List:General Discussion« Previous MessageNext Message »
From:Don Cohen Date:June 16 2010 9:47pm
Subject:RE: opening a server to generalized queries but not "too" far
View as plain text  
Daevid Vincent writes:

 > For the love of God and all that is holy, 
 > do NOT put the user/pass on the URL like that!!!!!!
What's so unholy (or even unwise) about it?

 > Or use "mod_auth_mysql" to maintain your 'authorized' users to your page.
Why is this so much better?
In my case it's worse cause I don't want this to be interactive.
I want to install something on a user's machine that will access his
data without him having to do anything.  The url is to be used by
a program, not a person on a browser.

 > And as Adam beat me to, use a VIEW to expose ONLY the columns and joins you
 > want. This is also a good time to normalize the data and column names so
 > that you don't expose what their internal names are.
So far I don't like this solution.

 > But also has he said, I don't see what you're trying to accomplish. If
I'm trying to let a large number of users each access his own data
and not everyone else's in a very flexible way, in particular,
allowing selection using functions, aggregations, filters.

 > someone is technically literate to format SQL statements, then just give
 > them a read-only account to the mysql (or view) directly. Let them use
 > their own GUI tool like SQLYog or whatever -- it will be far more robust
 > than anything you can write yourself.
In this case there may be a lot of users but the queries are likely to
be written by a small number.

 > If you're trying to do some "reports", then just code up the reports and
 > use select boxes for the options you want someone to choose. Use jQuery and
 > table_sorter plugin and you're done.
I can't predict what options will be needed.
And this seems much easier.
Thread
opening a server to generalized queries but not "too" far(Don Cohen)16 Jun
  • Re: opening a server to generalized queries but not "too" farAdam Alkins16 Jun
    • Re: opening a server to generalized queries but not "too" far(Don Cohen)16 Jun
      • Re: opening a server to generalized queries but not "too" farAdam Alkins16 Jun
      • RE: opening a server to generalized queries but not "too" farDaevid Vincent16 Jun
        • RE: opening a server to generalized queries but not "too" far(Don Cohen)16 Jun
          • RE: opening a server to generalized queries but not "too" farWm Mussatto17 Jun
          • RE: opening a server to generalized queries but not "too" farDaevid Vincent17 Jun
            • RE: opening a server to generalized queries but not "too" far(Don Cohen)17 Jun
  • Re: opening a server to generalized queries but not "too" farRaj Shekhar18 Jun
    • Re: opening a server to generalized queries but not "too" far(Don Cohen)18 Jun