Carol et al,

Okay...Everything seemed to be fine...Until I opened the database to the general public. Here are a few strange and weird things that have happened:

1) A user seemed to have created an account, yet when I looked in the .pass file, there is no email address in this user's account. This is what I have in the .pass file:


I added twenty test accounts, and there were no problems.

The user stated that he received an email message with a password.

How did the user's email address suddenly disappear??

Also, I noticed in the admin_display that the email address field is blank for all users.

Is this normal? How can this be fixed?

2) When I created the test accounts, I noticed that I got the following error message when trying to use the same userid as an existing account:

userid already exists. Please try another.

That's normal. However, when I try to add an account that is the same as an email address already in the .pass file, I don't get an error message and the account is created.

Is this normal? How can I fix the sub signup routine to make sure that there are NOT duplicate email addresses?

I thought that the following codes check for duplicate email addresses in the .pass file:


It does not seem to be working in my database. How can I fix this??

Thanks.

Regards,

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

[This message has been edited by Eliot (edited August 25, 1999).]

None of this should be normal. I haven't run across any things like this before.

I don't know why a user's email address wouldn't be written to the file, unless you changed the name of the field on the signup form from email. Then again, if you had, the user wouldn't have received the message with the password.

All of the information is on the admin page, and email addresses should show up. There's no reason that they wouldn't that I can come up with.

I have no idea how or why these things are happening, so I don't have a clue as to how to fix them.

Did you make any changes at all to the subroutines in the mod, aside from the changes to sub generate_password?


------------------
JPD

Nope...I kept everything the same in the other sub-routines. The only sub-routine that I have made changes to is the sub generate_password routine.

I don't think that the changes made in the sub generate_password routine would adversely affect the other sub-routines. I did test the creation of accounts after I made the changes to the sub generate_password routine.

I looked at both the Jobs and Resume Admin Consoles....The HTML source codes look indentical. (BTW: I have not changed the sub generate_password in the Jobs db.cgi file.)

Here is the HTML Source Code for both Admin Forms:


This is all too strange.

(puzzled...)

Regards,



------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

You have no "value" in your field tag for the email address field. This is what your sub html_admin should look like:


That will fix the problem with the admin display. I still don't know what the problem could be with the email address not being written. Unless you had made a change to the account. Since the email address wasn't in the field, it would have been dropped from the file.

There are a lot fewer error checks in the admin functions than there are in the user interface by design. I tried to still give the admin some flexibility.


------------------
JPD

Thanks, Carol...I noticed that after posting the codes! Dah!

That is the solution to the problem of the email not staying in the .pass file. I did make a change in the user account in question and that probably erased the email address.

Good catch, Carol!

Now, about the error checking for the email address in the signup form...Hmm...
Still pondering on that one!



Regards,

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

Something just occurred to me that I should probably fix. It is possible that there is a different case in at least one letter of an email address. If there is, it won't catch that they're the same. If, for example, someone used you@server.com and then someone else used You@server.com, it wouldn't catch that they were the same. I'll go fix that right now.


------------------
JPD

Thanks, Carol.

Yea...It was weird...I tested "creating" three different accounts with the same email address: test@anthrotech.com and all the accounts were created.

I know that there will never be a full proof method of preventing duplicate submissions by multiple registered users. I mean even large commercial portals and web sites, including Monster.com don't prevent people from creating multiple accounts and submitting multiple Resumes and Job Postings.

But the more we can do with DBMAN to reduce the chances of multiple submissions and records...the better.

Thanks for working on this.

I appeciate your effort and results.



Regards,

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

[This message has been edited by Eliot (edited August 25, 1999).]

[This message has been edited by Eliot (edited August 25, 1999).]

You created all these through the user interface and not through the admin display?


------------------
JPD

Yep...all through the user interface.

Regards,

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

Can I give it a try? Could you send me the URL for the signup form?


------------------
JPD

You can test it at the following URL:

http://anthrotech.com/cgibin/career/res/index.cgi?db=res&signup_form=1

I am off to watch a video...I'll check back tomorrow morning...Looking forward to seeing what you find.

Regards,

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

[This message has been edited by Eliot (edited August 25, 1999).]

Carol,

Welp...I applied the new codes with the lc added for the email address. And I am still able to add accounts with the same email address...

Hmm...let's hope that users will be honest and only create one account and add one Resume. *cross fingers*

If something else crosses your mind about how to fix this, let me know.

Thanks.

Regards.

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

I just don't know why it would work on my database and not yours. Makes no sense to me at all.


------------------
JPD

Carol,

Not a huge deal...I do have those other administrative mods, including the Validation Mod, that will assist me with managing the database. I can also establish policies, such as deleting all Registered User accounts and Resumes every three months. This will assist in managing registered user accounts.



Regards,

------------------
Eliot Lee
Founder and Editor
Anthro TECH, L.L.C
http://www.anthrotech.com/
info@anthrotech.com
==========================
Coconino Community College
http://www.coco.cc.az.us/
Web Technology
Coordinator
elee@coco.cc.az.us

[This message has been edited by Eliot (edited August 26, 1999).]

I'm completely at a loss, Eliot. I was able to create two accounts with the same email address, too, on your site. But I have the same code as is in the mod on my site at www.jpdeni.com/cgi-bin/books/db.cgi?db=review&signup_form=1 and it won't let me create a second userid with an email address that's already on file.

The only thing I can suggest is that you go back to the mod page at www.jpdeni.com/dbman/Mods/secure_lookup.txt and copy sub signup and paste it into your db.cgi file. Something must have happened somewhere to the code in the file.

If that doesn't work then I don't know what to tell you. Maybe there's some strange thing going on with your server that I don't know anything about.

Hope you enjoyed the video!


------------------
JPD







[This message has been edited by JPDeni (edited August 26, 1999).]