#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    n/a
    Posts
    1
    Rep Power
    0

    Database re-construction: Help with elementary concepts.


    Hi,

    I'm new to the forum, MySql and PHP. I have a database setup where a user sends his/her info in a form that is mailed to me and I use another form to copy and paste that information into the database making it viewable to the world. Currently I am the only user with access to the form that adds the information into the database. The database consists of one table with 10 fields for user information. Now that the web site is gaining popularity I would like to automate the process by creating a login system with email authentication, allowing the user(s) to add, delete, and edit their own information. My first problem is knowing if I can use the same (existing) table for all users which would seem to indicate that I would need to password protect each user field in the table (by using a key, or hash???), or should I have the new system create a new table for each new user?

    Thanks in advance,
  2. #2
  3. No Profile Picture
    Gödelian monster
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jul 1999
    Location
    Central Florida, USA
    Posts
    2,307
    Rep Power
    62
    Generally, it is a bad idea to have a table for each user, because this creates enormous problems manipulating your data later, especially if you end up with a few thousand users.

    I would recommend you use MySQL's one-way hashed "password" datatype for your password column, and just use that as the criteria by which you allow users to edit certain rows of the table. Obviously, you will also not be able to give users actual access to manipulate the database, but simply controlled access through web forms.

    The only reason to have individual tables for each user is if you need a system where the users have complete autonomy from each other, and might need to modify their table structure to be different from others. In this case, or where you want users to actually be able to log into a MySQL command-line session, etc... then you would need to create individual tables, with specific permissions granted for each table, to prevent users from seeing or changing others' data.
    The real n-tier system:

    FreeBSD -> PostgreSQL -> [any_language] -> Apache -> Mozilla/XUL

    Amazon wishlist -- rycamor (at) gmail.com

IMN logo majestic logo threadwatch logo seochat tools logo