Rails - Jun 2006 - two connections to the same database

Hi,

I want to let the users of my web app enter plain SQL commands (for
customized reports), so, I want them to do this under a read only mysql
user so that I ensure they won''t compromise any data. But the rest of
the
application needs full r/w access.

So, how can I implement on the same app a second connection just for a
controller for example???


Thanks.

Matias wrote:
> Hi,
> 
> I want to let the users of my web app enter plain SQL commands (for
> customized reports), so, I want them to do this under a read only mysql
> user so that I ensure they won''t compromise any data. But the rest
of
> the
> application needs full r/w access.
> 
> So, how can I implement on the same app a second connection just for a
> controller for example???
> 
> 
> Thanks.
Rather than try to use two connections, why not just scrub their 
incoming SQL commands for stuff like INSERT, DELETE, and UPDATE?

Better yet, build a more full-featured query designer so you have 
absolute control over what they can and cannot do. Letting random users 
execute SQL is pretty dangerous.

-- 
Posted via http://www.ruby-forum.com/.