Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New Coder
    Join Date
    Mar 2011
    Posts
    15
    Thanks
    0
    Thanked 0 Times in 0 Posts

    user login verification question

    I've never worked with databases before.

    Generally, is it better to GRANT each person registered to your site some basic privileges and when they log in connect to the database with their login/password, or else is it better to use the same login and password for each user using an account with broader database privileges (but not full privileges), and just verify users by querying a table using the login and password information they logged in with???

    Which is more efficient?

    Is there major problems with either situation?

    Also, what is the general process for validating a users' login and password, with specifics if you can. Do you query a large table of different users looking for a login and password match??



    Thanks, G

  • #2
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    27,211
    Thanks
    80
    Thanked 4,571 Times in 4,535 Posts
    Most web-based apps use a single set of credentials and use program logic to control what is seen by the user. This allows the app to access parts of the database that you don't want the users to be able to see (e.g., the app keeps a log of visitors).

    Do you query a large table of different users looking for a login and password match??
    Yes. Whether or not you encrypt passwords (typically, using a one-way algorithm) depends on the sensitivity of the data.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •