[thelist] Web Forms to Access DB?
Allie Micka
allie at pajunas.com
Tue Jan 8 09:40:04 CST 2002
Just jumping into this, so I'm sorry if I'm out of context.
>in the remote chance that the username/password somehow got into the
>database twice, the query to retrieve the username/password would return
>two rows and the script would, incorrectly, bounce the user back to the
>login page
>what this means is that the page to add a new username/password has to
have
>logic to detect duplicate entries
Rudy makes a very good point about putting unique constraints on the
database, and I would expand on it by pointing out that only the username
should be unique, not the username/password combination.
Because passwords can/should be changed over time, you don't want to have
to check for constraint violations on every password change, and you
certainly don't want to throw an error message stating "someone else
already has that username/password combination. You can't change yours,
but go ahead an log in as the other person if you want."
Also, you can use a unique username as a key in another table and you'll
be able to do password recovery routines if needed.
Allie Micka
pajunas interactive, inc.
http://pajunas.com
More information about the thelist
mailing list