Getting Connected with Firefox and Chrome

(Page 1 of 4 )

In this third part of a four-part article series on configuring Firefox for Chrome and a server, you'll learn how to connect PHP to MySQL, call the MySQLi API, and more. This article is excerpted from chapter four of Programming Firefox, written by Kenneth C. Feldt (O'Reilly, 2007; ISBN: 0596102437). Copyright © 2007 O'Reilly Media, Inc. All rights reserved. Used with permission from the publisher. Available from booksellers or direct from O'Reilly Media.

Creating database user accounts

When the server software requests information from a database, the software will have to make its request through a MySQL account. We should set this account so that it has only the minimum privileges necessary for the task at hand. That means we limit a user’s read and write authorization to specific tables in the database.

The commands to manage account privileges involve specifying the account or user name, setting a boundary to a limited set of objects that are affected, and setting the privilege itself that describes what degree of access and modification is granted. The minimal, general form of a command to assign a privilege is as follows:

  GRANT priv_type [(column_list)] [, priv_type [(column_list)]] ...
      ON [object_type] {tbl_name | * | *.* | db_name.*}
      TO user [IDENTIFIED BY [PASSWORD] 'password']
          [, user [IDENTIFIED BY [PASSWORD] 'password']] ...
      [REQUIRE
          NONE |
          [{SSL| X509}]
          [CIPHER 'cipher' [AND]]
          [ISSUER 'issuer' [AND]]
          [SUBJECT 'subject']]
      [WITH with_option [with_option] ...]

  object_type =
      TABLE
    | FUNCTION
    | PROCEDURE

Thepriv_type  parameter is one of a fairly substantial number of tokens that define the privilege being granted. The most familiar of these types includesSELECT(to select information from tables),INSERT(to insert new rows into tables),UPDATE(to modify table entries), andDELETE(to remove rows from a table).

Theobject_type  parameter sets a boundary on the privilege being granted. The object type can range from*(all tables on all databases), to an entry of the formdatabaseName.tableName  to further qualify the objects to which theGRANTstatement applies.

To create anewssearch_guestaccount that can read any data from the table, you could specify the following script file to create the account:

  use newssearch;
  grant select on newssearch.account to
      newssearch_guest identified by 'nsgst';
  grant update (last_session) on account to newssearch_guest;

Reading this script file (or typing it into the MySQL interpreter) will create a database user account,newssearch_guest, that canSELECTdata only from theaccountstable. The second statement addsUPDATEprivileges to the database account to allow scripts to update the session information in the database. We now have enough information to turn our attention to the PHP script that accesses the database.

Next: Connecting PHP to MySQL >>
 

More Web Standards Articles
More By O'Reilly Media

Comments On: Getting Connected with Firefox and Chrome

· This article is an excerpt from the book "Programming Firefox," published by...   >>> Post your comment now!

Buy this book...

This article is excerpted from chapter four of Programming Firefox, written by Kenneth C. Feldt (O'Reilly, 2007; ISBN: 0596102437). Check it out today at your favorite bookstore. Buy this book now.