[thelist] Web Forms to Access DB?

Allie Micka allie at pajunas.com
Tue Jan 8 09:40:04 CST 2002


Just jumping into this, so I'm sorry if I'm out of context.

 >in the remote chance that the username/password somehow got into the
 >database twice, the query to retrieve the username/password would return
 >two rows and the script would, incorrectly, bounce the user back to the
 >login page

 >what this means is that the page to add a new username/password has to 
have
 >logic to detect duplicate entries

Rudy makes a very good point about putting unique constraints on the 
database, and I would expand on it by pointing out that only the username 
should be unique, not the username/password combination.

Because passwords can/should be changed over time, you don't want to have 
to check for constraint violations on every password change, and you 
certainly don't want to throw an error message stating "someone else 
already has that username/password combination.  You can't change yours, 
but go ahead an log in as the other person if you want."

Also, you can use a unique username as a key in another table and you'll 
be able to do password recovery routines if needed.


Allie Micka
pajunas interactive, inc.
http://pajunas.com





More information about the thelist mailing list