- wrote:
how does one prevent someone from directly inserting into a table such
that any inserts should be passed to a stored procedure e.g
insert_data(....)
As far as I can tell, MySQL does not support this. For this to work you
would need to grant INSERT privilege to the _procedure_, not to a user,
and then use GRANT EXECUTE to give the user privilege to run that procedure.
Unfortunately, the syntax documentation for GRANT shows that there is
neither support for GRANT EXECUTE, nor giving privileges to anything
besides a user. I'm guessing if they want to support this, it will
require a restructuring of the privilege tables in the system 'mysql'
database to support this.
For the time being, a MySQL stored procedure with an INSERT to a table
will fail unless the user executing the procedure has that privilege on
that table.
Regards,
Bill K.