Background on a User Registration Website


Introduction.  When you shop online, one the the most common experiences is to develop a profile that can be accessed whenever you return to a site.  This keeps you from having to reenter information and allows the site to keep some information on you for their marketing purposes. 

Developing such a profile manager requires developments on the user and administrative sides.  But some of the main differences between how the user and administrative portions should work are listed in the following table.


Capability Users Administrative
Display Users Likely to be restricted in some way Display everything about users
Add a User Add only themselves Add anyone
Delete a User Delete only themselves Delete anyone
Modify a User Modify only themselves Modify anyone
Find a User   Find anyone
Browse   Browse all entries
Email Password Email to themselves  
Discussion Board Involve themselves if they are registered  


We will implement these capabilities on both the user and administrative sides in separate webs.  We also need some sort of security measures to ensure only particular people can implement their appropriate capabilities.  The following table outlines the security measures.


Security Issues
Users Admins
Users will be required to enter their email address and password to authenticate their operations on their own record. A login page will be processed to produce a  session variable.  This session variable must be present during a session for every page the admin tries to access or else they will be redirected back to the login page.


Based on these criteria we will develop two different sites which record information in a MySQL database.