No.
But there are couple of situations where it could help:
* When you have separate isolated applications for each DB user,
like a separate CMS application for the backend and the frontend.
Otherwise there is no benefit for security of the access
credentials as these would all be stored together.
* If you wanted to protect parts of your site that have 'SELECT'
statements with user data (protect from SQL injection), but in
your case you are suggesting having a 'form data' user that has
read write anyway so no protection here and there are perfectly
good methods of escaping user data.
Stick to using 'safe' methods of DB interaction for maintaining security
- like using MySQL PDO function or use a ORM/DBAL like Doctrine or
Prototype.
Cheers,
Stig
Michael Adams wrote, On 11/08/2010 3:00 PM:
Is there any advantage gained by creating more than one user for website
access?
* One with read access only for accessing data for webpage content.
* One with read and write access for pages with form data to be collected.
* A possible third with all priveledges needed for admin functions.
Opinions?
--
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to [email protected]
To unsubscribe, send email to
[email protected]
