> -----Original Message-----
> From: Bobby Pejman [mailto:bpej...@gmail.com]
> Sent: Sunday, May 02, 2010 8:30 PM
> To: Nathan Rixham; Ashley M. Kirchner
> Cc: php-general@lists.php.net
> Subject: Re: [PHP] Re: Need login suggestions
> I would also agree that allowing parent registration could be risky.
> What you may be able to do just off the top is create a UserLevel field
> in your users table and assign value 1 for all those who say they're
> students.  That is, if you have no student ids at your disposal.
> Then, when parents register, you can ask who their kid is, and assign a
> user level 2, for example.  When a parent finishes their registration,
> don't allow them access.  Display a message saying "you'll have to call
> in to get your password" or something similar.
> What you're essentially doing is identifying parents by their user
> level yet making sure parents are parents.
> Just an idea I thought I share.

What you're suggesting, multi level access, is already in place.  It's
determined by whatever group a login falls in, student, staff,
administrator, contractor, volunteer, parent, etc., etc.  However, for what
I'm doing, working with one of the departments, we don't have full access to
the LDAP server to verify a login, nor can we expect someone registering for
*transportation* is also registered in the main LDAP server.  So things work

What we're doing has nothing at all to do with what's on the main server.
No personal information is being shared or broadcasted.  No student
information, absolutely nothing.  This is strictly a case of 'user A' versus
'user B' and figuring out a way to determine, through registration, what
level of access they get.  Is it based solely on the honor system, hoping
that each user does the right thing when they register, or have people come
up with some other kind of mechanism ...

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to