* Andre MATOS > Is it possible to allow one user to access MySQL using for > example PHP but stop him when he tried to access MySQL directly?
Yes, but only if the user does _not_ have shell access to your web/mysql server or if you create a application-specific user table. When you set up mysql users, you can decide from what computer they can access the database. Examples: - 'user'@'hostname' - can access from computer 'hostname' - 'user'@'localhost' - can access from localhost, using sockets - 'user'@'192.168.0.%' - can access from subnet 192.168.0.* - 'user'@'%' - can access from any computer <URL: http://www.mysql.com/doc/en/GRANT.html > If you run the web server and the mysql server on the same machine, you can restrict the user to connect only from localhost. If the user does not have shell access to that computer, he can not access the database except through the web interface (for example PHP). If the user does have shell access to the web server and/or the mysql server, you can restrict the access by creating a user table in your application. Let's say the user is named 'peter'. You create a record in _your_ user table, with 'peter', his encrypted password, email address and other information. You GRANT access to a different user, say 'PHPuser'. When 'peter' log in to your PHP application, your code connect to the database using 'PHPuser', check _your_ user table if the password for 'peter' was correct, and allows/denies access. That way the web interface allways have access to the database, and you can use the database regardless of the user, even for not-logged-in/unregistered users, and you don't need to distribute the _real_ mysql username/password. -- Roger -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
