Re: User Authentication

This WebDNA talk-list message is from

2003


It keeps the original formatting.
numero = 54523
interpreted = N
texte = On 11/27/03 9:57 AM, "Andy Mowrey" wrote: > I set up my own authentication system because: > 1. I couldn't figure a way for a user to log out easily. True... Though with most browsers you can 'force' the username and pass to change (IE logout) by sending them to a url such as http://logout:logout@somedomain.com/logout.tpl Basically the xxx:xxx@domain is a way of passing the username and pass from the pop up box in the url. Like I said, I believe this works with most all browsers...though YMMV > 2. Multiple users wanting the same name; is there a way that both > Bubbas can be happy? In theory... You could write so that you find all occurrences of the U_username field to see if ANY of them have a matching password. Then assigning a var containing the user sku to make it easier to deal with lately. But frankly it brought far too many other issues for us so we just avoided it. Unique Usernames is pretty standard fare so the clients didn't mind. > 3. Wanted a login as part of the page rather than popup dialogue box. We actually went the other way. We used to have the login but the pop up is the only real way to avoid cookies, cart vars, etc, because it is built into the browser and is kept as standard header data. > 4. Worried about somehow corrupting the Users.db. AGREED... I don't and wont touch that DB. I even go as far as not naming my db's users.db. Call me crazy. A real simple way for us was something like this. =============== [showif [username]=][authenticate Partner's Area][/showif] [showif [username]!] [search db=/xxxxx/dbs/partners.db&eqUSERNAMEVARdatarq=[username]] [showif [numfound]=0][authenticate Partner's Area][/showif] [founditems] [showif [index]=1] [hideif [password]=[passwordvar]][authenticate Partner's Area][/hideif] [text]usersku=[luser_id][/text] [text]usercusnum=[cus_id][/text][/showif] [/founditems][/search] [/showif] =============== On an include page this handles a private section of a site with about 5000 users and 2 million hits a month... Never a hiccup. I handle all the duplicate issues on the sign up. (PS: much of this was for Alan, Andy. Certainly don't mean to preach to the choir). Alex :-) Alex J McCombie New World Media Chief Information Officer Box 124 888/892.6379 MartVille, NY 13111 Alex@NewWorldMedia.com http://OurClients.com Interface Designer WebDNA Programmer Database Designer ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: user authentication via TCPSend ( Terry Wilson 2005)
  2. Re: user authentication via TCPSend ( John Peacock 2005)
  3. user authentication via TCPSend ( Terry Wilson 2005)
  4. Re: User Authentication ( Stuart Tremain 2003)
  5. Re: User Authentication ( Gary Krockover 2003)
  6. Re: wierd... [Was] User Authentication ( Alan White 2003)
  7. wierd... [Was] User Authentication ( Alan White 2003)
  8. Re: User Authentication ( Alan White 2003)
  9. Re: User Authentication ( Alan White 2003)
  10. Re: User Authentication ( Gary Krockover 2003)
  11. Re: User Authentication ( Alex McCombie 2003)
  12. Re: User Authentication ( Alex McCombie 2003)
  13. Re: User Authentication ( Andy Mowrey 2003)
  14. Re: User Authentication ( Alex McCombie 2003)
  15. Re: User Authentication ( Alan White 2003)
  16. Re: User Authentication ( Alex McCombie 2003)
  17. User Authentication ( Alan White 2003)
On 11/27/03 9:57 AM, "Andy Mowrey" wrote: > I set up my own authentication system because: > 1. I couldn't figure a way for a user to log out easily. True... Though with most browsers you can 'force' the username and pass to change (IE logout) by sending them to a url such as http://logout:logout@somedomain.com/logout.tpl Basically the xxx:xxx@domain is a way of passing the username and pass from the pop up box in the url. Like I said, I believe this works with most all browsers...though YMMV > 2. Multiple users wanting the same name; is there a way that both > Bubbas can be happy? In theory... You could write so that you find all occurrences of the U_username field to see if ANY of them have a matching password. Then assigning a var containing the user sku to make it easier to deal with lately. But frankly it brought far too many other issues for us so we just avoided it. Unique Usernames is pretty standard fare so the clients didn't mind. > 3. Wanted a login as part of the page rather than popup dialogue box. We actually went the other way. We used to have the login but the pop up is the only real way to avoid cookies, cart vars, etc, because it is built into the browser and is kept as standard header data. > 4. Worried about somehow corrupting the Users.db. AGREED... I don't and wont touch that DB. I even go as far as not naming my db's users.db. Call me crazy. A real simple way for us was something like this. =============== [showif [username]=][authenticate Partner's Area][/showif] [showif [username]!] [search db=/xxxxx/dbs/partners.db&eqUSERNAMEVARdatarq=[username]] [showif [numfound]=0][authenticate Partner's Area][/showif] [founditems] [showif [index]=1] [hideif [password]=[passwordvar]][authenticate Partner's Area][/hideif] [text]usersku=[luser_id][/text] [text]usercusnum=[cus_id][/text][/showif] [/founditems][/search] [/showif] =============== On an include page this handles a private section of a site with about 5000 users and 2 million hits a month... Never a hiccup. I handle all the duplicate issues on the sign up. (PS: much of this was for Alan, Andy. Certainly don't mean to preach to the choir). Alex :-) Alex J McCombie New World Media Chief Information Officer Box 124 888/892.6379 MartVille, NY 13111 Alex@NewWorldMedia.com http://OurClients.com Interface Designer WebDNA Programmer Database Designer ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Alex McCombie

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

_ in front of field name (1998) [thisurl] file name? (1999) Is there a max number of fields? (1998) WebCatalog-3.0800 on Mac OS X Server (2000) in conversions.db crashes unix webcat (1999) Email Send Delay (2004) Sense/Disallow HTML tags during $Append (1997) WebCatalog template cache (1998) Limiting user access to .tmpl files (1997) Pithy questions on webcommerce & siteedit (1997) WebCat2: Formulas.db question (1997) [WebDNA] WebDNA variable from form contents (2010) Multiple servers and Webcat (1998) RE: [REPLACE] inside [FOUNDITEMS] (1998) Email notification to one of multiple vendors ? (1997) [WebDNA] Triggers issue, or sendmail? (2012) Cobalt RaQ (2000) [ConvertChars] problem (1997) Nested tags count question (1997) Emailer help....! (1997)