Jump to content
Larry Ullman's Book Forums

Each User Should Access Only His/her Data

Recommended Posts

Dear All,


Dear Mr. Larry Ullman; first of all, I would like to thank you for writing great books about PHP/Mysql. I learn a lot of off and hopefully in the future you will keep writing great books about PHP/Mysql


Currently I have one question, which was not handled/mentioned in edition 4. I have created a simple CRUD application and users/students are able to login and to register some stuff about their books/tasks. So far this is working great, but what I accomplish is that whenever a logged in user insert any data to mysql database, that this data should be owned by him.

What I mean by this is that any logged in user should be able to insert/edit/delete and search his only data and not what others inserted/edit any data.


I already searched for a solution, but till now with no luck unfortunately.

I have found the following url: https://www.sqlmaestro.com/resources/all/row_level_security_mysql/ which is explaining exactly my requirement for my crued application, but to be honest I don't understand it complete and it doesn't show how to integrate with PHP.



I hope to receive some valuable feedback.


Many thanks.

Best regards,



Link to comment
Share on other sites

Thank you for the nice words. I really appreciate it! As for your question, the short answer is that you store every record with an author/owner ID which is a foreign key to the user. So if a piece of data might be "event", you'd just have all the event data plus the author/owner ID. Then you'd check the author/owner ID based upon whatever vision you use for data access. Let me know if that still isn't clear.


And thanks again for the nice words!

Link to comment
Share on other sites


  • Create New...