[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Creating MySql account
- Subject: Re: [cobalt-users] Creating MySql account
- From: Carrie Bartkowiak <ravencarrie@xxxxxxxx>
- Date: Sun Jul 22 10:04:07 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Sun, 22 Jul 2001 14:04:02 -0300, Zarrir Junior mumbled something
like:
>>1)What are the security issues i would have to worry about if i
>>allow Mysql
>>to his account? Do i have to necessarily give him shell access?
No security concerns, unless he plans on keeping credit card numbers
in his database. At that point, your server becomes a more juicy
target for hackers looking for that kind of thing.
No, you do not need to give him shell access. He can do absolutely
everything he needs to do right through his browser with a PHP script
called PHPMyAdmin. (Do a search for it on Google.) The latest
version is fantastic - much better than the one I've been using for
the past year!
>>2)Should i consider an charging him for extra bandwidth
>>consumption, i mean,
>>does Mysql considerably consumes more bandwidth?
He will only use more bandwidth if he's connecting to the database
from his home (which you're not going to allow).
Otherwise, no bandwidth at all is used, because MySql doesn't
actually send anything out to the end-user (site visitor). A script,
like PHP or CGI, will ask the database a question. MySql gives the
answer back to the script itself - which then takes the data from the
answer and formats it into something for the end-user to see.
However, you might charge a little extra just for having the database
itself. I don't, but many hosts do - they take a free program like
MySQL and free PHP and say "You've gotta pay more to use this stuff."
*grumble*
>>3)How exactly do i create his account?
The easiest way to start managing your MySQL databases would be to
grab yourself a copy of PHPMyAdmin and drop it into a
password-protected folder in your /home/sites/home/web directory.
Open up config.php with an editor and input your username (root) and
password.
Then go to that directory through your browser, and you'll
immediately see (once you've gotten past the password challenge) the
opportunity to create a new database. Let's say it's going to be
named "bluewidgets". You'd type "bluewidgets" (no quotes) into the
field there on the right-hand side of the page and hit the CREATE
button.
It creates the database for you, and opens up a page where you can do
further stuff with it. In the big textarea there, you're going to
type (or copy/paste) the command to make a user *just* for the
bluewidgets database. (He won't be able to access any other
databases.) Type:
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER on
bluewidgets.* TO clientusername@localhost IDENTIFIED by
"clientusernamepassword";
So if the database is going to be called "bluewidgets", and the user
who can access this database is going to be called "widgetboy", and
that database user's password is going to be "ilovewidgets", your
statement would look like this:
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER on
bluewidgets.* TO widgetboy@localhost IDENTIFIED by "ilovewidgets";
Then you just hit the GO button at the bottom of that textarea and
you're all set.
Tell the client you've created a database for him, and give him this
info:
host: localhost
database: bluewidgets
user: widgetboy
pass: ilovewidgets
He can then do whatever he wants with his database, with no further
interaction from you!
HTH...
--
CarrieB
Thanks for your quotes!
I'm now trying to find a way to randomize them automagically so I can
use them all...