ASP Question/s from a Newbie

Discussion in 'Web Development & Web Hosting' started by rwilmot, Feb 5, 2007.

  1. rwilmot

    rwilmot Nibble Poster

    62
    0
    28
    superstar, Fergal, you rock.

    Dont worry about the SSL at the moment, i've not set it up yet anyway... I have however installed the digger solutions site and played with it. It has login functionality, a way of uploading files etc. it needs plenty to be modified though, i think.. If I am wasting my time with the digger solutions site then please say.

    It uses an Access DB for logins and pretty much everything, there are like 18+ tables in it! I have deleted some of the tables that I know I won't need and also I have removed some of the functionality from the user pages.

    My problem at the moment is that everything is linked. Each user can see what the others have uploaded etc etc. I need all accounts to be seperate.

    I'm hoping that by using a system like this it'll save me loads of time.

    Just out of curiousity, how much do you think someone would charge for such a system?? That question is open to everyone..
     
    Certifications: Village Idiot Award
    WIP: working towards everything..
  2. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    i havent looked at the site itself. but to be honest ive been under the impression that i should really avoid acess wherever possible!

    Charging, hmmm. i suppose its a measure of time. assuming £10 an hour, the asp app i built would have cost £1687.50, and thats just for the user manager component (and 4.5 weeks at 37.5 hours to build). assuming this is standard, and you have 4 sections (user manager/admin area, user/tutor login area, core section, and assuming bells and whistles as a separate component), you would be looking at £6750 for the whole thing.

    Again, I've never been involved in this aspect, of a program so i couldnt say for definate, thats only factoring in my own personal time (at a higher rate than current, but still cheap for a programmer), and assuming several variables were constant with each other. In real life this wouldnt be the case. But to be honest, personally i would say that for the entire system a £7k pricetag isnt really a big ask (im sure other people could give a much better estimate).

    If you build your own personal DB theres also the advantage that you definate your tables and columns from the ground up, around your own personal requirements.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  3. rwilmot

    rwilmot Nibble Poster

    62
    0
    28
    hmm thats interesting, do you think my boss knew that when he offered me £500 to do the whole thing??? :blink

    ok, so how do i go about making all accounts individual and not shared.

    6 grand would be nice, maybe one day I'll make that sort of money...
     
    Certifications: Village Idiot Award
    WIP: working towards everything..
  4. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    172
    211
    Hang on a second, they are commissioning you to make the site? have you actually agreed to it yet?

    If not i'd maybe renegotiate on that one. Try to get them to agree to an hourly rate, and acknowledge that you are inexperienced (and so obviously get a lower hourly rate because of that), and so it will take longer than a fully qualified professional would normally take.

    If you could manage that you'd be onto a winner.

    As for making accounts individual, you need a useraccounts table containing their username and password. you then need a table to store their uploads, which you link to their userid entry. Once you've done that, all you need to do is tailor your query, so when its pulling out their data, it only pulls out data linked to their userid

    ie:
    "select * from uploads where userid='fred.smith'"

    or, dynamically in vbscript, it would be something similar to:
    "select * from uploads where userid='" & strusername & "'"

    which would pull out their records. This is obviously dependant upon the exact setup you have running, but thats the best way to handle it (that i know of)
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  5. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Um - I've been a bit strapped for time lately, and can't now easily get access to CF during the day.

    To do this for £500 would invoke the response of "Get lost" from me! :-( Try 10 times that.

    The only way that £500 would be reasonable would be if you found a free app on the 'net that *exactly* matched your spec.

    Think of it this way. Good profesionals are usualy charged out at about £1000 per day. So you are a 'beginner', so a tenth of that is not unreasonable. So he is basicaly asking you to do no more that 5 days on this. Hence my comment on the original software being a close fit!

    If the Digger system doesn't separate the account properly then you need to look long and hard at it. Putting security into a system which doesn't have much is usualy *much harder* than it looks.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  6. rwilmot

    rwilmot Nibble Poster

    62
    0
    28
    Harry, would it be possible to make the accounts seperate?

    I'm going to try and stick with the digger system as it has pretty much half of what I need, unless anyone wants to recommend another system. I've searched all last week and this week so far and have come up with a few basic systems but they are worse than the digger one!

    I have attached two pdf files, they show the table structure in the DB and also there is a DB Report on the tables in the DB and their properties. Just in case anyone is interested...

    I think I only actually need 10 of the 20+ tables but am not going to delete the others just yet cause of their relationships.

    Also, the MS Access DB security issues can be sorted as well, there are options to use MySQL.. but i think i'll worry about that later.

    And thanks Fergal for the code hints. just need to figure the rest out now.. :eyecrazy :dunce :confused2
     

    Attached Files:

    Certifications: Village Idiot Award
    WIP: working towards everything..
  7. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    A quick look at the tables suggests that the accounts *are* individual. I'd have to look at the whole thing to see why it dodn't work for you.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  8. rwilmot

    rwilmot Nibble Poster

    62
    0
    28
    Your right Harry, the problem I am now having is that if I uploaded a file to the uploads section then everyone would be able to see it. I only want the tutor to see what files I have uploaded.

    Harry how can I help you out more? do you want access to the files or something?

    let me know how I can make it easier for you guys?
     
    Certifications: Village Idiot Award
    WIP: working towards everything..
  9. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Looking at the table diagrams - it doesn't look as if there is any setting along the lines of 'viewableBy'. There *may* be something in the app layer to do this.

    In addition there seems to be a major problem with one area. The assumption seems to be that there is a nice clean tree of command - an individual reports only to one person.

    But a student would have many tutors. I'm not sure how this would map onto the business logic in the app.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  10. rwilmot

    rwilmot Nibble Poster

    62
    0
    28
    Not in our case, one tutor has many students directly allocated to them.

    what do you mean by "it doesn't look as if there is any setting along the lines of 'viewableBy'. There *may* be something in the app layer to do this."

    And yes I'd agree that the system assumes there is one person in control..
     
    Certifications: Village Idiot Award
    WIP: working towards everything..
  11. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Ah - not quite the college system I was expecting. So a student only has *one* tutor to see his work?

    I was extrapolating the attributes of the Documents table. There is a 'submitBy' attribute, but nothing acting as 'permissions'. Hence my suggestion.

    But if there is only *one* tutor for a given student then you should be able to mod the app to allow access only by the 'submitBy' Employee and that Employee's 'ReportsTo'.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  12. rwilmot

    rwilmot Nibble Poster

    62
    0
    28
    Ah right ok then, so how would I go about adding the "viewableBy" field to the documents/ASP pages? I know how to do this in the DB file, I just dont know how to modify the code to allow for the new addition. There are so many pages it just gets confusing sometimes and I dont fully understand ASP yet..

    By the way, I asked my boss for his honest opinion on the sort of time frame he is expecting from me. I will then shock him with the realistic version as provided by you guys :biggrin

    If he feels that it is too long then I will stop the project. Although I will continue with it by myself for personal benefit
     
    Certifications: Village Idiot Award
    WIP: working towards everything..
  13. rwilmot

    rwilmot Nibble Poster

    62
    0
    28
    Yes but only on the system, if a student is in centre then they would get support from all staff members.
     
    Certifications: Village Idiot Award
    WIP: working towards everything..
  14. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,624
    117
    224
    Er - as I implied in the last sentence - if a student only has one tutor then you don't need the "viewableBy" field - just use the fields already there.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.