Gossamer Forum
Home : Products : DBMan : Discussions :

How well-suited is dbman for membership db, with user self-update?

Quote Reply
How well-suited is dbman for membership db, with user self-update?
I'm looking for a script to use at least as a starting point for a club's membership database.

I want an admin to be able to have all privs. I will have the admin import the existing db.

I want each user to be able only to see/update their own info.

I can think of no safe "key" other than assigning each person a #.

Each db record will represent one member, who is also a user.

How can I create a password entry for each user? I assume that is stored in the db.pass file, and NOT in the db? So far it would appear that I'll need to create a default password (by hand/additional script) for each user as they are added to the db.

If a user logs in, I want them to see their record, and only their record. It would be nice to do this w/o them having to do a search. I suppose if nothing else I could change the log-in url to be a function of their u_id and return that search automatically?

Not that the info is all that sensitive, but I'm also wondering how much protection there is in the way the URL is constructed, so that once a user logs in, they can't just change a record #. In my brief test so far, I'm not clear where the record owner info is stored (unless its the 2nd field in the db?)

Anyway, hopefully that paints enough of a picture of what I'm trying to do.

Very much looking for advice as to how well dbman is suited for this task, or how much hacking I would have to do. (or if someone knows of something better suited).

I'm quite comfortable hacking away at perl and dbs, just hoping to start from a script that is already well suited to the task.

Many thanks,
Mike
Quote Reply
Re: [Zim] How well-suited is dbman for membership db, with user self-update? In reply to
DBMan would be an excellent script for a membership database.

You may want to use the userid as the key field for the database.

You would need to create the password file or if you already have an existing database you may want to have each user signup for a userid and password and then provide a form to associate them with their records. For new users they can create their own userid and password. There are ideas in the FAQ noted below under "Admin/passwords" section.

The database can be setup with permission so that users can only view their own record. This information is also available in the FAQ.

To keep a member from changing certain fields you could make them available to admin only. The record owner would be stored within a field in the database, for example UserID.

There is an excellent tutorial on JPDeni's site http://jpdeni.com/dbman/ for setting up your database and permissions. And the FAQ noted below provides many ideas and suggestions for customizing your database.

Unoffical DBMan FAQ

http://creativecomputingweb.com/dbman/index.shtml/
Quote Reply
Re: [LoisC] How well-suited is dbman for membership db, with user self-update? In reply to
Zim, what you're describing is almost exactly how I have my membership database set up. I'll be happy to answer any specific questions you have to get yours up and running. Smile