Database Reference
In-Depth Information
ably have your administrative user, root, which is used for creating your tables and any
manual administrative tasks, and a general web user, say, web_anonymous, that is used by
the webserver to access the tables. Depending on what your web system does, you will give
the anonymous user limited privileges, such as:
GRANT SELECT
ON
mysqlfast.webpage
TO
web_anonymous@localhost;
GRANT
INSERT
ON
mysqlfast.log
TO
web_anonymous@localhost;
GRANT
INSERT,SELECT
ON
mysqlfast.cookies
TO
web_anonymous@localhost;
GRANT
INSERT,SELECT
ON
mysqlfast.visitorbook
TO
web_anonymous@localhost;
These queries will allow the webserver to:
•
retrieve the contents of webpages,
•
add entries to the log table when a page is viewed,
•
check the existence of a cookie and create a new one if necessary, and
•
create new visitorbook entries and view existing ones.
You will see from the chapters that follow the way that you embed the user credentials
into the scripting language that you are using to access MySQL and build the webpages
with. If you only allow the web_anonymous user these limited privileges, there is little that
the webserver can do to damage your data. For instance, with the set of privileges above, it
would be impossible for that user to remove a webpage, i.e.
DELETE FROM webpage
WHERE title = 'Home'
as the user does not have DELETE access on the webpage table. Unless you wrote a section
of the website to edit and delete webpages, you would have to log in as root and manually
delete the page using SQL to remove the home page if required.
Other Passwords
Although the examples we have been using in this topic have referred to a fictional website,
many sites use databases to authenticate users. For instance, search engines like Yahoo
allow you not just to search, but also to log into them to gain more facilities. It is likely that
Search WWH ::
Custom Search