair Networks
Don't ask to ask, just ask

Re: trying to understand (my)sql user rights/levels and advanced features

by phydeauxarff (Priest)
on Sep 14, 2003 at 12:44 UTC ( #291382=note: print w/replies, xml ) Need Help??

in reply to trying to understand (my)sql user rights/levels and advanced features

Yes you can do this but you are going to have to sit down, pull up your sleeves, and start writting some code.

First, you will need an method for authentication against your mySQL data.

A quick search provides Apache authentication with Mysql ...the examples given there will get you started down the path of getting your site to authenticate against the users in your database.

You can use the above to provide read-only access to unauthenticated users by simply changing your forms based on whether the user has logged in.

Next, you need to have the ability to have users only edit the data they enter, or have permission to edit...this will take some creativity. Off the top of my head the approach I would try is to add an extra table to show who is the owner and/or the security level of each record.

This would be used as a flag to determine if the user logged in has the appropriate security level edit the record they retrieved, or if it would be read-only.

This is just a start, but it should get you running down the road....good luck.

  • Comment on Re: trying to understand (my)sql user rights/levels and advanced features

Replies are listed 'Best First'.
Re: Re: trying to understand (my)sql user rights/levels and advanced features
by parasew (Beadle) on Sep 14, 2003 at 17:30 UTC
    thanks for the hint with the Apache authentication with Mysql, i was just wondering why in general databases don't have the approach of bringing the entered data in a relation to the users, as this would bring up totally different and (in my opinion) better security from the backend.

    you would not need to put any database-user-password somewhere in your .pl or .cgi script (except the www-user that can only read).
    thanks again,

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://291382]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (2)
As of 2018-06-18 12:06 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (109 votes). Check out past polls.