Welcome to Geeklog, Anonymous Sunday, December 22 2024 @ 12:23 am EST
Geeklog Forums
Users sharing login info
Status: offline
chief123
Forum User
Chatty
Registered: 05/02/03
Posts: 58
Something I'm trying to think through but not sure exactly how to accomplish it is this scenario:
1. I want to have an online newsletter type site where I write the content. No one but me can write content, there are no comments, no forum, calendars, no nothing except the weekly newsletter issues online. The content for the most part would only be for logged on users (protected from anonymous).
2. Since there is no reason for users to sign up (no comments, forum, etc.) I thought about having every user share the same generic password and username.
3. I would have a custom login form so that the User Functions box would be hidden.
4. I assume I'd have to have a logout link as well.
So if I have 100 users and they all have a generic username and password of let's say "User" and "password" there might be times that I have many users online at the same time reading the newsletter.
So here are questions:
1. Would it be a problem for GL to have multiple users all online at the same time who share username and password?
2. If one of the users logs out of the system would that affect anyone else being able to browse the content?
3. Are there other unforseen problems this arrangement could cause?
Thanks for any input or advice.
1. I want to have an online newsletter type site where I write the content. No one but me can write content, there are no comments, no forum, calendars, no nothing except the weekly newsletter issues online. The content for the most part would only be for logged on users (protected from anonymous).
2. Since there is no reason for users to sign up (no comments, forum, etc.) I thought about having every user share the same generic password and username.
3. I would have a custom login form so that the User Functions box would be hidden.
4. I assume I'd have to have a logout link as well.
So if I have 100 users and they all have a generic username and password of let's say "User" and "password" there might be times that I have many users online at the same time reading the newsletter.
So here are questions:
1. Would it be a problem for GL to have multiple users all online at the same time who share username and password?
2. If one of the users logs out of the system would that affect anyone else being able to browse the content?
3. Are there other unforseen problems this arrangement could cause?
Thanks for any input or advice.
17
16
Quote
Status: offline
chief123
Forum User
Chatty
Registered: 05/02/03
Posts: 58
In my limited testing it seems that it might be okay. I signed in as Admin in 3 different browsers. I then logged out from 1 browser but was still connected as Admin and could administrate from the other browsers. I'm not sure that's a good enough test though.
Does anyone have any advice or comments on this at all?
Thanks.
Does anyone have any advice or comments on this at all?
Thanks.
12
15
Quote
tokyoahead
Anonymous
There are some small drawbacks on this scenario.
First of all, the problem with the password: If you have one password for all, all have the same username and email address in the background DB. So nobody will be able to have a forgotten pasword to be sent to their own email address. Also, users would be able to change that password through normal procedures and then disable access for all others. Third, you wont be able to track user statistics.
One major drawback is that you would never be able to kick out one user (someone leaves the company or usergroup you share the info to).
Also, if you have the users share the username & password, you will have to have (from the reasons named above) a very easy username and password. So this is a security matter, and so why use a password at all?
In this case I would rather publish the whole page on a somehow "Hidden" URL (domain.com/234234234/ instead of domain.com/)and hence block it from sight. Or simply use a HTACCESS username/password, which would remove all trouble mentioned above. You would simple block access to the whole GL directory with one single username/pw, and make all content in geeklog public. People would then simply be there as guest.
Still, there is no technical issue with your way to do it. Since the Guest user is also a normal user in the database (User 1), and since there are many people who "login" as guest at the same time, there should be no problem from my point of view.
Another drawback of your solution is there in case you ever want to enable comments or else. Then, you would have to ake people again login with a new username and password. You are always in a legal dilemma if anonymous people post comments or else that is followed up by legal action. You better know who wrote what on your page.
HTH
Oliver
First of all, the problem with the password: If you have one password for all, all have the same username and email address in the background DB. So nobody will be able to have a forgotten pasword to be sent to their own email address. Also, users would be able to change that password through normal procedures and then disable access for all others. Third, you wont be able to track user statistics.
One major drawback is that you would never be able to kick out one user (someone leaves the company or usergroup you share the info to).
Also, if you have the users share the username & password, you will have to have (from the reasons named above) a very easy username and password. So this is a security matter, and so why use a password at all?
In this case I would rather publish the whole page on a somehow "Hidden" URL (domain.com/234234234/ instead of domain.com/)and hence block it from sight. Or simply use a HTACCESS username/password, which would remove all trouble mentioned above. You would simple block access to the whole GL directory with one single username/pw, and make all content in geeklog public. People would then simply be there as guest.
Still, there is no technical issue with your way to do it. Since the Guest user is also a normal user in the database (User 1), and since there are many people who "login" as guest at the same time, there should be no problem from my point of view.
Another drawback of your solution is there in case you ever want to enable comments or else. Then, you would have to ake people again login with a new username and password. You are always in a legal dilemma if anonymous people post comments or else that is followed up by legal action. You better know who wrote what on your page.
HTH
Oliver
13
18
Quote
All times are EST. The time is now 12:23 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content