MySQL 中的密码和权限

发布于 2024-10-26 18:25:34 字数 724 浏览 6 评论 0原文

这可能是一个简单的问题,但我对关系数据库的经验非常有限。如何微调 MySQL 中的权限。例如,如果我有以下代码

CREATE TABLE IF NOT EXISTS user(
ID INT NOT NULL AUTO_INCREMENT,

//...other columns

PRIMARY KEY(ID)
)ENGINE=InnoDB



CREATE TABLE IF NOT EXISTS pictures
(
ID INT NOT NULL AUTO_INCREMENT,
userID INT NOT NULL,

//...other columns

PRIMARY KEY(ID),
FOREIGN KEY (userID) REFERENCES user(ID)
)ENGINE=InnoDB";

并创建两个新用户,user1user2,我可以授予他们对表的权限,

GRANT ALL PRIVILIGES ON db_name.* to ".user1."@\"%\" identified by ".pass1
GRANT ALL PRIVILIGES ON db_name.* to ".user2."@\"%\" identified by ".pass2

但是否有任何地方可以限制表内的特权仅限于特定子集?我应该在 PHP 代码中执行此操作吗?我习惯了面向对象的编程,所以我不习惯保存所有信息的大量表。

This might come across as a simple question, but I have very limited experience with relational databases. How do I fine tune permissions in MySQL. For example, if I have the following code

CREATE TABLE IF NOT EXISTS user(
ID INT NOT NULL AUTO_INCREMENT,

//...other columns

PRIMARY KEY(ID)
)ENGINE=InnoDB



CREATE TABLE IF NOT EXISTS pictures
(
ID INT NOT NULL AUTO_INCREMENT,
userID INT NOT NULL,

//...other columns

PRIMARY KEY(ID),
FOREIGN KEY (userID) REFERENCES user(ID)
)ENGINE=InnoDB";

and I create two new users, user1 and user2, I can give them permission to the tables as such

GRANT ALL PRIVILIGES ON db_name.* to ".user1."@\"%\" identified by ".pass1
GRANT ALL PRIVILIGES ON db_name.* to ".user2."@\"%\" identified by ".pass2

but is there anywhere to restrict privileges inside a table to only a specific subset? Should I carry this out in my PHP code instead? I'm used to object oriented programming, so I am not accustomed to massive tables which hold all the information.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

我最亲爱的 2024-11-02 18:25:34

具体来说,您不能授予对表中某些行的访问权限,而不能授予对其他行的访问权限,这听起来像是您要求做的。

Specifically, you can't grant access to some rows of a table and not others, which sounds like what you are asking to do.

℡寂寞咖啡 2024-11-02 18:25:34

我建议使用 PHP 对应用程序的最终用户进行许可。使用数据库用户来控制访问是一种过时的方法(在我看来),并且在 MySQL/PHP 中很难实现/支持,因为它并不常见。

I recommend doing your permissioning for end-users of your application in PHP. Using database users to control access is an antiquated method (in my opinion) and can be difficult to do/support in MySQL/PHP as its not commonly done.

荒路情人 2024-11-02 18:25:34

Grant Documentation 中,您需要检查文档以查看您正在寻找哪些具体特权;但是您需要为同一用户的每个单独权限执行多次授予(即,一项用于选择,一项用于更新,等等)。

In the Grant Documentation you'll need to check the docs to see what specific privileges you are looking for; but you'll need to perform multiple grants for the same user for each separate privilege (i.e. one for select, one for update, etc...).

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文