I have DBMan set up to allow default users or to log in and set up an account.

When a user logs in they get permissions.

# Authorization Options
# --------------------------------------------------------
# No Authentication? (1 = "there is no authentication", 0 = "there is authentication")
# If you choose no authentication, then set the permissions of what
# people can do with: @auth_default_permissions below.
$auth_no_authentication = 0;

# The amount of time in seconds that user files are kept in the
# auth directory before the program removes them. 2-6 hours is
# probably a good value.
$auth_time = 21600; # 6 hours (in seconds)

# Enable (1) or disable (0) logging.
$auth_logging = 1;

# Allow a default user? This means you can specify a user via the URL
# and skip the logon process. Use this to allow people to search without
# logging on, but require log in if they want to add/modify/remove etc.
# (1 = "yes", 0 = "no")
$auth_allow_default = 1;

# Default permissions used if there is no authentication, or for a default
# user. (View, Add, Delete, Modify, Admin), 1 = enable, 0 = disable.
@auth_default_permissions = (1,0,0,0,0);

# Allow people to sign up for their own userid/passwords? They will
# recieve default permissions.
# (1 = "yes", 0 = "no")
$auth_signup = 1;

# Registered users: can modify/delete _only_ own records. For this to make
# sense you should set default off or to 1,0,0,0.
$auth_modify_own = 1;

# Registered users: can view _only_ own records. For this to make sense
# you should turn off default permissions.
# (1 = "yes", 0 = "no")
$auth_view_own = 0;

# Auth user field. This is the field position in the database used for storing
# the userid who owns the record. Set to -1 if not used.
# (1 = "yes", 0 = "no")
$auth_user_field = 45; < Should this be the field or "1" or "0"


The last few fields of the data base are here.

Date => [42, 'date', 12, 15, 1, &get_date, ''],
Validated => [43, 'alpha', 0, 3, 1, 'Yes', 'Yes|No'],
Popular => [44, 'alpha', 0, 3, 0, '', ''],
Userid => [45, 'alpha', 0, 15, 0, '', '']


I want to allow a default user to be able to see all of the records, or if they wish to add one that they must log in with a user ID and password that they create via the log in screen and that these users can add/modify/delete their on records but can still view all of them.



------------------
Thanks in Advance

SirDaniel
http://www.blackrose.net

I just went to your site and logged on. (You can delete the account for Userid "Deni".) Everything worked just fine. I was able to add a record, modify and delete.

Unless you've fixed the problem you were having after you posted your last question, the only thing I can think of that you might be referring to is that before a user can delete or modify a record, they have to do a search.

You could change that so if a user clicked the "Delete" or "Modify" links, they would automatically go straight to their own record.

In html.pl -- sub html_footer, change

print qq!| <A HREF="$db_script_link_url&delete_search=1">Delete</A> ! if ($per_del);

to

if ($per_admin) { print qq!| <A HREF="$db_script_link_url&delete_search=1">Delete</A> !; }
elsif ($per_del) {
print qq!| <A HREF="$db_script_link_url&Userid=$db_userid&delete_form=1">Delete</A> !;
}

and change

print qq!| <A HREF="$db_script_link_url&modify_search=1">Modify</A> ! if ($per_mod);

to

if ($per_admin) {
print qq!| <A HREF="$db_script_link_url&modify_search=1">Modify</A> !;
}
elsif ($per_mod)
{
print qq!| <A HREF="$db_script_link_url&Userid=$db_userid&modify_form=1">Modify</A> !;
}

(I know there are fancier ways to do the if/elsif statements, but I'm not much of a Perl programmer. )

This way you (as admin) can delete or modify any record you want but the users will automatically be taken to their own records.

Like what I gave you before, the above scripting is untested. Use at your own risk!




------------------
JPD

The way DBMan is set up, users who sign themselves up only get the same permissions as the default user. Here's an idea I have that is completely untested.

Add a line in the .cfg file

#Permissions for those who signup online (View, Add, Delete, Modify, Admin),
#1 = enable, 0 = disable.
@auth_signup_permissions = (1,1,1,1,0);

Then, in db.cgi, around line 688, find the line that says

my $permissions = join (":", @auth_default_permissions);

and change it to

my $permissions = join (":", @auth_signup_permissions);

As I say, it's untested, but I don't see why it wouldn't work.


It's the field.

I hope this helps.



------------------
JPD

Thank you , that allows me to have both default permissions and sign-up permissions. I still have the same problem when a user tries to modify or delete a record. And I think the problems is in what is being written to the data base. (Probally the configuration section).

Field 42 is suppose to store the date.
|20-Dec-1998| this is correct.

Field 43 is suppose to store the Validation.
|Yes| this is correct.

Field 44 is suppose to store if Polpular.
|NULL| this is correct.

Field 45 is suppose to store the USERsID.
|NULL| this is NOT correct. The userID is not being stored correctly or actually at all. My understanding is that this is suppose to store the USERS-ID that they sign on with. NOT the NICK they use when the make up the record.

Field 45 is suppose to store the users ID so it will know who owns the record, so it will allow them to delete or modify their own records only, as shown in this section of the default.cfg

Date => [42, 'date', 12, 15, 1, &get_date, ''],
Validated => [43, 'alpha', 0, 3, 1, 'Yes', 'Yes|No'],
Popular => [44, 'alpha', 0, 3, 0, '', ''],
Userid => [45, 'alpha', 0, 25, 0, '', '']
);


I have place the default.cfg file at this URL so you can see it.

<URL>http://www.cac-bbs.com/bondage/personals/default.cfg</URL>


I have place the db.pl file at this URL so you can see it.

http://www.cac-bbs.com/bondage/personals/db.pl.txt

------------------
Thanks in Advance

SirDaniel
http://www.blackrose.net


[This message has been edited by SirDaniel (edited December 20, 1998).]

[This message has been edited by SirDaniel (edited December 20, 1998).]

Ok.. I figured out what was wrong.. I jumped a field..
DOB => [8, 'date', 12, 15, 1, '', ''],
Age => [9, 'alpha', 2, 2, 1, '', ''],
Status => [11, 'alpha', 0, 25, 1, '', ''],
Children => [12, 'alpha', 0, 25, 1, '', ''],

I skipped over field "10" so the users names were not being stored in 45 they should have been stored in field 44.

No wwhen you go into the data base and do a search it tells you there is no record. IE: If you "view" record 1 it tells me it is not there, but if you 'view all'.. all of the records are there.

If you own the record it will show yours, but no wone elses.




------------------
Thanks in Advance

SirDaniel
http://www.blackrose.net

Ok.. I figured out what was wrong.. I jumped a field..
DOB => [8, 'date', 12, 15, 1, '', ''],
Age => [9, 'alpha', 2, 2, 1, '', ''],
Status => [11, 'alpha', 0, 25, 1, '', ''],
Children => [12, 'alpha', 0, 25, 1, '', ''],

I skipped over field "10" so the users names were not being stored in 45 they should have been stored in field 44.

No wwhen you go into the data base and do a search it tells you there is no record. IE: If you "view" record 1 it tells me it is not there, but if you 'view all'.. all of the records are there.

If you own the record it will show yours, but no one elses.




------------------
Thanks in Advance

SirDaniel
http://www.blackrose.net

Ok.. Fixed this as well.. forgot to turn this off..

# Registered users: can view _only_ own records. For this to make sense
# you should turn off default permissions.
# (1 = "yes", 0 = "no")
$auth_view_own = 0;

It is now set to "0"


Thanks to everyone for all of their help.