Another thought on this:
Even though you don't have access via phpmyadmin to get to the users table, could you try to create users/grant privileges via straight sql thur the PMA sql window?
ie
grant select, insert, update to 'bob'@'localhost' on mysql.users indentified by password('my_pass');
bastien
From: Doug Thompson <dthompson@xxxxxxxxxxxxx> To: Shay <mastershay@xxxxxxxxxxx> CC: php-db@xxxxxxxxxxxxx Subject: Re: Given only one mySQL user account by Host Company Date: Sun, 23 Jan 2005 15:51:41 -0700
Shay wrote:Yes they gave me phpMyAdmin to use, and no, I have no access to the user/privilege table. So the only way to output database entries is to connect with the single super account they gave me.
Principally, this means you cannot allocate user accounts for mysql. No big deal unless you have a business model that calls for that. In which case, refer to my first comment in my original reply.
Exactly right. The objective is to make it more difficult to hack the mysql login info.I have a question about what you said Doug:
Use INCLUDEs for the login portions of the script(s) and place them in a protected directory. If >you are unable to protect directories (.htaccess) with this host, they are begging for trouble and >victimizing their subscribers.
In other words, call on an external function to connect to the database, and place the file with this function in a directory that is .htaccess protected. Is this correct? I do have a separate file with a database connect function that all the pages on my site use, I just don't have it in a .htaccess protected directory.
Doug
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
