Daevid Vincent writes: > For the love of God and all that is holy, > do NOT put the user/pass on the URL like that!!!!!! What's so unholy (or even unwise) about it?
> Or use "mod_auth_mysql" to maintain your 'authorized' users to your page. Why is this so much better? In my case it's worse cause I don't want this to be interactive. I want to install something on a user's machine that will access his data without him having to do anything. The url is to be used by a program, not a person on a browser. > And as Adam beat me to, use a VIEW to expose ONLY the columns and joins you > want. This is also a good time to normalize the data and column names so > that you don't expose what their internal names are. So far I don't like this solution. > But also has he said, I don't see what you're trying to accomplish. If I'm trying to let a large number of users each access his own data and not everyone else's in a very flexible way, in particular, allowing selection using functions, aggregations, filters. > someone is technically literate to format SQL statements, then just give > them a read-only account to the mysql (or view) directly. Let them use > their own GUI tool like SQLYog or whatever -- it will be far more robust > than anything you can write yourself. In this case there may be a lot of users but the queries are likely to be written by a small number. > If you're trying to do some "reports", then just code up the reports and > use select boxes for the options you want someone to choose. Use jQuery and > table_sorter plugin and you're done. I can't predict what options will be needed. And this seems much easier. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/mysql?unsub=arch...@jab.org
