Limit number ot times for access

Hello,

Building a db for my site. Visitors will be able to upload their property
details into the db, but I need their, username and password to expire after
a set period, can this be done? Or can I change the data, they can change
after a set period, IE unable to change personal data after original entry.

Kind Regards

DG


--
MySQL Windows Mailing List
For list archives: http://lists.mysql.com/win32
To unsubscribe: http://lists.mysql.com/win32?unsub=gcdmw-win32@m.gmane.org

Re: Limit number ot times for access

--=_alternative 006A044D85256FE1_=
Content-Type: text/plain; charset="US-ASCII"

"david groves" wrote on 04/12/2005 07:22:42
AM:

> Hello,
>
> Building a db for my site. Visitors will be able to upload their
property
> details into the db, but I need their, username and password to expire
after
> a set period, can this be done? Or can I change the data, they can
change
> after a set period, IE unable to change personal data after original
entry.
>
> Kind Regards
>
> DG
>
>

You control that through your programming, not with DB permissions. If you
don't want people to change their data, don't create a page that lets them
do it. And by all means, do NOT give them (your web users) direct access
to the database. Perform all data operations through your web pages. That
way you can validate their information with your application's logic
BEFORE you attempt to put it into the database.

You can easily create a table of usernames, passwords, and expiration
dates. However, it will be your application that chooses to honor or
ignore the expiration date field.

Remember your goal is to make your data storage as efficient as possible
(you determine efficiency based on YOUR needs. Do you need to save space,
process lots of inserts quickly, process lots of selects quickly,...???
Optimization is a balancing act. Improvement in one area generally means
you lose in some other. Adding indexes can speed up SELECT processing but
it makes your database take up more room and slows down INSERT speed. You
must seek the balance that works best for you.) What you want is well
organized data so that there is a place for everything and everything is
in its place. How your application will use that data is completely up to
you.

Shawn Green
Database Administrator
Unimin Corporation - Spruce Pine
--=_alternative 006A044D85256FE1_=--

Re: Limit number ot times for access

As Shawn stated, it all depends on how your program will deal with
data that comes from databases, many people confuses webdesign and app
design for database design. Even when using stored procedures (at
5.0), that is simply another feature to make it simple for you to
mantain data, I like to think of databases as a simple storage, you
get data from it accourding to your needs and puts data on it settings
rules, your app should be able to know what can and can't be stored,
this way, you avoid compatibility problems and your app will work with
any MySQL version, even with any SQL Database. Ok, you can always use
a default value, a NOT NULL statement, a stored procedure, but can you
be sure that this will always work? I can't.

To your problem, If you want your clients password to expire after the
session, or after a period of hours, I would use cookies instead, but
if you want their passwords to expire after some time so they would
change it (for security), then you can store the expiration date and
check for it at each login, asking for the user to change it and store
the new expiration date again, you may want them not to change their
info at the first login, set a flag at the database and check for it.

Good luck,

On Apr 12, 2005 4:14 PM, SGreen@unimin.com wrote:
> "david groves" wrote on 04/12/2005 07:22:42
> AM:
>
> > Hello,
> >
> > Building a db for my site. Visitors will be able to upload their
> property
> > details into the db, but I need their, username and password to expire
> after
> > a set period, can this be done? Or can I change the data, they can
> change
> > after a set period, IE unable to change personal data after original
> entry.
> >
> > Kind Regards
> >
> > DG
> >
> >
>
> You control that through your programming, not with DB permissions. If you
> don't want people to change their data, don't create a page that lets them
> do it. And by all means, do NOT give them (your web users) direct access
> to the database. Perform all data operations through your web pages. That
> way you can validate their information with your application's logic
> BEFORE you attempt to put it into the database.
>
> You can easily create a table of usernames, passwords, and expiration
> dates. However, it will be your application that chooses to honor or
> ignore the expiration date field.
>
> Remember your goal is to make your data storage as efficient as possible
> (you determine efficiency based on YOUR needs. Do you need to save space,
> process lots of inserts quickly, process lots of selects quickly,...???
> Optimization is a balancing act. Improvement in one area generally means
> you lose in some other. Adding indexes can speed up SELECT processing but
> it makes your database take up more room and slows down INSERT speed. You
> must seek the balance that works best for you.) What you want is well
> organized data so that there is a place for everything and everything is
> in its place. How your application will use that data is completely up to
> you.
>
> Shawn Green
> Database Administrator
> Unimin Corporation - Spruce Pine
>


--
Daniel da Veiga
Computer Operator - RS - Brazil

--
MySQL Windows Mailing List
For list archives: http://lists.mysql.com/win32
To unsubscribe: http://lists.mysql.com/win32?unsub=gcdmw-win32@m.gmane.org