delimiter ;drop database if exists night_db;create database night_db;

1.  
2. delimiter ;
3.  
4. drop database if exists night_db;
5.  
6. create database night_db;
7.  
8. /*
9. create a user who will be the owner of the new database. This user will be used
10. to create all the tables, views, stored procedures and other schema objects in
11. the night_db database.
12.  
13. grant all permissions to this user to enable them to do anything they want
14. inside that database
15.  
16. */
17.  
18. grant all on night_db.* to 'night_dbo'@'localhost' identified by 'pass';
19. grant select on mysql.* to 'night_dbo'@'localhost'; -- bug fix for toad
20.  
21. /*
22.  
23. now i have a web front end written in php but if i use the night_dbo account
24. to access the database any haxor who gets his hands on this user and pass could
25. gain full control of my database - not good.
26.  
27. so all i do is i create a new user called night_usr who only has execute permissions
28. on stored procs for the night_db database. This means that if a haxor gets hold of
29. this account the worst thing they can do is call some stored procs.
30.  
31. Of course your front end code can also only call stored procs - THIS IS A GOOD THING,
32. much better than inline sql as your code will be much cleaner and perform better !!
33.  
34. */
35.  
36. grant execute on night_db.* to 'night_usr'@'localhost' identified by 'pass';
37.  
38.  
39. flush privileges;
40.  
41. select host, user from mysql.user;