Karen,
The settings that you refer too still does not perform to expectations.
I can use a default user, but I have to enable No Authenticate in order for them to view any records.
If I set TO Authenticate, the Default user can't see any records.
If I set Modify Own / View Own to "0" it seems any Joe Blow can login and delete / modify any record they want too.
Once again for anyone to help me....here is my Authorization settings in the .cfg file.
# Authorization Options
# --------------------------------------------------------
# No Authentication? (1 = "there is no authentication", 0 = "there is authentication")
# If you choose no authentication, then set the permissions of what
# people can do with: @auth_default_permissions below.
$auth_no_authentication = 0;
# The amount of time in seconds that user files are kept in the
# auth directory before the program removes them. 2-6 hours is
# probably a good value.
$auth_time = 28800; # 6 hours (in seconds)
# Enable (1) or disable (0) logging.
$auth_logging = 1;
# Allow a default user? This means you can specify a user via the URL
# and skip the logon process. Use this to allow people to search without
# logging on, but require log in if they want to add/modify/remove etc.
# (1 = "yes", 0 = "no")
$auth_allow_default = 1;
# Default permissions used if there is no authentication, or for a default
# user. (View, Add, Delete, Modify, Admin), 1 = enable, 0 = disable.
@auth_default_permissions = (1,0,0,0,0);
# Allow people to sign up for their own userid/passwords? They will
# recieve default permissions.
$auth_signup = 1;
# Permissions a new signup should get.
@auth_signup_permissions = (1,0,0,0,0);
# Registered users: can modify/delete _only_ own records. For this to make
# sense you should set default off or to 1,0,0,0.
$auth_modify_own = 1;
# Registered users: can view _only_ own records. For this to make sense
# you should turn off default permissions.
$auth_view_own = 1;