#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2000
    Posts
    10
    Rep Power
    0
    Is that possible? I have gone through the documentation...but to say the least, i do not understand most of te jargon there and well, i don't even know if i have actually read it through!

    im currently tutoring myself...so im using a free webhost which has php and mysql on it, admin thru phpmyadmin.

    theres no such thing as setting user vars for tables.......how do i do this, if it is possible?

    creating multiple DBs is out of the question right now, since it is a free host.

    hmm...
  2. #2
  3. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2000
    Posts
    10
    Rep Power
    0
    Oh yeah I think this is it...can someone please help me:

    -------------------------------------------
    7.33 GRANT and REVOKE syntax
    GRANT priv_type [(column_list)] [, priv_type [(column_list)] ...]
    ON {tbl_name | * | *.* | db_name.*}
    TO user_name [IDENTIFIED BY 'password']
    [, user_name [IDENTIFIED BY 'password'] ...]
    [WITH GRANT OPTION]

    REVOKE priv_type [(column_list)] [, priv_type [(column_list)] ...]
    ON {tbl_name | * | *.* | db_name.*}
    FROM user_name [, user_name ...]

    GRANT is implemented in MySQL 3.22.11 or later. For earlier MySQL versions, the GRANT statement does nothing.

    The GRANT and REVOKE commands allow system administrators to grant and revoke rights to MySQL users at four privilege levels:

    Global level
    Global privileges apply to all databases on a given server. These privileges are stored in the mysql.user table.
    Database level
    Database privileges apply to all tables in a given database. These privileges are stored in the mysql.db and mysql.host tables.
    Table level
    Table privileges apply to all columns in a given table. These privileges are stored in the mysql.tables_priv table.
    Column level
    Column privileges apply to single columns in a given table. These privileges are stored in the mysql.columns_priv table.
    For examples of how GRANT works, see section 6.13 Adding new user privileges to MySQL.

    For the GRANT and REVOKE statements, priv_type may be specified as any of the following:

    ALL PRIVILEGES FILE RELOAD
    ALTER INDEX SELECT
    CREATE INSERT SHUTDOWN
    DELETE PROCESS UPDATE
    DROP REFERENCES USAGE

    ALL is a synonym for ALL PRIVILEGES. REFERENCES is not yet implemented. USAGE is currently a synonym for ``no privileges''. It can be used when you want to create a user that has no privileges.

    To revoke the grant privilege from a user, use a priv_type value of GRANT OPTION:

    REVOKE GRANT OPTION ON ... FROM ...;

    The only priv_type values you can specify for a table are SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, GRANT, INDEX and ALTER.

    The only priv_type values you can specify for a column (that is, when you use a column_list clause) are SELECT, INSERT and UPDATE.

    You can set global privileges by using ON *.* syntax. You can set database privileges by using ON db_name.* syntax. If you specify ON * and you have a current database, you will set the privileges for that database. (Warning: If you specify ON * and you don't have a current database, you will affect the global privileges!)

    In order to accommodate granting rights to users from arbitrary hosts, MySQL supports specifying the user_name value in the form user@host. If you want to specify a user string containing special characters (such as `-'), or a host string containing special characters or wildcard characters (such as `%'), you can quote the user or host name (e.g., 'test-user'@'test-hostname').

    You can specify wildcards in the hostname. For example, user@"%.loc.gov" applies to user for any host in the loc.gov domain, and user@"144.155.166.%" applies to user for any host in the 144.155.166 class C subnet.

    The simple form user is a synonym for user@"%". Note: If you allow anonymous users to connect to the MySQL server (which is the default), you should also add all local users as user@localhost because otherwise the anonymous user entry for the local host in the mysql.user table will be used when the user tries to log into the MySQL server from the local machine! Anonymous users are defined by inserting entries with User='' into the mysql.user table. You can verify if this applies to you by executing this query:

    mysql> SELECT Host,User FROM mysql.user WHERE User='';

    For the moment, GRANT only supports host, table, database and column names up to 60 characters long. A user name can be up to 16 characters.

    The privileges for a table or column are formed from the logical OR of the privileges at each of the four privilege levels. For example, if the mysql.user table specifies that a user has a global select privilege, this can't be denied by an entry at the database, table or column level.

    The privileges for a column can be calculated as follows:

    global privileges
    OR (database privileges AND host privileges)
    OR table privileges
    OR column privileges

    In most cases, you grant rights to a user at only one of the privilege levels, so life isn't normally as complicated as above. The details of the privilege-checking procedure are presented in section 6 The MySQL access privilege system.

    If you grant privileges for a user/hostname combination that does not exist in the mysql.user table, an entry is added and remains there until deleted with a DELETE command. In other words, GRANT may create user table entries, but REVOKE will not remove them; you must do that explicitly using DELETE.

    In MySQL 3.22.12 or later, if a new user is created or if you have global grant privileges, the user's password will be set to the password specified by the IDENTIFIED BY clause, if one is given. If the user already had a password, it is replaced by the new one.

    Warning: If you create a new user but do not specify an IDENTIFIED BY clause, the user has no password. This is insecure.

    Passwords can also be set with the SET PASSWORD command. See section 7.32 SET syntax.

    If you grant privileges for a database, an entry in the mysql.db table is created if needed. When all privileges for the database have been removed with REVOKE, this entry is deleted.

    If a user doesn't have any privileges on a table, the table is not displayed when the user requests a list of tables (e.g., with a SHOW TABLES statement).

    The WITH GRANT OPTION clause gives the user the ability to give to other users any privileges the user has at the specified privilege level. You should be careful to whom you give the grant privilege, as two users with different privileges may be able to join privileges!

    You cannot grant another user a privilege you don't have yourself; the grant privilege allows you to give away only those privileges you possess.

    Be aware that when you grant a user the grant privilege at a particular privilege level, any privileges the user already possesses (or is given in the future!) at that level are also grantable by that user. Suppose you grant a user the insert privilege on a database. If you then grant the select privilege on the database and specify WITH GRANT OPTION, the user can give away not only the select privilege, but also insert. If you then grant the update privilege to the user on the database, the user can give away the insert, select and update.

    You should not grant alter privileges to a normal user. If you do that, the user can try to subvert the privilege system by renaming tables!

    Note that if you are using table or column privileges for even one user, the server examines table and column privileges for all users and this will slow down MySQL a bit.

    When mysqld starts, all privileges are read into memory. Database, table and column privileges take effect at once and user-level privileges take effect the next time the user connects. Modifications to the grant tables that you perform using GRANT or REVOKE are noticed by the server immediately. If you modify the grant tables manually (using INSERT, UPDATE, etc.), you should execute a FLUSH PRIVILEGES statement or run mysqladmin flush-privileges to tell the server to reload the grant tables. See section 6.11 When privilege changes take effect.

    The biggest differences between the ANSI SQL and MySQL versions of GRANT are:

    ANSI SQL doesn't have global or database-level privileges and ANSI SQL doesn't support all privilege types that MySQL supports.
    When you drop a table in ANSI SQL, all privileges for the table are revoked. If you revoke a privilege in ANSI SQL, all privileges that were granted based on this privilege are also revoked. In MySQL, privileges can be dropped only with explicit REVOKE commands or by manipulating the MySQL grant tables.
    ---------------------------------
  4. #3
  5. No Profile Picture
    Carpe Diem
    Guest
    Devshed Newbie (0 - 499 posts)
    I just use
    grant all on database.table to username@localhost identified by 'password';

    So for fred with a password of fredderf and we want him to have access to a table called table1 in database1

    grant all on database1.table1 to fred@localhost identified by 'fredderf';

    Or the same user but all tables in the database
    grant all on database1.* to fred@localhost identified by 'fredderf';

    This command creates the user, but you have to still create the database/table

    Regards
    Darren http://www.php4hosting.com/
  6. #4
  7. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2000
    Posts
    10
    Rep Power
    0
    Hey, I tried:

    SHOW GRANTS for me@localhost

    and

    SHOW GRANTS for me

    and

    SHOW GRANTS for root...user..etc etc

    but MySQL returns an error. Does this mean your above solution won't work?

    thanks anyway

Similar Threads

  1. Can user A read user B's session?
    By Stupid Khor in forum PHP Development
    Replies: 9
    Last Post: May 11th, 2004, 05:19 AM
  2. Stopping form submittion until user clicks Agree button
    By leemeisner in forum HTML Programming
    Replies: 2
    Last Post: April 13th, 2004, 10:46 AM
  3. Multiple Cookies for user
    By Chris24 in forum HTML Programming
    Replies: 0
    Last Post: January 22nd, 2004, 09:27 AM
  4. php user levels
    By dynasty in forum PHP Development
    Replies: 1
    Last Post: January 20th, 2004, 02:01 PM
  5. How to get multiple sessions for one user working?
    By jkoerber in forum PHP Development
    Replies: 1
    Last Post: January 16th, 2004, 01:23 PM

IMN logo majestic logo threadwatch logo seochat tools logo