Thank you very much for yours explanations.
I have another problem with my site.
Anybody who enters my site connect with database with a default user:
Code: Select all
<?php $host = "localhost";
$user = "test";
$pass = "test";
$dbname = "shop";
$connection = mysql_connect($host,$user,$pass) or die (mysql_errno().": ".mysql_error()."<BR>");
mysql_select_db($dbname); ?>
I have specified privileges for user "test" in phpmyadmin: select and insert.
Witout registration, the guest (test) user cannot buy anything, etc.
In my register.php I want to grant additional privileges for registered user(select, insert, update, delete) ex:
Code: Select all
$query3= "GRANT SELECT, INSERT, UPDATE, DELETE "
."ON shop.* "
."TO ".$arVals['login']." IDENTIFIED BY ".$arVals['pass1']."; "
.
.
.
.
$result1 = mysql_query($query3) or die("Invalid query: " . mysql_error() . "<br><br>". $query3);
But for this I have to add grant privilege for user test, which is not safe:/
I don't know what I have do with this problem.
I hope you understand me.
Any advice??
Regards