Google Answers Logo
View Question
 
Q: for joseleon-ga only please ( Answered 5 out of 5 stars,   0 Comments )
Question  
Subject: for joseleon-ga only please
Category: Computers > Programming
Asked by: bmcompany-ga
List Price: $200.00
Posted: 26 Jan 2004 09:16 PST
Expires: 25 Feb 2004 09:16 PST
Question ID: 300347
Ok. Thanks for your continued help.

Four things we would like doing.

1. Insert our existing data (currently stored in MS Access)
2. Ensure that the data online can only be viewed by authorised users **important**
3. Have some more advanced filters on the activity report admin feature.
4. Have the ability to add 'Priority' submissions.


Inserting current data.

We have an access database containing our current clients, and the
status of their submissions. We need the data that is in the new
database (the one you have just completed) deleting and replacing with
the content of the access file. The problem is, we cannot post a copy
of the database with a list of our clients onto a public forum :)

If i post a copy of the database with no data, can you write a page to
take records from the access DB and insert them into the my-sql
database? If not, can you think of another way of moving the data
accross?

Securing the online DB.

Although this db doesnt store any of our client's personal data, it
still contains a list of our clients. We dont want this to be viewed
by anyone without the password. Is it secure already? if not, how do
we go about making sure that it is (maybe password protected dirs)?

I'll post the other 2 things as soon as we've tackled the above.

Cheers

BMcompany

Request for Question Clarification by joseleon-ga on 26 Jan 2004 09:48 PST
Hello, bmcompany:
  Regarding post the access database so I can import your existing
links, you can upload it to your new host on phpwebhosting and I can
get it from there. Once you login using FTP, you can upload it outside
the www directory, so it¡s not public. What do you think?

And regarding securing the script, I think is fairly secure, this is
the main block:

if (!isLogged())
 {
 	if ($action=='login') login();
 	showHeader();

 	showLoginForm();
 }
 else
 {
	if ($action=='logout') logout();
	
	showHeader();
	
 	showMenu();
 
 	switch ($action)
 	{
   		case 'enter_urls_do':         if (isAdmin()) { enterURLs();
showEnterURLsForm(); } break;
   		case 'show_urls':             showURLs(); break;
   		case 'add_user':              if (isAdmin()) showAddUserForm(); break;   		
   		case 'add_user_do':           if (isAdmin()) addUser(); break;   		   	
   		case 'delete_user':           if (isAdmin()) showDeleteUserForm(); break;   		
   		case 'delete_user_do':        if (isAdmin()) DeleteUser(); break;   		   	
   		case 'modify_user':           if (isAdmin())
showModifyUserForm(); break;
   		case 'modify_user_do':        if (isAdmin())
showUpdateUserDetailsForm(); break;
		case 'update_user_details':   if (isAdmin()) updateUserDetails();
break;
		case 'activity_report':       if (isAdmin()) showActivityForm();
break;
		case 'show_report':           if (isAdmin()) showReport(); break;
		case 'setup':                 if (isAdmin()) showSetupForm(); break;
		case 'update_setup':          if (isAdmin()) updateSetup(); break;
   		case 'enter_urls':            if (isAdmin()) showEnterURLsForm(); break;
   		default:                      if (isAdmin()) showEnterURLsForm(); break;
 	}
 }


This means that if an user is not logged in, it has no access at all,
and if it's logged, it has only access to the showURLs function,
regarding login is based on cookies but encripted with md5 + a private
key, this way is not possible to make fake logins. In any case I will
search for any kind of flaw to prevent any possible security issue.
Also, remember your submitters will have access to all the database.

Regards.

Clarification of Question by bmcompany-ga on 26 Jan 2004 11:25 PST
Hi again,

Uploading the DB in that way is fine, i cant however do that until
later on, however - when we are testing the new features, i dont
really want the 'real' data in there anyway.

Ok, the other 2 features.

Priority submissions.

We need the facility to add clients to a 'priority' list so that they
appear as 'priority' in the submission list. It needs to be marked
clearly.

A seperate box to paste only priority urls to is prefered.

I will have to post the last bit later on as im right in the middle of
something and am finding it hard to think (as always i hear you say :)

Thanks again

BMcompany

Clarification of Question by bmcompany-ga on 28 Jan 2004 02:11 PST
These are the activity report filters we need.

total number of submissions today
total number of submissions for a given date range (from date1 to date2)

total number of google/AV/ATW submissions today
total number of google/AV/ATW submissions for a given date range (from
date1 to date2)

Total SUbmissions to date (all/google/atw/av)

All of the above also by submitter

ive put the db file into the www folder

Thanks

Clarification of Question by bmcompany-ga on 29 Jan 2004 01:18 PST
Is everything ok?

Request for Question Clarification by joseleon-ga on 29 Jan 2004 01:40 PST
Hello, bmcompany:
  Yes, everything is OK, I had some problems yesterday with my
internet access, now it seems is working OK, I will try to finish it
between today and tomorrow.

Regards.

Clarification of Question by bmcompany-ga on 29 Jan 2004 05:38 PST
No problem.
Answer  
Subject: Re: for joseleon-ga only please
Answered By: joseleon-ga on 29 Jan 2004 07:22 PST
Rated:5 out of 5 stars
 
Hello, bmcompany:
I have finished the tasks for this answer:
  
-I have added a new option called Enter priority URLs, those URLs will
have a flag set to allow be prioritized on the show urls option, so
will be always the first to be shown, also are marked with another
color.

-I have modified the activity report option so now it includes a
filter on the top that allows you to:
 Get activity report by submitter
 Get activity report by search engine
 Get activity report in a date range
 
 I have added a very nice dhtml calendar, if you have any problems on
your browser, just tell me.
 
-I have double verified the security of the script and it's ok.

-I deleted the previous contents of the database and I have imported
the urls stored in the access database, including layers and
submission dates. All urls has been assigned as submitted by the
admin.

-I have also added a new setting on the setup, to allow you set how
many entries per submitter do you want to view on the activity report.

Please, test it and don't hesitate to contact with me if there is something wrong.

Regards.
bmcompany-ga rated this answer:5 out of 5 stars and gave an additional tip of: $50.00
All working perfectly.

Kepp your eye out over the next couple of weeks for more questions, if
thats ok with you?

Comments  
There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy