Re: Protect
This WebDNA talk-list message is from 1997
It keeps the original formatting.
numero = 14248
interpreted = N
texte = >>>Are you on NT? Have you restarted recently? Have you flushed the>>>databases since beginning to mess with this? What are a few of the>>>actual users.db files that don't seem to work? Can you include one of>>>the HTML pages that doesn't work?>>>No I am an all Mac site. I am running WebTen with many domains. Some of>>these are stores for individual companies. After they are set up I turn>>them over to the company they belong to.>>Okay then, here's how to get this stuff to work the way I think you>want it to work.>>All you have to do is to give each company its own private group. In>other words, if you have a company named ABC Company. then start by>creating a group name ABC.>>Next, go into that company's admin templates and replace all the>protect tags in those templates with>>[protect abc]>>Then go into the users.db and find your personal users.db record -->it should have ADMIN as one of the words in the groups field --- and>add the new group name ABC to YOUR group field.>>Now, go into the users.db record of everyone in the ABC Company who>is supposed to have access to the admin pages of that firm, and>replace everything that's in the groups field in those records with>the group name ABC. Do NOT leave ADMIN in ANY of the groups>fields in these records!>>Okay, now, do you see what that has done?>>First of all, it has gotten rid of ADMIN in the group fields of>everyone in the ABC Company, which means NO ONE in the ABC company>can gain access to the pages you have protected with the [protect>admin] page.>>Second, it has given only the ABC Company's people (and you,>personally) access to the ABC Company's templates and databases. You>still have personal access to the [protect ABC] pages because you put>the ABC group name into the groups field in your own users.db record,>remember?>>One of the main things to rememeber is to NEVER give anyone outside>*your own company* ADMIN access. In fact, if I were you, I would make>sure that you, personally, and the ONLY one with ADMIN access.>>Sincerely, Ken Grome>WebDNA Solutions>808-737-6499>http://www.smithmicro.com/webdnasolutions/>I have done all this. I think you are missing the point. If they can modify their own database then their is no reason I can find they can't modify someone else's. They just write some new code. I don't think this will happen but I would like to stop it first.Bennie**************************************Bennie Warren /\LemooreNet / /320 West D Street / /Lemoore, CA 93245 / / /\ /\ Phone: 209.924.5909 / /_ _ / \ / /Fax 209.924.9578 \ _ _ / /\ \/ /bennie@lemoorenet.com / / \ /http://www.lemoorenet.com /_/ \/**************************************
Associated Messages, from the most recent to the oldest:
>>>Are you on NT? Have you restarted recently? Have you flushed the>>>databases since beginning to mess with this? What are a few of the>>>actual users.db files that don't seem to work? Can you include one of>>>the HTML pages that doesn't work?>>>No I am an all Mac site. I am running WebTen with many domains. Some of>>these are stores for individual companies. After they are set up I turn>>them over to the company they belong to.>>Okay then, here's how to get this stuff to work the way I think you>want it to work.>>All you have to do is to give each company its own private group. In>other words, if you have a company named ABC Company. then start by>creating a group name ABC.>>Next, go into that company's admin templates and replace all the>protect tags in those templates with>>[protect abc]>>Then go into the users.db and find your personal users.db record -->it should have ADMIN as one of the words in the groups field --- and>add the new group name ABC to YOUR group field.>>Now, go into the users.db record of everyone in the ABC Company who>is supposed to have access to the admin pages of that firm, and>replace everything that's in the groups field in those records with>the group name ABC. Do NOT leave ADMIN in ANY of the groups>fields in these records!>>Okay, now, do you see what that has done?>>First of all, it has gotten rid of ADMIN in the group fields of>everyone in the ABC Company, which means NO ONE in the ABC company>can gain access to the pages you have protected with the [protect>admin] page.>>Second, it has given only the ABC Company's people (and you,>personally) access to the ABC Company's templates and databases. You>still have personal access to the [protect ABC] pages because you put>the ABC group name into the groups field in your own users.db record,>remember?>>One of the main things to rememeber is to NEVER give anyone outside>*your own company* ADMIN access. In fact, if I were you, I would make>sure that you, personally, and the ONLY one with ADMIN access.>>Sincerely, Ken Grome>WebDNA Solutions>808-737-6499>http://www.smithmicro.com/webdnasolutions/>I have done all this. I think you are missing the point. If they can modify their own database then their is no reason I can find they can't modify someone else's. They just write some new code. I don't think this will happen but I would like to stop it first.Bennie**************************************Bennie Warren /\LemooreNet / /320 West D Street / /Lemoore, CA 93245 / / /\ /\ Phone: 209.924.5909 / /_ _ / \ / /Fax 209.924.9578 \ _ _ / /\ \/ /bennie@lemoorenet.com / / \ /http://www.lemoorenet.com /_/ \/**************************************
Bennie Warren
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
send mail problem? (1997)
Me know logical no need (2002)
HomePage Caution (1997)
Searching for all records (1998)
PCS Customer submissions ? (1997)
Calendar using WebCatalog? (1997)
if else problem (2003)
[hideif] (1998)
Protect (1997)
Stupid Format grrrrrrrr.... (2004)
RE: E-mailer error codes (1997)
anyone interested in doing an open-source WebCat basedforum? (2002)
5.0 Pricing (2003)
Formating Tables w/[founditems] (1998)
Re:Signal Raised (1997)
did I miss anything (1997)
# of real domains on 1 web server (1997)
XML version of WebDNA docs? (2000)
% (mod) was looping table rows (1999)
Re2: AAgghh!! Help, please. SSL strikes again. (1997)