You'd have to check out the user manual for your specific "flavor" of database and figure out how to set permissions for a given user. Once you find that, you probably want to grant something like UPDATE and SELECT privileges as a minimum, but that's your decision (and somewhat database dependent). If you're using MySQL, check out the MySQL Database Administration section. It's not too difficult once you figure it out. Just remember to FLUSH PRIVILEGES when you're done (for MySQL). Hope this helps. > -----Original Message----- > From: shaun [mailto:shaun@mania.plus.com] > Sent: Tuesday, April 15, 2003 10:23 AM > To: php-db@lists.php.net > Subject: Entering a query > > > Hi, > > I have a form on my page that lets a user enter a query to > the database, how > can I ensure that the user only enters 'SELECT' statements > and therefore > doesn't drop the whole database or do anything else malicious? > > Thanks for your help > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
