> -----Original Message----- > From: Nathan Rixham [mailto:nrix...@gmail.com] > Sent: Sunday, May 02, 2010 8:39 PM > To: Ashley M. Kirchner > Cc: php-general@lists.php.net; Nilesh Govindarajan > Subject: Re: [PHP] Need login suggestions > > Ashley, > > I think Nilesh, (and later both Bobby & I), were just looking out for > our fellow developer, with good, if not the best intentions. > > Consider the scenario where you are making a school district site for > students and parents, and you slipped up and gave access to kids > details > to anybody who claimed to be a parent - I think in that scenario you'd > really appreciate the gentle nudge - and we, many of us parents, > wouldn't want the possibility of a hurt (or worse) child due to not > speaking up ;)
While I can appreciate that, this isn't the case here. This isn't sensitive information being broadcasted here. It's simply a matter of figuring out who's registering for what. Kids would be registering for a photo contest, parents will be registering for something completely different. So what if a student registers on the wrong side of the wall? Nothing happens there other than not having the ability to participate in the photo contest because it won't be available to them. And they can't *see* anything that the parents have done either, those are all contained within each specific account. I did take offense in Nilesh response because to me all he did was jump right down my throat and tell me not to do something (or that it's a "very bad idea") without even knowing WHAT it is that's being done. Whether this was a school district, or a gaming website between friends, it makes absolutely no difference. I'm asking about the specifics for a registration mechanism, NOT whether I should share information, nor what kind of information is being shared. This is a public school district, and we DO allow public registrations on our campus, because not all schools fall under our central system, and because parents want information. I'm simply inquiring from others if anyone has thought this through and come up with some way of determining who's who when they register, and I hate to say it, but so far the only person that actually answered my question with ideas was you, Nathan. So far everyone else has done nothing but say 'don't do it'. That's not helping any. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
