Open Source Server Side Scripting Permissions & Users

Open Source Server Side Scripting Permissions & Users
ECA 236 Open Source Server Side Scripting Permissions & Users Open Source Server Side Scripting

2 additional date functions
DATE_FORMAT( ) used to format both the date and time used if values are DATE or DATETIME data types ( YYYY-MM-DD HH:MM:SS ) TIME_FORMAT( ) used to format time used if values are TIME data type ( HH:MM:SS ) SELECT DATE_FORMAT( date_column, ‘format_string’ ) FROM table_name; ECA 236 Open Source Server Side Scripting

Open Source Server Side Scripting
format specifiers Specifier Description Example %e day of the month 1 – 31 %d day of the month, 2 digits 01 – 31 %D day with suffix 1st – 31st %W weekday name Sunday – Saturday %a abbreviated weekday name Sun – Sat %c month number 1 – 12 %m month number, 2 digit 01 – 12 ECA 236 Open Source Server Side Scripting

format specifiers cont …
Description Example %M month name January – December %b abbreviated month name Jan – Dec %Y year 2003 %y 03 %l (lowercase L) hour 1 – 12 %h hour, 2 digit 01 – 12 %k hour, 24 hour clock 0 – 23 ECA 236 Open Source Server Side Scripting

format specifiers cont …
Description Example %H hour, 24 hour clock, 2 digit 00 – 23 %i minutes 00 – 59 %S seconds %r time 3:13:03 PM %T time, 24 hour clock 15:13:03 %p AM or PM ECA 236 Open Source Server Side Scripting

format examples display the current date and time in the format: Month DD, YYYY – HH:MM display the registration date in users in the format: Registered on the DDth of Month. SELECT DATE_FORMAT( NOW( ), ‘%M %e, %Y - %l:%i' ); SELECT DATE_FORMAT( registration_date, ‘Registered on the %D of %M.’ ) FROM users; ECA 236 Open Source Server Side Scripting

ALTER used to alter the structure of a table after it has been created changing data type changing size change column name etc ALTER TABLE table_name alteration [, alteration … ]; ECA 236 Open Source Server Side Scripting

ALTER cont … common ALTER clauses Clause Meaning ADD COLUMN Add a new column to the end of a table DROP COLUMN Removes a column from a table, including all its data CHANGE COLUMN Change the data type and properties of a column ADD INDEX Adds a new index on a column DROP INDEX Removes an existing index RENAME AS Changes the name of a table ECA 236 Open Source Server Side Scripting

ALTER cont … to add an additional column to users AFTER adds new column after designated column FIRST adds new column as first column in table default is to add column to end ALTER TABLE users ADD COLUMN username VARCHAR(20) AFTER user_id; ECA 236 Open Source Server Side Scripting

ALTER cont … to drop a column to change the properties of a column, such as changing size of last_name from 30 to 45 ALTER TABLE users DROP COLUMN username; ALTER TABLE users CHANGE COLUMN last_name last_name VARCHAR(45); ECA 236 Open Source Server Side Scripting

INDEX used to improve overall performance, especially when searching a particular column or columns indexes are best used on columns that are frequently used in a WHERE clause are frequently used in an ORDER BY clause are frequently used in joins contain unique value do not place an INDEX on columns which don’t need them ECA 236 Open Source Server Side Scripting

INDEX cont … 3 types of indexes INDEX UNIQUE ( each row must have a unique value ) PRIMARY KEY ( automatically indexed ) Syntax ALTER TABLE table_name ADD INDEX index_name ( column_name ); ECA 236 Open Source Server Side Scripting

INDEX cont … to add an INDEX on the last_name, first_name, and password columns, and a UNIQUE index on the username column, of the table users ALTER TABLE users ADD INDEX ( last_name ), ADD INDEX ( first_name ), ADD INDEX ( password ), ADD UNIQUE ( username ); ECA 236 Open Source Server Side Scripting

INDEX cont … to drop an index to rename a table ALTER TABLE users DROP INDEX first_name; ALTER TABLE table_name RENAME AS new_table_name; ECA 236 Open Source Server Side Scripting

database users root user administrative privileges which should not be shared with any other user other users we will create one administrative user for PHP scripts which connect through the web limit these other users to what privileges they have on any particular database ECA 236 Open Source Server Side Scripting

privileges privilege a right to perform a particular action on a particular database specific privileges are associated with individual users privileges are granted when a user is created principle of least privilege Do not give a user any more privileges than necessary ECA 236 Open Source Server Side Scripting

privileges cont … MySQL Privileges Privilege Applies To Allows SELECT tables, columns Read rows from tables INSERT Add new rows to tables UPDATE Modify existing data in tables DELETE tables Delete existing data in tables INDEX Create and drop indexes ALTER Modify the structure of tables CREATE database, tables Create new databases or tables ECA 236 Open Source Server Side Scripting

