hellraida,
Quote:
What if in the original submission form we had a required password field. Wouldn't the password be stored in the same place as the e-mail address,id and url we are requiring for modification? And then on the modification form we could have a field for them to enter their password and password could be added as on of the things your modification checks for.
The three items asked for to validate a person making a resource modification in my mod are already in the database and, therefore, available for use.
You could add a password field in links.def and then modify my mod to ask for it and check to be sure it is valid. You would also need to add the code to store the password in links.db, add/modify code everywhere to handle the field, and use/validate the password (on the modify pages). I do not see where you get any additional security by doing so, however. It would just add an additional field the user would have to complete and would add more overhead and size to the database.
The idea behind my mod was to provide a minimal security system without the need to add fields to links.def and links.db or write a whole bunch of new code. With a few simple mods as outlined, you have the same security adding a password would give. In essence, the email address of the person who added or last modified the resource is the password as it is the one field not shown within the resource display (I have even modified my detail display to eliminate the contact info for the resource).
Feel free to modify my mod, if you want to, to add passwording to it. It would give you a good exercise in Perl/cgi programming.
------------------
Bob Connors
bobsie@orphanage.com www.orphanage.com/goodstuff/ goodstufflists.home.ml.org/ [This message has been edited by Bobsie (edited January 24, 1999).]