Maintaining College websites - MySQL Databases - General information
Requesting a MySQL Database
Requests for MySQL databases for existing College websites must come from a Trinity staff member who already has permissions to edit a website on the College web server, www.tcd.ie.
Requests for MySQL databases must be emailed to the IT Service Desk (firstname.lastname@example.org) and include the following information.
- Name and College ID number of the person who will be the database administrator
- Site (department or school for example) where database will be employed, including the URL of the website
- A full and detailed description of each of the following. In each case the information provided will be taken as a full and complete statement of usage and may not be amended in the future without prior authorisation (see item 1 under Terms and Conditions below):
- The use(s) for which the database will be employed.
- How will the database be used and maintained (i.e. method by which administrators will manage content and/or users will interact with the database.)
- The nature and scope of the information/content which the database will house, including file types for the proposed content. Also include, where possible, an estimate of the disk storage requirements of the database if it is to house large files.
- The manner in which this information is to be derived e.g. Will the database be populated by the administrator via a back-end admin function? Will it be read-only to the user online or will they add content via an online form etc.
- Duration for which database is required
- Requester must clearly state on application that they have read, understood and agree to comply with the terms and conditions of usage outlined below
Terms and Conditions for Database Use
The following information applies to all databases on the College web servers. In applying for/using a database it will be taken that you have read and understood the following and agree to adhere to all the points noted. Any queries regarding any of the points below should be addressed to email@example.com prior to, or in conjunction with, a database application
- A database may only be used for the purpose and in the manner declared in the original request for the provision of the database. Any subsequent intentions to change or amend or add to the use(s) the database has been allocated for must be authorized by IT Services (with reference as applicable to the relevant College officers e.g. the Information Compliance Officer, the IT Security Officer etc.). Failure to obtain this authorization, and/or to fully disclose the proposed usage, may result in the withdrawal of the database.
- All databases must have a current administrator on record with IT Services and it is the responsibility of the outgoing administrator to ensure a new administrator is appointed. Databases found to be registered to expired users, or otherwise without a valid administrator, may be removed.
- Do not store or reproduce official College information without recourse to the department or individual responsible for the distribution or accuracy of that information.
- All information stored in a database may be subject to both the Freedom of Information Act and the General Data Protection Act (GDPR) and must be treated accordingly.
- MySQL databases are allocated for the purpose of content delivery only. They should not be used to generate and store data, particularly personal data, or as part of an application.
- www.tcd.ie and www.tcdlife.ie are public internet facing servers and their stated purpose is as informational sites suitable for storing public information for general public consumption. Their function is not to store confidential personal data in a database or a file.
- All references to the database must be abstracted to a separate include file. i.e.: instead of having the server name, username, password hard-coded in to the PHP, it should be in a separate .php file and just "include" this as necessary. (Doing it another way is insecure as it is very simple for anyone to get hold of your database access details.)
- All forms on the College web must comply with the relevant obligations under the Data Protection Acts (see the College Web Design Office's website).
- Administrators are responsible for maintaining up-to-date backups of the contents of their database(s).
- Defunct databases should be notified to firstname.lastname@example.org for removal