Ok. Thanks for your continued help.
Four things we would like doing.
1. Insert our existing data (currently stored in MS Access)
2. Ensure that the data online can only be viewed by authorised users **important**
3. Have some more advanced filters on the activity report admin feature.
4. Have the ability to add 'Priority' submissions.
Inserting current data.
We have an access database containing our current clients, and the
status of their submissions. We need the data that is in the new
database (the one you have just completed) deleting and replacing with
the content of the access file. The problem is, we cannot post a copy
of the database with a list of our clients onto a public forum :)
If i post a copy of the database with no data, can you write a page to
take records from the access DB and insert them into the my-sql
database? If not, can you think of another way of moving the data
accross?
Securing the online DB.
Although this db doesnt store any of our client's personal data, it
still contains a list of our clients. We dont want this to be viewed
by anyone without the password. Is it secure already? if not, how do
we go about making sure that it is (maybe password protected dirs)?
I'll post the other 2 things as soon as we've tackled the above.
Cheers
BMcompany |
Request for Question Clarification by
joseleon-ga
on
26 Jan 2004 09:48 PST
Hello, bmcompany:
Regarding post the access database so I can import your existing
links, you can upload it to your new host on phpwebhosting and I can
get it from there. Once you login using FTP, you can upload it outside
the www directory, so it¡s not public. What do you think?
And regarding securing the script, I think is fairly secure, this is
the main block:
if (!isLogged())
{
if ($action=='login') login();
showHeader();
showLoginForm();
}
else
{
if ($action=='logout') logout();
showHeader();
showMenu();
switch ($action)
{
case 'enter_urls_do': if (isAdmin()) { enterURLs();
showEnterURLsForm(); } break;
case 'show_urls': showURLs(); break;
case 'add_user': if (isAdmin()) showAddUserForm(); break;
case 'add_user_do': if (isAdmin()) addUser(); break;
case 'delete_user': if (isAdmin()) showDeleteUserForm(); break;
case 'delete_user_do': if (isAdmin()) DeleteUser(); break;
case 'modify_user': if (isAdmin())
showModifyUserForm(); break;
case 'modify_user_do': if (isAdmin())
showUpdateUserDetailsForm(); break;
case 'update_user_details': if (isAdmin()) updateUserDetails();
break;
case 'activity_report': if (isAdmin()) showActivityForm();
break;
case 'show_report': if (isAdmin()) showReport(); break;
case 'setup': if (isAdmin()) showSetupForm(); break;
case 'update_setup': if (isAdmin()) updateSetup(); break;
case 'enter_urls': if (isAdmin()) showEnterURLsForm(); break;
default: if (isAdmin()) showEnterURLsForm(); break;
}
}
This means that if an user is not logged in, it has no access at all,
and if it's logged, it has only access to the showURLs function,
regarding login is based on cookies but encripted with md5 + a private
key, this way is not possible to make fake logins. In any case I will
search for any kind of flaw to prevent any possible security issue.
Also, remember your submitters will have access to all the database.
Regards.
|
Clarification of Question by
bmcompany-ga
on
26 Jan 2004 11:25 PST
Hi again,
Uploading the DB in that way is fine, i cant however do that until
later on, however - when we are testing the new features, i dont
really want the 'real' data in there anyway.
Ok, the other 2 features.
Priority submissions.
We need the facility to add clients to a 'priority' list so that they
appear as 'priority' in the submission list. It needs to be marked
clearly.
A seperate box to paste only priority urls to is prefered.
I will have to post the last bit later on as im right in the middle of
something and am finding it hard to think (as always i hear you say :)
Thanks again
BMcompany
|
Clarification of Question by
bmcompany-ga
on
28 Jan 2004 02:11 PST
These are the activity report filters we need.
total number of submissions today
total number of submissions for a given date range (from date1 to date2)
total number of google/AV/ATW submissions today
total number of google/AV/ATW submissions for a given date range (from
date1 to date2)
Total SUbmissions to date (all/google/atw/av)
All of the above also by submitter
ive put the db file into the www folder
Thanks
|
Clarification of Question by
bmcompany-ga
on
29 Jan 2004 01:18 PST
Is everything ok?
|
Request for Question Clarification by
joseleon-ga
on
29 Jan 2004 01:40 PST
Hello, bmcompany:
Yes, everything is OK, I had some problems yesterday with my
internet access, now it seems is working OK, I will try to finish it
between today and tomorrow.
Regards.
|
Clarification of Question by
bmcompany-ga
on
29 Jan 2004 05:38 PST
No problem.
|