I have $auth_allow_default = 1; so guests can view a record designated by a link on another page. This works fine. However, accessing the ADMIN or any valid login to modify accounts, etc seems to be only available if I change the value back to zero.

Is there a way to log in via URL as ADMIN or other accounts?

Pertinent attributes follows:
$auth_no_authentication = 1;
$auth_time = 21600;
$auth_logging = 1;
$auth_allow_default = 1;
@auth_default_permissions = (1,0,0,0,0);
$auth_signup = 0;
@auth_signup_permissions = (1,0,0,0,0);
$auth_modify_own = 0;
$auth_view_own = 0;
$auth_user_field = -1;

The problem is with the following configurations:



If you want people to be able to add, modify, and delete their entries, then you have to change the above config to the following:



And you should change the following codes:



to the following:



Then the following codes:



should be:



And to make sure that you have the configurations you want to use, I would HIGHLY recommend using the DBMAN Configurator located at:

http://www.jpdeni.com/dbman/

Best of luck resolving your problem.




Regards,

Eliot Lee

First, I thank you for taking the time to respond.
Second, I understand everything you said in your reply. But I think I need to expain further. The site in reference is a FAQ site where topics are listed in LINK form, narrowing down to a final link to the database, specifically to a record number or set of numbers, which answer the user's question(s). When the visitor clicks a link it isolates the record and displays it, with no login or other necessary actions on the part of the user. This is done using the "no auth" configuration. And it works great for that.

However, the technicians who update the FAQ database need to be able to log in with rights to add/modify which they cannot do with this setting, as it will not display the login screen. We do not wish for anyone else to "sign up" or "log in" under any circumstances, or to ever be presented with this login screen.

So far the only way I can see to make this happen is to change the "auth" to 0 long enough for them to log in and make changes. But this is certainly not the desired solution as, among other things, it renders the database useless to visitors during this editing time.

Now I understand that there is a way to log in via url, with the login info in the URL but as I am seeing it, this is not the case with "auth" set to "no". Is this true?

You will need to create another "permisson", which has been discussed in the DBMAN Customization Forum.

Search for additional user permissions or simply user permissions.

As of right now, DBMAN as written will NOT allow what you want...you will have to hack the authorization script to allow additional user permission than "admin","view","add","delete","modify".

Regards,

Eliot Lee

OK, as in hacks do you mean like:
Add Permission ### by JPDeni
and
Secure Password Lookup #### by: JPDeni // with all mods ....

IF both of these are installed what else do you need to "hack" for additional user permissions.

Yes, I've gone through the forums, the unoffical one, have read Carol's tutorial, and have gone through pages and lines of modifications.

It's obvious that I'm not understanding something even when all of these have been put together.

Getting the user into the vanilla set-up is great but like the previous post stated how are you supposed to get to admin ???? It'd be really nice to have that ability without changing the defaul.cfg all the time ---- or is that the answer changing the call from default.cfg to something like admin.cfg ???? would this cause any troubles???

Any clues and/or help would be appreciated.

I just setup a guestbook and was having similiar problems trying to get the right combination of permissions set so that the admin could still login and make changes, etc.

This is what I used which finally worked. It allows the users to post only, and admin of course has the ability to login and perform all the functions of admin.

$auth_no_authentication = 0;
$auth_allow_default = 1;
@auth_default_permissions = (1,1,0,0,0);
$auth_signup = 0;
@auth_signup_permissions = (1,1,0,1,0);
$auth_modify_own = 1;
$auth_view_own = 0;
$auth_user_field = -1;

Hope this helps, let me know if it solved your problems. Be sure to use a backup copy to try this out .. just in case



Unoffical DBMan FAQ
http://webmagic.hypermart.net/dbman/

Thanks again for popping up again Lois !!!

This was driving up the wall and I had another problem with a non-dbman for that was causing me troubles and I had thought it was all the mods I added.

I went back a previous step in the mod process and ended up using a seperate admin.cfg that got me in ...

Actually, your solution looks like a better way to go and I'll give it a try in a few days .... but for others who haven't gone through the mod process maybe the seperate adming.cfg might be helpful but I'm worried that it might have potential security, ????, problems. errrrr --- is this a possible back door ? Eliot was pretty sure this wasn't possible, saw this in 2 or 3 posts. Is this a hush - hush type of thing ???

One extra question, do you still have to login for guests? I was trying to avoid the login step all together for viewing only ... but do you still have to login as a guest ? Or am I asking a dumb question ??

No users would not have to login. The settings are so that visitors are able to freely post, but they can't do anything else. Admin still login and perform the administration of the database.

Please always check with a few people before assuming something can not be done. The only people I would believe without question would be Alex or JPDeni when it comes to the possibilities of DBMan. There are a few others, but Eliot would never be on the list. There is a list of people who are very knowledgeable and helpful listed in the FAQ noted below.

Unoffical DBMan FAQ
http://webmagic.hypermart.net/dbman/

Sorry for asking that dumb question

Ever since Carol retired from the forums things have been really different, about a year and a half ago I was really GUNG Ho about getting my site set up but work - home , well, ... things got a little difficult and I couldn't get things done so I took time off, I checked in every once in a while and saw that Ms. Earl Grey would be leaving , I was really sad but understood in a way since I was just starting to play with LINKS and saw part of things that were happening over there .... I guess just plain bad timing. Well, ..... you know.

Just recently I came back to DBman and saw that you came on the scene, and was happy to see someone picking up a part of the JPDeni Legacy, it gave me a warm feeling. I hope that Carol has gotten better ! I will always appreciate her help and kind words that she has given me and people around her ! She's really a rare jem that people could only wish to find in their life-time.

Thanks for all the help, eventhough, some people are very selfish and never say thank you, I'm sure they've always have appreciated all the help that they get from people like you.

and, thanks for your site, I actually found it by reputation that someone in the LINKS forums wanted to build something similar, imitatiting something can also be a sign of flattery.