Authentication to Modify Records

[Paul]

Relative newbie question - I need registered users to login and be then able to view all but modify only their own records, could anyone point me in the right direction or just outline in steps how to accomplish this.

I have 3 installations of DaDaBIK, one for admin, one for data entry and one for view only, the former 2 are protected by .htaccess, no problem but I cannot seem to figure out a way to have a table of users that login checks,

Appreciate any help

 

[Saul Albert]

I've had the same problem. Looks like the only way is to write your own code. I haven't had time yet (which is why I'm using Dadabik), but I've done it before for other systems.

- download a fairly simple and re-usable authentication system like Tim Perdue's from phpbuilder.net:
http://www.phpbuilder.com/columns/tim20000505.php3

- add a table to associate user_ids with record_ids (or just add a user_id column to your record_id table if you don't envisage users sharing ownership of records) . Add a couple of lines of Tim Perdue's code to dadabik to check user authentication before allowing updates/deletes of records.

- don't forget to add an admin back-door so super users can update/delete whether they check against the record/user_ids, otherwise you'll end up doing lots more mysql command-lining than is strictly necessary (oooh... bitter experience).

This shouldn't be too difficult, if I do decide I need it for the dadabik project I'm using I'll bung you the code.

x

saul.

 

[Paul]

Thanks for this Saul,

Very clear and concise - will give it a go,

Regards


Paul