所以我试图在我的localhost上使用mysql和php以及html和css组建一个简单的会员网站。我正在使用一个类来尝试保持我的名为DbConnection的php OOP,它具有选择,插入,更新和删除方法,以及连接和断开数据库。我没有问题建立连接并将用户插入我的特定表。我的问题在于授予新创建的用户创建,删除,插入或更新任何数据的权限。我的grantUserStandardPermissions()函数中是否有错误?或者我不允许运行多个查询?
我的数据库:db_test 表:用户,产品,订单,心愿单
我想将这些用户存储在db_test的Users表中。不在我的mysql.user表上!
请帮助!
这就是我所拥有的:
我使用此功能连接到数据库:
/*=================================================================*/
//
// Function creates the connecton to the database
public function connect(){
// If there is no connection already in existence
if(!$this->con){
// Create the Connection to the database, the object oriented way
$this->connection = @mysql_connect($this->IP_ADDRESS, $this->DB_USER, $this->DB_PASSWORD, $this->DB_NAME) or die(@mysqli_err());
// If the connection was successful
if($this->connection){
// Connect to the Body Block Database
$select_database = @mysql_select_db($this->DB_NAME, $this->connection);
// If the Body Block database was selected
if($select_database){
// Connection was successful alert the user
echo 'Connected to the Database<br/>';
// Set the Connection to true
$this->con = true;
// Return tre
return true;
// Else the database was not selected
}else{
// Could not find the database
echo 'The Database does not Exist<br/>';
// Return false
return false;
}
// Else, the connection was unsuccessful
}else{
// Unable to connect, server problem
echo 'Unable to make a connection.<br/>';
// Return false
return false;
}
// There is a connection already
}else{
// Already connected
echo 'A connection to the database already exists.<br/>';
// Return true
return true;
}
} // End connect()
然后我插入一个具有此功能的用户:
/*=================================================================*/
//
// Function creates a new row with the passed in data
public function insert($table_name, $values, $rows = null){
// If the table exists
if($this->tableExists($table_name)){
// The query statement to run is created
$this->query = 'INSERT INTO ' .$table_name;
// If rows where passed in
if($rows != null){
// implode the rows array at a comma
$rows = implode(',', $rows);
// Append the rows to the query
$this->query .= ' ('.$rows.')';
}
// Loop throught the values we want to insert
for($i = 0; $i < count($values); $i++){
// If the values are strings
if(is_string($values[$i])){
// Set the values as strings to insert
$values[$i] = '\''.$values[$i].'\'';
}
}
// Implode the values where there is a ,
$values = implode(',',$values);
// Create the insert query to run on the database
$this->query .= 'VALUES ('. $values.')';
echo "$this->query"."<br/>";
// Run the query against the database
$result = mysql_query($this->query);
// If there is a result
if($result){
// Echo the Success
echo 'Success';
// Return true
return true;
// Else there is no result
}else{
// Return false
return false;
}
// Else the table does not exist
}else{
echo 'Failed to find table!';
// Return false
return false;
}
}// End insert()
然后我尝试使用此功能授予此用户权限:
更新 - 我删除了此功能,并使用我的所有访问权限管理员创建了用户,然后创建了第二个管理员来处理CRUD,从而查询我的用户表以查找用户,尝试执行操作
//=============================================================================
// Grant the permissions for the new User
public function grantUserStandardPermissions($username, $password){
$grantPermission = "GRANT SELECT, INSERT, UPDATE, DELETE ON db_test.* TO ";
$grantPermission .= $username;
$grantPermission .= " @'%' IDENTIFIED BY '". $password. "'";
echo "$grantPermission";
$result = mysql_query($grantPermission);
if($result){
mysql_query("FLUSH PRIVELAGES");
echo 'ran command';
return true;
}else{
return false;
}
}
答案 0 :(得分:2)
当我初始化MySQL db时,我运行:
SET sql_safe_updates=0;
delete from mysql.user where user = '';
commit;
CREATE SCHEMA `petshop` DEFAULT CHARACTER SET utf8;
CREATE USER `petshop-dml` identified by 'petshop-dml123';
GRANT SELECT ON petshop.* TO `petshop-dml`;
GRANT INSERT ON petshop.* TO `petshop-dml`;
GRANT UPDATE ON petshop.* TO `petshop-dml`;
GRANT DELETE ON petshop.* TO `petshop-dml`;
GRANT EXECUTE ON petshop.* TO `petshop-dml`;
//optionally create your own user, that executes DDLs:
//CREATE USER `petshop-admin` identified by 'petshop-admin123';
//GRANT ALL PRIVILEGES ON *.* TO `petshop-admin`@'%';
根据您的需要调整架构,密码和用户名,例如从PHP Admin或您喜欢的任何工具执行它:)
然后在您的应用程序中使用创建的用户(在此示例中为petshop-dml)来插入,更新,删除,查询。