I just did an install of DBMAN. I made one non DB modification...I made the USER_ID field HIDDEN for adding a record (so users can't muck with it). I made a copy of the original procedure so that users can still search on User ID's. (so basically, I have two versions of the procedure, one that's called by Create and one called by Search).

Now, I have three bugs that I suspect might be related. Keep in mind that Searching for a particular record (by User ID) works.

1) No records can be deleted. A message "No record specified" comes up. You can search and find the record, but when you click "delete", you get the error.

2)You can't modify any record. A message "No record found" comes up. Then you get to the search screen and it won't even let you search on anything without a User ID (Primary Key). Weird, since you can normally search on any attribute.

3)When you add a record, it sends you back what you added: "Record added, here's what was posted: ". No data elements are displayed. So all the categories are there, but no data. Yet it's added properly. You can go into debug mode and see the Form Variables are accurate. Just not displayed.

Any thoughts? I realize this is a lot, but I suspect they might be related since I didn't modify a lot.

Here's a link if you care to look: http://www.nhbzone.com/cgi-bin/user_directory/db.cgi?db=directory

Okay, some more info. It seems that it might be an issure with $auth_user_field. I can go in as an admin problems 2 and 3 are okay--so I can see what I've added and I can modify anything. I have it set so a user can only modify their own records. But $auth_user_field doesn't seem to be set. This may be the problem. If the field is never populated with the user's ID then the user will never "own" the record and thus would be prevented from modifying it.

1) Any ideas on how to troubleshoot this (determine how I can get it to set)

2) Still can't delete anything in Admin or non-admin. Any suggestions?

Thanks!

Just In case, here are my auth. settings.

# Authorization Options
# --------------------------------------------------------
# No Authentication? (1 = "there is no authentication", 0 = "there is authentication")
# If you choose no authentication, then set the permissions of what
# people can do with: @auth_default_permissions below.
$auth_no_authentication = 0;

# The amount of time in seconds that user files are kept in the
# auth directory before the program removes them. 2-6 hours is
# probably a good value.
$auth_time = 21600; # 6 hours (in seconds)

# Enable (1) or disable (0) logging.
$auth_logging = 1;

# Allow a default user? This means you can specify a user via the URL
# and skip the logon process. Use this to allow people to search without
# logging on, but require log in if they want to add/modify/remove etc.
# (1 = "yes", 0 = "no")
$auth_allow_default = 0;

# Default permissions used if there is no authentication, or for a default
# user. (View, Add, Delete, Modify, Admin), 1 = enable, 0 = disable.
@auth_default_permissions = (1,0,0,0,0);

# Allow people to sign up for their own userid/passwords? They will
# recieve default permissions.
$auth_signup = 1;

# Permissions a new signup should get.
@auth_signup_permissions = (1,1,0,1,0);

# Registered users: can modify/delete _only_ own records. For this to make
# sense you should set default off or to 1,0,0,0.
$auth_modify_own =1;

# Registered users: can view _only_ own records. For this to make sense
# you should turn off default permissions.
$auth_view_own = 0;

# Auth user field. This is the field position in the database used for storing
# the userid who owns the record. Set to -1 if not used.
$auth_user_field = 8;

** No more help needed **

Well, after almost 2 hours, I was able to fix all the problems. If anyone has any similar issues, let me know and I'll tell you what I did.