MySQL Privileges

Hi,
If i want to create a user in MySQL only to allow the Php program file to access the database and show results in my website what priviliges should i give to the user. So that access to my database is never compromised if someone can get the password that i have to give in the Php file for the user created. Should I limit the privilege to 'SELECT' or need to add some more.

Thankyou for stopping by and answering ...(in advance)

3

Contributors

3

Replies

6 Days

Discussion Span

10 Months Ago

Last Updated

4

Views

Question
Answered

David2012

Newbie Poster

23 posts since May 2012

Reputation Points: 0

Solved Threads: 0

Skill Endorsements: 0

11 Months Ago

0

Well, it depends on what your PHP code does. If you only use SELECT, then why add other priviliges? If your code also updates and/or deletes, then you need to add them too. Protecting from abuse in that case would be harder, but can be solved by logging.

pritaeas

Posting Prodigy

Moderator

9,287 posts since Jul 2006

Reputation Points: 1,173

Solved Threads: 1,458

Skill Endorsements: 86

11 Months Ago

0

To increase safety, you should also
- restrict user access to the database to the IP address of your webserver, so that no intruders from outside can read the database;
- store the access data (username, database name, password) in a separate file with a name beginning with a dot (like ".access.inc.php"), so that this file won't be served by your webserver even if PHP is deactivated.

smantscheff

Nearly a Posting Virtuoso

1,297 posts since Oct 2010

Reputation Points: 321

Solved Threads: 270

Skill Endorsements: 8

10 Months Ago

0

Thankyou very much. Yes my PHP is only using SELECT. So gues i just need to give SELECT privelege for that username.

Smantscheff-
Well, i never knew we could use a . (dot) in a filename!! But i will do henceforwrd...thanks. And guess u are hinting that i should use PDO..php data object, and keep a seperate file for connecting the database...right. That's a good standard.