Hi all,

i have the following thing to solve:

I have 5 secure areas for every link(owner); i use links as a registry-database.
So i have 5 new fields name sec1-5;

Example:

No my problem:

With time the secure areas will grow, but i think its not the right thing always add a new field, my links has 60 fields now and i think this would be sometime too much for the system.

So how is it possible to save more than one values in one field???

Must i do for every ID a new table? or could i do something like:

TableID (autoinc) | LinkID | Value

0 | 1 | 2
1 | 1 | 4

means two entrees for linkID 1, so i can give access to area 2 and 4

Another table could store the (html)links for the areas

TableID | HTML-Link | Description
0 | http://www.... | This is secure area one


Hmm, seems good so far, but how to programm it :-(

Could anyone help?

Robert

The _BEST_ way, following the rules of database normalization, would be to create another table, with the USERID & SECURITY as a field. Then, when you want to find a person's security, you get their USERID and

SELECT FROM SECURITY_TABLE WHERE USERID=USERS_ID

To find if a person had a specific security level you'd do:

SELECT FROM SECURITY_TABLE WHERE USERID=USERS_ID and SECURITY=VALUE

That way, you do a lookup for the user, you can store that in a cookie so you only have to do it once per session.

This would allow an unlimited number of fields.

When you get a users security, the value is either defined (has a value) or the KEY=>VALUE pair doesn't exist.

So, you'd test for a security level with the select above, then put it into a hash, if the value exists, then the user has that security level. If the value doesn't, the user doesn't. Or, you could do the specific request above, but taht would only fetch that security value, and it would be a good idea to do one select, get all the users security access, and set up a session based on that (keep those values in the server-side sessions database, not the users Cookie, and you have better security).

http://www.postcards.com
FAQ: http://www.postcards.com/FAQ/LinkSQL/

The problem is more complicated:

I need only one passwort, together with ID (or maybe a second field secureID) i test, if someone is allowed to access.

But i need more than 1 place where he could go.

Cause i have a lot of work and wont stay at one small problem too long, i have this solutions (maybe a better one at the finish)

One special field (value comes from the category he is registered in) holding the main-access-area for a user.
For every other area i use only one field; if someone want access to other areas he could choose from a field-menu:
With javascript i should get a forminput like: 1-2-5, means he wants access to area 1,2 and five.

When user know want access he calls a script testing on ID and paassword then takes value from the first field:
if pool=1 then printout: http://gaga/1.htm
if pool=2 then printout: http://gaga/2.htm
...

Then take the field-value from access (here 1-2-5) and put values in an aray, sort them and do a loop:

if array 0 till end:
if array(i) = 1 then printout http://gaga2/1.htm
...


The clou on this is a special apache-mod asking for referer with .htaccess:
No referer - no access
referer=http://gaga - access


Maybe this is too much work, it will be possible to do in the next hours,
for doing new tables and the perl-code for this im still not good enough ...

Robert

But i will read about "normalizing" this morning befor going sleep :-)