privileges cont … MySQL Privileges Privilege Applies To Allows DROP database, tables Drop existing databases or tables RELOAD server Reload the grant tables to enact user changes SHUTDOWN Shut down the MySQL Server PROCESS View and stop MySQL server processes FILE Import data into tables from text files GRANT Create new users REVOKE Remove the privileges of existing users ECA 236 Open Source Server Side Scripting

privileges cont … by default, the root user has been granted all privileges as root user, we can create new users with a limited set of privileges on specific databases MySQL server can contain multiple databases each user may be limited to a single database, table, or column, as well as limiting type of privileges on each privilege system insures integrity of databases ECA 236 Open Source Server Side Scripting

privileges cont … when a user attempts to do something with the server, MySQL checks to make sure user has: permission to connect to server, based on username and pw permission to connect to specified database permission to run specific queries ECA 236 Open Source Server Side Scripting

privileges cont … to check permissions, MySQL looks in the following tables of the mysql database: db host user tables_priv columns_priv ECA 236 Open Source Server Side Scripting

GRANT users can be granted 4 levels of privileges global ( reserve for root ) database table column GRANT is used to create users and grant privileges GRANT privileges ON database.* TO username IDENTIFIED BY ‘password’; ECA 236 Open Source Server Side Scripting

GRANT cont … GRANT privileges ON database.* TO username IDENTIFIED BY ‘password’; privileges comma separated list of privileges to grant to user database.* designate the database and table to which the privileges apply database.* applies to all tables in the database database.table_name applies only to specified table ECA 236 Open Source Server Side Scripting

GRANT cont … GRANT privileges ON database.* TO username IDENTIFIED BY ‘password’; username specify user name 16 character limit no spaces case sensitive ECA 236 Open Source Server Side Scripting

GRANT cont … GRANT privileges ON database.* TO username IDENTIFIED BY ‘password’; IDENTIFIED BY ‘password ’ designated password with which the user logs on no length limit automatically encrypted to 16 characters case sensitive omitting IDENTIFIED BY clause will create a user who requires no password ECA 236 Open Source Server Side Scripting

GRANT example create a new database create a user who has administrative privileges on mushrooms alter tables, insert data, create tables, etc privileges on every table in mushrooms CREATE DATABASE mushrooms; GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER, INDEX ON mushrooms.* TO bob IDENTIFIED BY ‘TwPk’; ECA 236 Open Source Server Side Scripting

GRANT example cont … create a second user with only SELECT privileges tell MySQL to enact the changes in the privilege tables GRANT SELECT ON mushrooms.* TO leland IDENTIFIED BY ‘alterEgo’; FLUSH PRIVILEGES; ECA 236 Open Source Server Side Scripting

GRANT example cont … test new users and their privileges exit as root user sign in as the user bob with the password “ TwPk ” attempt to use mysql database attempt to use mushrooms database use mysql; use mushrooms; ECA 236 Open Source Server Side Scripting

GRANT example cont … create a table in the mushrooms database INSERT one record into morel exit mysql monitor, sign in as leland SELECT records CREATE TABLE morel ( location VARCHAR(50), find_date DATE ); INSERT INTO morel VALUES ( ‘Bolivar’, ‘ ’ ); CREATE TABLE morel ( location VARCHAR(50), find_date DATE ); SELECT * FROM morel; ECA 236 Open Source Server Side Scripting

sitename create a user NAMED Web_User for sitename with the following privileges: SELECT, INSERT, UPDATE, DELETE. Web_User is identified by the password ‘my1230’ GRANT SELECT, INSERT, UPDATE, DELETE ON sitename.* TO Web_User IDENTIFIED BY ‘my1230’; FLUSH PRIVILEGES; ECA 236 Open Source Server Side Scripting

General Security Guidelines
4.3.1 in the MySQL Manual do not ever give anyone, except the root user, access to the user table in the mysql database learn the MySQL privilege system do not keep plain-text passwords in the database do not choose passwords from the dictionary do not trust any data entered by a user do not transmit plain, unencrypted data over the Internet ECA 236 Open Source Server Side Scripting

PHP & MySQL to test whether PHP is making a connection to MySQL, run the following from a server if you connect you will see <?php echo $dbc = mysql_connect( ‘localhost’, ’Web_User’, ‘my1230’ ); ?> Resource id #1 ECA 236 Open Source Server Side Scripting

Open Source Server Side Scripting Permissions & Users

Similar presentations

Presentation on theme: "Open Source Server Side Scripting Permissions & Users"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Open Source Server Side Scripting Permissions & Users

Similar presentations

Presentation on theme: "Open Source Server Side Scripting Permissions & Users"— Presentation transcript:

Similar presentations

About project

Feedback