Table of Contents
Advertisement
CREATE PROCEDURE
• If you have the
SUPER
account does not actually exist, a warning is generated.
• Although it is possible to create a routine with a nonexistent
routine execution time if the
exist.
For more information about stored routine security, see
Programs and
Views".
Within a stored routine that is defined with the
[959]
CURRENT_USER
stored routines, see
Section 6.3.8, "SQL-Based MySQL Account Activity
Consider the following procedure, which displays a count of the number of MySQL accounts listed in
the
table:
mysql.user
CREATE DEFINER = 'admin'@'localhost' PROCEDURE account_count()
BEGIN
SELECT 'Number of accounts:', COUNT(*) FROM mysql.user;
END;
The procedure is assigned a
defines it. It executes with the privileges of that account no matter which user invokes it (because the
default security characteristic is DEFINER). The procedure succeeds or fails depending on whether
invoker has the
EXECUTE
privilege for the
mysql.user
Now suppose that the procedure is defined with the
CREATE DEFINER = 'admin'@'localhost' PROCEDURE account_count()
SQL SECURITY INVOKER
BEGIN
SELECT 'Number of accounts:', COUNT(*) FROM mysql.user;
END;
The procedure still has a
the privileges of the invoking user. Thus, the procedure succeeds or fails depending on whether the
invoker has the
EXECUTE
table.
As of MySQL 5.0.18, the handles the data type of a routine parameter, local routine variable created
with DECLARE, or function return value as follows:
• Assignments are checked for data type mismatches and overflow. Conversion and overflow
problems result in warnings, or errors in strict SQL mode.
• Only scalar values can be assigned. For example, a statement such as
is invalid.
• For character data types, if there is a
character set and its default collation are used. If there is no such attribute, as of MySQL 5.0.25, the
database character set and collation that are in effect at the time the server loads the routine into the
routine cache are used. (These are given by the values of the
and
collation_database
change while the routine is in the cache, routine execution is unaffected by the change until the next
time the server reloads the routine into the cache. The
includes use of BINARY, which in this context specifies the binary collation of the character set.)
If you change the database default character set or collation, stored routines that use the database
defaults must be dropped and recreated so that they use the new defaults.
and
[578]
privilege, you can specify any syntactically legal account name. If the
SQL SECURITY
returns the routine's
DEFINER
account of
DEFINER
[577]
privilege for it and
table.
of 'admin'@'localhost', but in this case, it executes with
DEFINER
[577]
privilege for it and the
CHARACTER SET
[444]
system variables.) If the database character set or collation
1028
Syntax
CREATE FUNCTION
DEFINER
value is
but the definer account does not
DEFINER
Section 18.5, "Access Control for Stored
SQL SECURITY DEFINER
value. For information about user auditing within
'admin'@'localhost'
'admin'@'localhost'
SQL SECURITY INVOKER
[578]
SELECT
attribute in the declaration, the specified
character_set_database
attribute is not supported. (This
COLLATE
account, an error occurs at
characteristic,
Auditing".
no matter which user
has the
SELECT
characteristic:
privilege for the
mysql.user
SET x = (SELECT 1, 2)
[578]
[442]
Advertisement
Chapters
Table of Contents
Troubleshooting
