I agree with Dave. It sounded like your last explanation was headed towards
one password for these 20 users another for these 5 etc. If that's not what
you were saying, I apologies for the misunderstanding. If that is where you
were headed, I would say that this is one of those "design for the future"
topics. Instead of basing user rights on the actual password, have, as Dave
put it, a "level" or permissions or rights field. Here are some quick
thoughts as to why this is better. If one of the 20 people leaves, you have
to update the remaining 19 with a new password. Creating audit trails of
who's using/doing what would be easier. People are more likely to give
"their" password if it's really a "group" password. With a "level" field,
you can create "cascading" rights where each area has an identifier and
rights can be assigned per user.
Area 1's pass code might be A1 Area 2's might be A2 etc. So one user could
have a level code of A1A5A7 and another user could have a level code of
A1A3A5A9. You could then code to set a session var when the user logs in and
your other pages could do a "level" check. So both users would have access
to Area 1 and Area 5 but only user 1 would also have access to Area 7.
You can also create an admin page for creating users with check boxes for
each area. Then you build the "level" field based on the check boxes.
This is obviously one of many ways to do things. Cameron Childress (who
contributes to this list) has a security app where he explains the code. If
you ask him real nice like he might even send you a copy. I think it used to
be available at the ACFUG.org site but I think the sight is under a
re-design.
Hope this wasn't way more than what you were asking for..or that you're not
sitting there say DUH! ;-]
Stephen
-----Original Message-----
From: David Hannum [mailto:[EMAIL PROTECTED]]
Sent: Sunday, March 11, 2001 12:20 AM
To: CF-Talk
Subject: Re: Examples of Password protection
Try making a table in your database with a "level" field, username and pwd.
Set the levels, then query the table with your login. Put your qualifiers
in your scripts and set session vars based on the level in the login. Let
them see what they can based on the level of privileges they have.
Dave
----- Original Message -----
From: Michael <[EMAIL PROTECTED]>
To: CF-Talk <[EMAIL PROTECTED]>
Sent: Saturday, March 10, 2001 6:43 PM
Subject: Re: Examples of Password protection
> What I am looking for is if you have this password then you have access to
> all the information in the program/form/database, and if NOT, then you
only
> see this much and thats IT..
>
>
>
> Thanks
>
>
> "Michael" <[EMAIL PROTECTED]> wrote in message
> 3aaa4a87$[EMAIL PROTECTED]">news:3aaa4a87$[EMAIL PROTECTED]...
> > Looking for some examples of password protection of certain pages or
> > view's
> >
> > Thanks
> >
> > Michael
> >
> >
>
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
