Jump to content

Question: adding user/admin from phpmyadmin > privileges


Lykos22

Recommended Posts

Hi i'd like to ask a question about adding a user from phpmyadmin > privileges, cause i haven't totaly cleared this in my mind.Could you tell me in which exactly cases should i do this? is it something i should always do? I've seen many people do this.Personaly what i 'm used to doing is, if for example i have a membership site, with administrator(s), moderators and simple users, i have a table in my database named users and in this i have a collumn named admin, which is 0 for simple users, 2 for moderators and 1 for administrator etc etc.Is this (my way) the same to the one i'm refering to, or not?

Link to comment
Share on other sites

mysql user has privilages to do some certain action you will set. 'root' user has all privilages. when you use third party mysql database you are not login using root privilage. they set up you as user with lesser privilages. what happened is when your user uses your application they mainly query your database most and insert/update or delete. your user barely needs to alter table,drop table,creating triggers or stored procedure or droping database. so you set up a less privilaged user of mysql to do that interaction for your user, it reduces chances of having mischief with your database by mallicious user (they cant have access anyway to do sensitive action if they manage to get acceess to your database. some people set up different privilage for same application. like ordinary user should not have delete anything so you gave permission to them only select,update,insert. and give delete permission connection to mods or admin. basic rule of security in programming is giving as minimum permission possible to do certain job. this is role based authentication for mysql, when you set up database for role based privilage like setting flags, you are creating your role based permission system for your application not for your mysql.

Edited by birbal
Link to comment
Share on other sites

Thanks for the reply. Ok so if i understand it right from phpmyadmin i add a user to manage the database form the backend, as adeveloper for example, and thats all. The administrator of the (membership) site has nothing to do with that. Or for example in a personal site i set a root user for managing the db and a mysql user(admin) for editing content etc etc, right?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...