Re: mysql user access level
Posted by:
Rick James
Date: October 31, 2009 10:56AM
Assuming you are providing an abstract service (something about contract documents), and not simply providing MySQL to them, then you should have a layer (PHP or otherwise) that abstracts their access to the database.
In that layer, you should do whichever of these you deem desirable:
* Validate that they are allowed to access the service. This would involve you handling user names/passwords with extra table(s), not using MySQL's GRANTs.
* Restrict access to selected database/tables/etc.
* Construct queries on their behalf.
As admin, you can see everything by two means:
* You can connect to MySQL (they cannot) and perform ad hoc SELECTs.
* The UI could have an option (password and/or IP protected) that lets you masquerade as any specific user, thereby allowing you to see exactly what they see (after getting past the protection layer).
Text documents should probably be stored in MEDIUMTEXT (allows up to 16MB). Non-text documents (eg, images) should be stored in MEDIUMBLOB. (Without the 'MEDIUM' prefix, you get a limit of 64KB.)
Subject
Written By
Posted
Re: mysql user access level
October 31, 2009 10:56AM
November 01, 2009 03:35PM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.