Answer the question
In order to leave comments, you need to log in
D
D
divmod422018-03-22 22:45:47
divmod42, 2018-03-22 22:45:47
How to implement a php/mysql user system?
There was a need to implement a classic system of users on the site (php, mysql). The user can create/edit/delete his entries. Accordingly, other users can only view other people's entries, the administrator has access to editing / deleting other people's entries.
Looked at the implementation a little. I learned about user groups, their rights, checking rights when accessing data, and so on and so forth.
Several questions emerged. Perhaps someone can comment on them:
- mysql has an implementation of the user rights system with flexible data access settings. When a user registers on the site, he is assigned these rights, i.e. are these features of mysql being used?
- Authorization information is recorded to whose side? When switching from page to page, each time there is a reconnection to the database, which means that information about the previous session is lost?
I have not worked with such systems before. I just saw PHP now, so I don’t really understand the principle of transferring and storing data between scripts. I can write queries in DBMS. Perhaps you can suggest something specific. Thanks in advance!
1 answer(s)
@ThunderCat
Do not confuse user authorization on the site and script authorization when accessing the database. The script has unified settings for connecting to the database, and the user interacts with the script through a web server, the user cannot access the database directly. When authorizing, the chain of actions is approximately the following:
- enter the authorization data (browser) and send it to the server
- the server receives the data, creates a connection to the database, and checks whether the user entered the correct data with a request.
- If everything is OK, a record is created in the session (read about the session mechanism in php), and then it is checked with each request to the server whether there is a corresponding key in the session. If yes, then the user is authorized.
T
ThunderCat, 2018-03-23 @ThunderCat
mysql has an implementation of the user rights system with flexible data access settings. When a user registers on the site, he is assigned these rights, i.e. are these features of mysql being used?No, these are purely database users, for this they are not used in web applications.
Do not confuse user authorization on the site and script authorization when accessing the database. The script has unified settings for connecting to the database, and the user interacts with the script through a web server, the user cannot access the database directly. When authorizing, the chain of actions is approximately the following:
- enter the authorization data (browser) and send it to the server
- the server receives the data, creates a connection to the database, and checks whether the user entered the correct data with a request.
- If everything is OK, a record is created in the session (read about the session mechanism in php), and then it is checked with each request to the server whether there is a corresponding key in the session. If yes, then the user is authorized.
Similar questions
S
S
S
A
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question