Here are two slight modifications I'd like to add but have no idea how. First I'd like to be able to use a period in the username so that people would have usernames in the format firstname.lastname (to correspond with e-mail addresses). Right now it says it's an invalid character and I'm not sure if this will screw up the perl.
The second addition is that I would like to add a question to the signup process. I want new users to be able to signup, but only if they can answer a test question, or better yet a series of questions. I have it set up so default users have no permissions and I'd like to keep it that way to maintain some security. However I would like people to be able to sign up, only if they can answer a question, or better yet a series of questions. Thanks to anyone who can help. You guys are great.

I don't know if you can add a dot to the username. That's one character that might work, but I'm not sure.

The reason you can't add characters is that there is a file created when users log in, which consists of the username.a very long number. Most characters other than letters and numbers are not allowed in file names. The dot may be okay. I don't know.

The problem is that I don't know how to change the regular expression to be able to include the dot.

I just did some testing and it looks like you can change (in sub signup)

unless ((length($in{'userid'}) >= 3) and (length($in{'userid'}) <= 12) and ($in{'userid'} =~ /^[a-zA-Z0-9]+$/)) {

to

unless ((length($in{'userid'}) >= 3) and (length($in{'userid'}) <= 12) and ($in{'userid'} =~ /^[a-zA-Z0-9\.]+$/)) {

Make the change and then check it out. Sign up for an account, with a dot in the username and then log in. Try doing a couple of things in the database. If you get an "invalid or expired user session" error message, then you'll know it won't work. If not, you're home free. Make a similar change in sub admin_display.

As for answering the series of questions, add the text and the fields to sub html_signup_form. Then, in sub signup, somewhere before

add the code to check the answers to the questions. Something like

Just make sure that the name of your fields on your form and the text within the brackets (question1 in my example above) match exactly. Remember they are case sensitive.

You can add as many fields as you want. Just make sure you have a corresponding "unless" statement in sub signup.

BTW, the reason I used =~ /wilma/i is that it would allow for users to enter the name without regard to case. If you have radio buttons, or you want to insist that the case be exact, use something like

unless ($in{'question1'} eq 'Wilma') {


JPD
http://www.jpdeni.com/dbman/

Thanks JPDeni, you're the greatest. Both work like a charm.

Excellent! I'm glad I could help.

JPD
http://www.jpdeni.com/dbman/

Ok, maybe I spoke too soon, or maybe I don't quite have it. The point of the second thing the questions was to allow people to sign up for dbman. The problem is that to secure the data I have to set the default user's permissions to 0,0,0,0,0,0. Unfortunately when people sign themselves up they are given default permissions. How do I change that so that they get full permissions as long as they've answered the questions at signup. I don't want to give them admin permission, only view all and modify own. Thanks again.

I don't understand. Can you go through what permissions you want the users to get and when you want them to get those permissions?

JPD
http://www.jpdeni.com/dbman/

Sorry I wasn't clear. I have authorization set up so that no one can do anything without logging in. With your modification I set it up so that people can signup for new accounts only if they can answer a couple of questions. Unfortunately, DBMan (I think) assigns new signups default permissions which are set to 0,0,0,0,0 to accomplish the first goal (no access without login). I want new signups to have full access (no admin) without any intervention on my part. Thanks.

DBMan assigns permissions that are assigned using @auth_signup_permissions in the .cfg file.

JPD
http://www.jpdeni.com/dbman/

JPDeni,
For your info (and anyone else who's trying to add characters to userids), the problem wasn't with security settings but back to the period in the username. Your modification let me sign up with '.'s in the username but didn't let you add, modify, delete, etc. I did a search for a-zA-Z0-9 in db.cgi as well as auth.pl and found 3 other locations. I changed all of them as well, and it seems to be working. Thanks a million.