I'm a relative noob with SQL and PHP, but learning every day. I managed to create a DB with some tables using phpMyAdmin and my webhost's cPanel.
Then I made some PHP scripts in my web pages that create, change and display that data, and it works, so far so good.
I have been reading up on security, as this is new to me and every site recommends doing that to avoid attacks.
I read about having different user accounts to access the data with limited privileges to avoid unwanted queries, sounds sensible. I had one user that created the tables and has the ability to do things like truncate, drop etc... So I made a couple more users in cPanel. One was a "Read Only" with just SELECT granted, for pages that just display a table of data for example. The other was an "Editor" user, which has DELETE, INSERT, SELECT and UPDATE granted, for use on form pages, so it can add, change and delete entries, but not destroy tables.
The problem is, when I get my scripts is access the DB with these accounts, I get:
Access denied for user 'username'@'localhost' (using password: YES)
It works fine with the original user with more privileges.
Anyone got any clues?