Background on the User Registration Website


Introduction.  We are about to embark on what I think is a fairly in depth template to do the following.
  • register user interests and contact information
    • first name
    • last name
    • email address
    • password
    • interests in
      • PHP
      • JSP
      • MySQL
    • credit card information
    • education information
  • allow the user to modify their info
    • based on email and password validation
  • allow the user to delete their info
    • based on email and password validation
  • allow anyone to display basic info on those that are registered

This page will make use of all the different HTML form controls.  It is important to be able to work with all of these when developing

  • sticky forms
  • writing to databases
  • retrieving from databases
  • updating databases

The application is essentially a profile manager for an ecommerce store.  But we will supplement it with other features.

Developing such a profile manager requires developments on the user and administrative sides.  But some of the main differences between how the user and administrative portions should work are listed in the following table.


Capability Users Administrative
Display Users Likely to be restricted in some way Display everything about users
Add a User Add only themselves Add anyone
Delete a User Delete only themselves Delete anyone
Modify a User Modify only themselves Modify anyone
Find a User   Find anyone
Browse   Browse all entries


We will implement these capabilities on both the user and administrative sides in separate webs.  We also need some sort of security measures to ensure only particular people can implement their appropriate capabilities.  The following table outlines the security measures.


Security Issues
Users Admins
Users will be required to enter their email address and password to authenticate their operations on their own record. A login page will be processed to produce a  session variable.  This session variable must be present during a session for every page the admin tries to access or else they will be redirected back to the login page.


Based on these criteria we will develop two different sites which record information in a MySQL database.