From: Ashley M. Kirchner > From: Paul M Foster >> The only reliable way to resolve this is to let the school >> administration to handle it. Each registration would *attempt* to >> register as a student, parent or whatever. Those attempted >> registrations >> would go into a "wait" queue. Meantime, emails would be sent to an >> administrator whose job is would be to "bless" those registrations. >> They >> would check to see if a potential registrant was what they claimed to >> be. You'd give them a page where the queued registration attempts would >> show up. And they would check the proper box for each potential >> registrant. Once done, the registration would be completed, and in the >> proper category. > > Yeah, that would fall on our shoulders. School administration won't do > this. It comes back to the IT Department and we have to "figure it out". > The problem is, while we can "bless" student registrations, we can't always > tell if the next one is a parent or not, or if it's a parent in our > district. > > We do have another system in place, one in which we hand out 2 unique keys > for each student at each school and parents pick those up. Internally those > keys are matched to that student so we know who it is that's registering. > However, that requires a lot of front work to get those keys out. > > For this particular project, we want to make it as painless as possible, but > the more I think about it, the more I'm accepting the impossible nature of > it. It all boils down to a simple risk assessment. Is the administration willing to live with the possibility that students can masquerade as parents and vice versa? And that strangers can masquerade as either? If so, then a simple check box on the registration page will suffice. If not, they will need to establish a manual authentication step as part of the registration process and control that check box themselves. Bob McConnell -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
