Wait, what?
You are defining user role ids as MD5 hashes of UUIDs created from
random numbers that change on every request?
Am I missing something or is this completely insane advice?
On Mar 10, 2008, at 1:07 PM, tedd wrote:
At 3:14 PM -0400 3/10/08, Daniel Brown wrote:
On Mon, Mar 10, 2008 at 3:08 PM, Jason Pruim <japruim@xxxxxxxxxx>
wrote:
What I was thinking about doing was a combination of the company
name
(Which I set right now) and then a access level such as "50" for
the
"Owner" of the program, "40" for the "Managers" and "30" for the
"user" of the program. also leaving me room to add other levels if
required..
I generally do the same basic thing for permission levels, but a
reverse of what you're attempting to do.
The superuser (AKA root, administrator, God, whatever) has GID 0,
just like on a *NIX system. This is because it's the highest level
you can reach, and 0 is the lowest real number you can use. Thus,
you
can add a virtually-infinite number of lesser users, as opposed to
being limited to 50, as in your case.
Yeah, but then if you try to add a super-superuser you have to go
negative. :-)
Why not just define the users with define CONSTANT statement and use
that? Then the different types of users can be anything you want and
you can change the value easily if there's a problem.
Really, all the value really has to be is unique -- you could use
unique() for that, such as:
define("ADMIN", md5(uniqid(rand(), true)););
define("GENERAL_USER", md5(uniqid(rand(), true)););
define("LEVEL_ONE__USER", md5(uniqid(rand(), true)););
define("LEVEL_TWO__USER", md5(uniqid(rand(), true)););
define("WHATEVER__USER", md5(uniqid(rand(), true)););
and so on. That would work and you'll never have to be concerned
about it nor worry about someone guessing it, if that becomes a
problem.
Am I right?
Cheers,
tedd
PS: Oh, I just received the following email and thought I would pass
it on:
HELLO,
MY NAME IS AGNES IN SEARCH OF A MAN WHO UNDERSTANDS THE MEANING OF
LOVE AS TRUST AND FAITH IN EACH OTHER RATHER THAN ONE WHO SEES LOVE
AS THE ONLY WAY OF FUN BUT A MATURED MAN WITH NICE VISION OF WHAT
THE WORLD IS ALL ABOUT SO PLEASE REPLY ME WITH THIS BOX IF YOU ARE
INTERESTED IN ME.
Anyone want a woman who yells all the time?
--
-------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php