The question… Is it possible to add MySQL permissions to only allow to select fields based on permissions?
Example:
- User
user1
can only select/insert/delete from theusers
table where the columninstance
is equal to1
(1 being passed via PHP). - User
user2
can only select/insert/delete from theusers
table where the columninstance
is equal to2
(1 being passed via PHP).
Here's the background info:
I'm creating an application with the same code base being used for multiple sites. Conditions within the app load different layouts. The multiple sites are using the same database because most information can be shared between sites. A user that registers on one site must also register on another site (this is how we want it because the sites are "by invitation only")
What I'm thinking of doing is to have users table: id, email, password, instance. The instance column would have the id of the site.
On the application layer every time I need to select/insert/delete from this table I append instance = [site_id] to the query... example: SELECT * FROM users WHERE email = '' AND instance = [site_id];