MathHelper
asked on
CREATE USER IN MSSQL STORED PROCEDURE
Can you create a user and grant privileges using CREATE USER and GRANT in a stored procedure using variables from a web page? I have code in my stored procedure to insert into the USER and DB tables but when I try to connect from my web page I receive an access denied error. However, when I create a new user via the MYSQL Admin gui I have no problem connecting from my web page. MYSQL 5, PHP 5, APACHE 2, Windows xp. My store procedure code:
CREATE DEFINER=`root`@`localhost` PROCEDURE `usp_add_client`(IN parm_name varchar(16))
BEGIN
DECLARE temp_password varchar(45);
set temp_password = concat('test',right(rand() ,5));
start transaction;
/*insert mymathhelper.clients (name,password,chg_passwor d)
VALUES(parm_name,
temp_password,
1);*/
insert mysql.user
( Host,
User,
Password,
Select_priv,
Execute_priv,
ssl_cipher,
x509_issuer,
x509_subject )
values
('localhost',
parm_name,
temp_password,
'Y',
'Y',
'null',
'null',
'null'
);
insert mysql.db
( Host,
Db,
User,
Select_priv,
Execute_priv)
values
('localhost',
'mymathhelper',
parm_name,
'Y',
'Y');
commit;
END
CREATE DEFINER=`root`@`localhost`
BEGIN
DECLARE temp_password varchar(45);
set temp_password = concat('test',right(rand()
start transaction;
/*insert mymathhelper.clients (name,password,chg_passwor
VALUES(parm_name,
temp_password,
1);*/
insert mysql.user
( Host,
User,
Password,
Select_priv,
Execute_priv,
ssl_cipher,
x509_issuer,
x509_subject )
values
('localhost',
parm_name,
temp_password,
'Y',
'Y',
'null',
'null',
'null'
);
insert mysql.db
( Host,
Db,
User,
Select_priv,
Execute_priv)
values
('localhost',
'mymathhelper',
parm_name,
'Y',
'Y');
commit;
END
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
are you sure your code is inserting the data in right tables?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The procedure is call using by a guest account that has execute privileges. The connection is made using the parms ("localhost", "guest", "guest password", "database name"). The user and grants table rows are being created. I'm concerned that since I'm manually inserting these tables that I'm missing some info that is created by using "create user". I'm testing all of this from a single laptop. PHP connects via Apache as localhost.
password field's value cannot be "temp_password", it should be password('temp_password').
hope that helps...
hope that helps...