MySQL - 锁定用户账户
MySQL 引入账户锁定功能是为了通过阻止未经授权的交易或可疑活动来提高数据库的安全性。
在很多情况下,MySQL 用户账户需要因各种原因被锁定。例如,等待完成帐户授权,或者帐户长时间处于非活动状态等。在这种情况下,锁定帐户可以提高 MySQL 服务器的效率。
MySQL 锁定用户帐户
为了检查帐户是否被锁定,MySQL 在"mysql.user"表中提供了"account_locked"属性,该属性分别包含"Y"或"N"值。"Y"值表示帐户已锁定,"N"值表示帐户未锁定。
锁定新帐户
MySQL 提供了 ACCOUNT LOCK 子句来锁定帐户。将此子句与 CREATE USER 和 ALTER USER 语句一起使用,将分别创建一个新的已锁定用户或锁定现有用户。
语法
以下是 CREATE USER...ACCOUNT LOCK 语句的语法 -
CREATE USER username@hostname IDENTIFIED BY 'new_password' ACCOUNT LOCK;
示例
在以下查询中,我们使用 CREATE USER 语句在 MySQL 中创建一个新的已锁定用户帐户 -
CREATE USER test@localhost IDENTIFIED BY 'asdfgh' ACCOUNT LOCK;
输出
以下是上述代码的输出 -
Query OK, 0 rows affected (0.02 sec)
验证
我们可以使用以下 SELECT 语句验证"test"用户的帐户是否被锁定 -
SELECT User, Host, account_locked FROM mysql.user WHERE User = 'test';
上述代码的输出如下所示 -
| User | Host | account_locked |
|---|---|---|
| test | localhost | Y |
由于账户已被锁定,除非再次解锁,否则您将无法访问。请看以下示例 -
C:\Windows\System32> mysql -u test -p Enter password: ******
结果如下 -
ERROR 3118 (HY000): Access denied for user 'test'@'localhost'. Account is locked.
锁定现有账户
我们可以使用 ALTER USER... ACCOUNT LOCK 语句锁定 MySQL 中的现有账户。但您必须确保用户在执行查询之前处于解锁状态。
语法
以下是 ALTER USER... ACCOUNT LOCK 语句的语法 -
ALTER USER username@hostname ACCOUNT LOCK;
示例
在这里,我们使用 ALTER USER 语句锁定 MySQL 中的现有用户账户 -
ALTER USER sample@localhost ACCOUNT LOCK;
输出
上述代码的输出如下 -
Query OK, 0 rows affected (0.00 sec)
验证
我们可以使用以下 SELECT 语句验证"sample"用户的账户是否被锁定 -
SELECT User, Host, account_locked FROM mysql.user WHERE User = 'sample';
结果如下所示 -
| User | Host | account_locked |
|---|---|---|
| sample | localhost | Y |
为了验证帐户是否被锁定,让我们按照下面的查询所示访问它 -
C:\Windows\System32> mysql -u sample -p Enter password: ******
我们得到如下输出 -
ERROR 3118 (HY000): Access denied for user 'sample'@'localhost'. Account is locked.
使用客户端程序锁定用户帐户
现在,在本节中,我们将讨论如何使用各种客户端程序锁定 MySQL 用户。
语法
以下是语法 -
以下是使用 PHP 锁定 MySQL 用户帐户的语法 -
$sql = "CREATE USER user_name IDENTIFIED BY 'password' ACCOUNT LOCK"; 或者, $sql = "ALTER USER user_name@localhost IDENTIFIED BY 'password' ACCOUNT LOCK"; $mysqli->query($sql);
以下是使用 JavaScript 锁定 MySQL 用户帐户的语法 -
sql= "CREATE USER username@hostname IDENTIFIED BY 'new_password' ACCOUNT LOCK";
con.query(sql, function (err, result) {
if (err) throw err;
console.log(result);
});
以下是使用 Java 锁定 MySQL 用户帐户的语法 -
String sql = "ALTER USER USER_NAME@LOCALHOST IDENTIFIED BY 'password' ACCOUNT LOCK"; 或者, String sql = "CREATE USER USER_NAME IDENTIFIED BY 'password' ACCOUNT LOCK"; statement.execute(sql);
以下是使用 Python 锁定 MySQL 用户帐户的语法 -
sql = f"ALTER USER '{username_to_lock}'@'localhost' ACCOUNT LOCK";
cursorObj.execute(sql);
示例
以下是使用各种编程语言锁定用户的程序 -
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'password';
$mysqli = new mysqli($dbhost, $dbuser, $dbpass);
if($mysqli->connect_errno ) {
printf("Connect failed: %s
", $mysqli->connect_error);
exit();
}
//printf('Connected successfully.
');
$sql = "CREATE USER Sarika IDENTIFIED BY 'password' ACCOUNT LOCK;";
if($mysqli->query($sql)){
printf("User has been locked successfully..!");
}
if($mysqli->error){
printf("Failed..!" , $mysqli->error);
}
$mysqli->close();
输出
获得的输出如下 -
User has been locked successfully..!
var mysql = require('mysql2');
var con = mysql.createConnection({
host: "localhost",
user: "root",
password: "Nr5a0204@123"
});
//连接到 MySQL
con.connect(function (err) {
if (err) throw err;
console.log("Connected!");
console.log("--------------------------");
sql = "CREATE USER test@localhost IDENTIFIED BY 'asdfgh' ACCOUNT LOCK;"
con.query(sql);
sql = "SELECT User, Host, account_locked FROM mysql.user WHERE User = 'test';";
con.query(sql, function(err, result){
if (err) throw err;
console.log(result);
});
});
输出
生成的输出如下 -
Connected!
--------------------------
[ { User: 'test', Host: 'localhost', account_locked: 'Y' } ]
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
public class LockUserAccount {
public static void main(String[] args) {
String url = "jdbc:mysql://localhost:3306/TUTORIALS";
String user = "root";
String password = "password";
try {
Class.forName("com.mysql.cj.jdbc.Driver");
Connection con = DriverManager.getConnection(url, user, password);
Statement st = con.createStatement();
//System.out.println("Database connected successfully...!");
String sql = "ALTER USER Vivek@localhost IDENTIFIED BY 'password' ACCOUNT LOCK";
st.execute(sql);
System.out.println("User 'Vivek' account locked successfully...!");
}catch(Exception e) {
e.printStackTrace();
}
}
}
输出
获得的输出如下所示 -
User 'Vivek' account locked successfully...!
import mysql.connector
# 创建连接对象
connection = mysql.connector.connect(
host='localhost',
user='root',
password='password'
)
username_to_lock = 'newUser'
# 为连接创建一个游标对象
cursorObj = connection.cursor()
cursorObj.execute(f"ALTER USER '{username_to_lock}'@'localhost' ACCOUNT LOCK")
print(f"User '{username_to_lock}' account is locked successfully.")
cursorObj.close()
connection.close()
输出
以下是上述代码的输出 -
User 'newUser' account is locked successfully.
