HTML, XHTML and CSS All-In-One for Dummies - Andy Harris [250]
You’re able to log into your own copy of MySQL (and phpMyAdmin) as root because you’re the root owner. (If not, then refer to the preceding section.) It’s your database, so you should be allowed to do anything with it.
You probably don’t want your programs logging in as root because that can allow malicious code to sneak into your system and do mischief. You’re better off setting up a different user for each database and allowing that user access only to the tables within that database.
I’m really not kidding about the danger here. A user with root access can get into your database and do anything, including creating more users or changing the root password so that you can no longer get into your own database! You generally shouldn’t write any PHP programs that use root. Instead, have a special user for that database. If the bad guys get in as anything but root, they can’t blow up everything.
Fortunately, creating new users with phpMyAdmin isn’t a difficult procedure:
1. Log into phpMyAdmin with root access.
If you’re running XAMPP on your own server, you’ll automatically log in as root.
2. Activate the Privileges tab to view user privileges.
3. Add a new user using the Add a New User link on the Privileges page.
4. Fill in user information on the new user page (see Figure 1-11).
Be sure to add a username and password. Typically, you use localhost as the host.
5. Create a database, if it doesn’t already exist.
If you haven’t already made a database for this project, you can do so automatically with the Create Table Automatically radio button.
6. Do not assign global privileges.
Only the root user should have global privileges. You want this user to have the ability to work only within a specific database.
7. Create the user by clicking the Go button.
You see a new screen like Figure 1-12 (you need to scroll down a bit to see this part of the page).
8. Specify the user’s database.
Select the database in the drop-down list. This user (xfd) will have access only to tables in the xfd database. Note that you probably don’t have many databases on your system when you start out.
9. Apply most privileges.
You generally want your programs to do nearly everything within their own database so that you can apply almost all privileges (for now, anyway). I typically select all privileges except Grant, which lets the user allow access to other users. Figure 1-13 shows the Privileges page.
Figure 1-11: Here’s the new xfd user being created.
Figure 1-12: You can specify a specific database for this user.
Figure 1-13: The xfd user can do everything but grant other privileges on this database.
As you’re starting out, your programs have access to one database and are able to do plenty with it. As your data gets more critical, you’ll probably want to create more restrictive user accounts so that those programs that should only be reading your data don’t have the ability to modify or delete records. This change makes it more difficult for the bad guys to mess up your day.
Your database users won’t usually be people. This idea is hard, particularly if you haven’t used PHP or another server-side language yet. The database users are usually programs you have written that access the database in your name.
Using phpMyAdmin on a remote server
If you’re working on some remote system with your service provider, the mechanism for managing and creating your databases may be a bit different. Each host has its own quirks, but they’re all pretty similar. As an example, here’s how I connect to the system on Freehostia at http://freehostia.com (where I post the example pages for this book):
1. Log onto your service provider using the server login.
You usually see some sort of control panel with the various tools you have as an administrator. These tools often look like Figure 1-14.
Figure 1-14: The Free Hostia site shows a number of useful administration tools.
2. Locate your database settings.
Not all free hosting services provide database access, but some (like Free Hostia — at least,