Thanks for reading. Before you read - I am using PHP & mySQL

谢谢阅读。在你阅读之前 - 我正在使用PHP和mySQL

I'm creating a simple web app where users will be accessing historical pricing for various products but will need to have their own unique notes about different products.

我正在创建一个简单的Web应用程序,用户将访问各种产品的历史定价,但需要有关于不同产品的独特注释。

There are roughly 100,000 products, each with their own table containing 50 to 100 rows at any given time.

大约有100,000个产品,每个产品在任何给定时间都有自己的包含50到100行的表。

I have no experience with database design so I need some help!

我没有数据库设计经验,所以我需要一些帮助!

1) What is the best way to store user notes for these products? Would it be best practice to create a table for each product containing notes generated by every user?

1)存储这些产品的用户注释的最佳方法是什么?最好的做法是为每个包含每个用户生成的注释的产品创建一个表吗?

2) Assuming a product is added, and no table has been previously generated for it, would it be considered 'secure' if I allow for dynamic table creation? (When I say dynamic, I mean within the PHP a check is performed and if no table exists, a table is created.)

2)假设添加了一个产品,并且之前没有为它生成过表,如果我允许动态表创建,它会被认为是“安全的”吗? (当我说动态时,我的意思是在PHP中执行检查,如果不存在表,则创建一个表。)

2a) While I do not anticipate any form of hacking, I am concerned that the ability to create tables provides too much access. Is it possible to allow for table creation but restrict the mySQL user from other functions such as drop?

2a)虽然我没有预料到任何形式的黑客行为,但我担心创建表格的能力提供了太多的访问权限。是否可以允许创建表,但限制mySQL用户使用drop等其他功能?

Thanks in advance!

提前致谢!

1 个解决方案

#1

---