Re: Protect
This WebDNA talk-list message is from 1997
It keeps the original formatting.
numero = 14248
interpreted = N
texte = >>>Are you on NT? Have you restarted recently? Have you flushed the>>>databases since beginning to mess with this? What are a few of the>>>actual users.db files that don't seem to work? Can you include one of>>>the HTML pages that doesn't work?>>>No I am an all Mac site. I am running WebTen with many domains. Some of>>these are stores for individual companies. After they are set up I turn>>them over to the company they belong to.>>Okay then, here's how to get this stuff to work the way I think you>want it to work.>>All you have to do is to give each company its own private group. In>other words, if you have a company named ABC Company. then start by>creating a group name ABC.>>Next, go into that company's admin templates and replace all the>protect tags in those templates with>>[protect abc]>>Then go into the users.db and find your personal users.db record -->it should have ADMIN as one of the words in the groups field --- and>add the new group name ABC to YOUR group field.>>Now, go into the users.db record of everyone in the ABC Company who>is supposed to have access to the admin pages of that firm, and>replace everything that's in the groups field in those records with>the group name ABC. Do NOT leave ADMIN in ANY of the groups>fields in these records!>>Okay, now, do you see what that has done?>>First of all, it has gotten rid of ADMIN in the group fields of>everyone in the ABC Company, which means NO ONE in the ABC company>can gain access to the pages you have protected with the [protect>admin] page.>>Second, it has given only the ABC Company's people (and you,>personally) access to the ABC Company's templates and databases. You>still have personal access to the [protect ABC] pages because you put>the ABC group name into the groups field in your own users.db record,>remember?>>One of the main things to rememeber is to NEVER give anyone outside>*your own company* ADMIN access. In fact, if I were you, I would make>sure that you, personally, and the ONLY one with ADMIN access.>>Sincerely, Ken Grome>WebDNA Solutions>808-737-6499>http://www.smithmicro.com/webdnasolutions/>I have done all this. I think you are missing the point. If they can modify their own database then their is no reason I can find they can't modify someone else's. They just write some new code. I don't think this will happen but I would like to stop it first.Bennie**************************************Bennie Warren /\LemooreNet / /320 West D Street / /Lemoore, CA 93245 / / /\ /\ Phone: 209.924.5909 / /_ _ / \ / /Fax 209.924.9578 \ _ _ / /\ \/ /bennie@lemoorenet.com / / \ /http://www.lemoorenet.com /_/ \/**************************************
Associated Messages, from the most recent to the oldest:
>>>Are you on NT? Have you restarted recently? Have you flushed the>>>databases since beginning to mess with this? What are a few of the>>>actual users.db files that don't seem to work? Can you include one of>>>the HTML pages that doesn't work?>>>No I am an all Mac site. I am running WebTen with many domains. Some of>>these are stores for individual companies. After they are set up I turn>>them over to the company they belong to.>>Okay then, here's how to get this stuff to work the way I think you>want it to work.>>All you have to do is to give each company its own private group. In>other words, if you have a company named ABC Company. then start by>creating a group name ABC.>>Next, go into that company's admin templates and replace all the>protect tags in those templates with>>[protect abc]>>Then go into the users.db and find your personal users.db record -->it should have ADMIN as one of the words in the groups field --- and>add the new group name ABC to YOUR group field.>>Now, go into the users.db record of everyone in the ABC Company who>is supposed to have access to the admin pages of that firm, and>replace everything that's in the groups field in those records with>the group name ABC. Do NOT leave ADMIN in ANY of the groups>fields in these records!>>Okay, now, do you see what that has done?>>First of all, it has gotten rid of ADMIN in the group fields of>everyone in the ABC Company, which means NO ONE in the ABC company>can gain access to the pages you have protected with the [protect>admin] page.>>Second, it has given only the ABC Company's people (and you,>personally) access to the ABC Company's templates and databases. You>still have personal access to the [protect ABC] pages because you put>the ABC group name into the groups field in your own users.db record,>remember?>>One of the main things to rememeber is to NEVER give anyone outside>*your own company* ADMIN access. In fact, if I were you, I would make>sure that you, personally, and the ONLY one with ADMIN access.>>Sincerely, Ken Grome>WebDNA Solutions>808-737-6499>http://www.smithmicro.com/webdnasolutions/>I have done all this. I think you are missing the point. If they can modify their own database then their is no reason I can find they can't modify someone else's. They just write some new code. I don't think this will happen but I would like to stop it first.Bennie**************************************Bennie Warren /\LemooreNet / /320 West D Street / /Lemoore, CA 93245 / / /\ /\ Phone: 209.924.5909 / /_ _ / \ / /Fax 209.924.9578 \ _ _ / /\ \/ /bennie@lemoorenet.com / / \ /http://www.lemoorenet.com /_/ \/**************************************
Bennie Warren
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
quantity minimum problem (1997)
WebDNA Developer Resource Center (2002)
Replacing the db file (2000)
3rd party processor question (2003)
Database Updates (1997)
Shipping Costs Not Updating When Adding Items (1997)
WebCat2.0 [format thousands .0f] no go (1997)
problems with 2 tags (1997)
[WebDNA] how to clear the [username] and [password] values the browser has stored? (2008)
problem: search crashes webstar (1997)
Running _every_ page through WebCat ? (1997)
What's New Date (2002)
Date Formats (1997)
Email Formatting (1998)
Email Formatting and Encryption (1998)
NT error logs (1997)
Too many webcat comments. [WAS- Large founditems loops] (2000)
WebCatalog 3.0.4 alias crash bug? (2000)
WebCat, The Trend, & Consolidating... (1997)
[Announce] WebCatalog 3.0 Beta Program (1998)