Link to home
Start Free TrialLog in
Avatar of MathHelper
MathHelper

asked on

CREATE USER IN MSSQL STORED PROCEDURE

Can you create a user and grant privileges using CREATE USER and GRANT in a stored procedure using variables from a web page? I have code in my stored procedure to insert into the USER and DB tables but when I try to connect from my web page I receive an access denied error. However, when I create a new user via the MYSQL Admin gui I have no problem connecting from my web page. MYSQL 5, PHP 5, APACHE 2, Windows xp. My store procedure code:
CREATE DEFINER=`root`@`localhost` PROCEDURE `usp_add_client`(IN parm_name varchar(16))
BEGIN
     DECLARE temp_password varchar(45);
     set temp_password = concat('test',right(rand(),5));
     start transaction;
     /*insert mymathhelper.clients (name,password,chg_password)
         VALUES(parm_name,
                temp_password,
                1);*/
     insert mysql.user
     (  Host,
        User,
        Password,
        Select_priv,
        Execute_priv,
        ssl_cipher,
        x509_issuer,
        x509_subject )
     values
           ('localhost',
           parm_name,
           temp_password,
           'Y',
           'Y',
           'null',
           'null',
           'null'
           );
     insert mysql.db
     (  Host,
        Db,
        User,
        Select_priv,
        Execute_priv)
     values
           ('localhost',
           'mymathhelper',
           parm_name,
           'Y',
           'Y');

     commit;
END
ASKER CERTIFIED SOLUTION
Avatar of mankowitz
mankowitz
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of nitinmehta
nitinmehta
are you sure your code is inserting the data in right tables?
SOLUTION
Avatar of nitinmehta
nitinmehta
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of MathHelper
MathHelper

ASKER

The procedure is call using by a guest account that has execute privileges. The connection is made using the parms ("localhost", "guest", "guest password", "database name"). The user and grants table rows are being created. I'm concerned that since I'm manually inserting these tables that I'm missing some info that is created by using "create user".  I'm testing all of this from a single laptop. PHP connects via Apache as localhost.
Avatar of nitinmehta
nitinmehta
password field's value cannot be "temp_password", it should be password('temp_password').

hope that helps...