Home Tutorial Mods Configurator Bookstore Links Email JPDeni
Before you start messing with the .cfg file, think about who your database is designed to serve. What is the whole purpose of it and how secure do you want your information to be? Do you want members of the general public to be able to see it? Who will be adding records? Just you? Or will it be a "members" site where only those who have added records can view them? Who will be allowed to modify or delete records in your database? If you want to require users to log in before they can view, add, modify or delete records, do you want them to be able to sign up for accounts online or do you want to take on the responsibility of adding them yourself? Would you like to edit the database directly on your website, or do you want to edit it offline, either by hand or using server software on your home computer?
There are probably 100 different possible permutations of permissions you can have, but, except for very rare occasions, there are only 14 that I've been able to determine are practical or wise. These are listed in the table below, as well as the settings you will need in order to have these permissions. If a setting is not listed, you don't need to worry about setting it. For explanation of the "User Types" see the Notes at the end of the table.
Permissions |
User Type |
Settings |
View/Search: |
Default user Offline Offline Offline |
$auth_no_authentication = 1; @auth_default_permissions = (1,0,0,0,0); $auth_user_field = -1; |
View/Search: |
Default user Default user Offline Offline |
$auth_no_authentication = 1; @auth_default_permissions = (1,1,0,0,0); $auth_user_field = -1; |
View/Search: |
Default user Admin Admin Admin |
$auth_no_authentication = 0; $auth_allow_default = 1; @auth_default_permissions = (1,0,0,0,0); $auth_user_field = -1; |
View/Search: |
Default user Default user Admin Admin |
$auth_no_authentication = 0; $auth_allow_default = 1; @auth_default_permissions = (1,1,0,0,0); $auth_user_field = -1; |
View/Search: |
Admin Default user Admin Admin |
$auth_no_authentication = 0; $auth_allow_default = 1; @auth_default_permissions = (0,1,0,0,0); $auth_user_field = -1; |
View/Search: |
Default user Registered user Registered user Admin Admin |
$auth_no_authentication = 0; $auth_allow_default = 1; @auth_default_permissions = (1,0,0,0,0); $auth_signup = 1;* @auth_signup_permissions = (1,1,0,0,0); $auth_user_field = -1; |
View/Search: |
Default user Registered user Registered user Registered own Admin |
$auth_no_authentication = 0; $auth_allow_default = 1; @auth_default_permissions = (1,0,0,0,0); $auth_signup = 1;* @auth_signup_permissions = (1,1,0,1,0); $auth_modify_own = 1; $auth_view_own = 0; $auth_user_field = #; |
View/Search: |
Default user Registered user Registered user Registered own Registered own |
$auth_no_authentication = 0; $auth_allow_default = 1; @auth_default_permissions = (1,0,0,0,0); $auth_signup = 1;* @auth_signup_permissions = (1,1,1,1,0); $auth_modify_own = 1; $auth_view_own = 0; $auth_user_field = #; |
View/Search: |
Registered user Admin Admin Admin |
$auth_no_authentication = 0; $auth_allow_default = 0; $auth_signup = 1;* @auth_signup_permissions = (1,0,0,0,0); $auth_modify_own = 0; $auth_view_own = 0; $auth_user_field = -1; |
View/Search: |
Registered user Registered user Admin Admin |
$auth_no_authentication = 0; $auth_allow_default = 0; $auth_signup = 1;* @auth_signup_permissions = (1,1,0,0,0); $auth_modify_own = 0; $auth_view_own = 0; $auth_user_field = -1; |
View/Search: |
Registered user Registered user Registered own Admin |
$auth_no_authentication = 0; $auth_allow_default = 0; $auth_signup = 1;* @auth_signup_permissions = (1,1,0,1,0); $auth_modify_own = 1; $auth_view_own = 0; $auth_user_field = #; |
View/Search: |
Registered user Registered user Registered own Registered own |
$auth_no_authentication = 0; $auth_allow_default = 0; $auth_signup = 1;* @auth_signup_permissions = (1,1,1,1,0); $auth_modify_own = 1; $auth_view_own = 0; $auth_user_field = #; |
View/Search: |
Registered own Registered user Admin Admin |
$auth_no_authentication = 0; $auth_allow_default = 0; $auth_signup = 1;* @auth_signup_permissions = (1,1,0,0,0); $auth_modify_own = 0; $auth_view_own = 1; $auth_user_field = #; |
View/Search: |
Registered own Registered user Registered own Admin |
$auth_no_authentication = 0; $auth_allow_default = 0; $auth_signup = 1;* @auth_signup_permissions = (1,1,0,1,0); $auth_modify_own = 1; $auth_view_own = 1; $auth_user_field = #; |
View/Search: |
Registered own Registered user Registered own Registered own |
$auth_no_authentication = 0; $auth_allow_default = 0; $auth_signup = 1;* @auth_signup_permissions = (1,1,1,1,0); $auth_modify_own = 1; $auth_view_own = 1; $auth_user_field = #; |
| Notes: a "Default user" is one that does not need to log in to the database before having access. A "Registered user" must log in with a unique username and a password before being able to use the permissions you have granted. "Registered own" means that a registered user will have the permission to edit or view only the record(s) that he/she has added. "Admin" means you. You can do anything you want on your own database. The permissions given to "Admin" are those which only the database administrator (you, or those to whom you give administrative permission) can do. "Offline" means that you plan to make changes to your database by editing the file offline and then uploading to your server. $auth_signup = 1* is the setting if you want users to sign up for accounts online. If you would rather add users yourself, set this to 0. $auth_user_field = #; -- In place of the #, insert the number of the userid field. (If you've followed the whole tutorial, this should already be set correctly.) |
||
Upload your default.cfg file and try to access the database from different perspectives. Use http://www.server.com/cgi-bin/db.cgi?db=default&uid=default to access the database as a default user.
 |
The basic tools | |
|
|
Install the demo | |
|
|
Create your own configuration | |
|
|
Set permissions | |
|
|
|
||
Home Tutorial
Mods Configurator
Bookstore Links
Email JPDeni