in reply to user profile/account management modules?

This is extremely dangerous.(you *are* talking about a shell account?)

I have this application that lets multiple users log in and see things, upload things, create sub users, and allow them or not allow them to see stuff.

I originally intended to tie in real tight with the os (linux), but.. you'd have to run as root , or something would have to- to create and manage accounts. I thought that was asking for trouble.

Think about it. Root access to a machine's accounts/permissions stuff.. via http.

At least if you maybe forced ssl?

Another thing I considered to solve this problem, was to maybe enable the web interface (via ssl, passwords, catchas .. etc) to 'queue' the creation of a user.. to queue the setting of permissions.

Afterwards, an admin could look over the requests via the web.. and allow them or not.

  • Comment on Re: user profile/account management modules?

Replies are listed 'Best First'.
Re^2: user profile/account management modules?
by JupiterCrash (Monk) on Jul 21, 2006 at 16:38 UTC
    Sorry, I wasn't clear. I am *NOT* talking about a shell account.

    I am talking about a generic user account/database membership backend to be used in a web-based environment. As you would see in a social networking site like myspace, community portals, or any site requiring user profiles and membership.

    Matt
[reply]

      A relational database is a good solution if you have data that will .. 'relate'. *ahem*

      Are you going to be asking things like 'how many users are logged in?'?
      If not, you could set it up in flat files.- text.

      Something I like a lot for this kind of thing is CGI::Session and CGI::Validate.

[reply]

In Section Seekers of Perl Wisdom