Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I'm modeling a permission strategy for a site.
I have this type of user:
Superadmin: the initial user and he can create others admins
Admin
Customer
For Admin and Customer i used a role assignment. But for SuperAdmin i don't know if i should use a role or a simple flag (boolean "IsSuperAdmin")
What is your opinion? thanks.
One method is you can create a new table user_roles for adding roles.
Fields,
id role_name
Then create a field user_role_id in your users table for storing the role id.
We can check the roles in session to access their methods.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
My scenario is that I have a "Room" object and am tracking a list of users who are in the room. If I store the users as a list of firebase.User objects, this exposes those objects to anyone with access to the room.
Does this expose any sensitive data? I could filter this data and only include uid, displayName and photoURL in the DB.
As long as your "users" collection has security rules preventing users from viewing other user's sensitive data it is fine to store an object containing a small amount of identifying information (uid, displayName and photoURL) in a public document like a "room."
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
How is the password being stored in the table wp_users in wordpress database? I wanted to know what is the algorithm being used to stre password values in the column user_pass
Wordpress uses php's crypt method to hash the password. Here's the method used to hash the password in Wordpress's source code: https://github.com/WordPress/WordPress/blob/2651ff3ae805321432bc6d9eac3d62269c937077/wp-includes/class-phpass.php#L236
Wordpress generates a salt string on which to bash the hashing for this particular method in that same class.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Say I have a site with two types of user
contentCreator
and
contentUser
What I want to do is :
contentCreator has to pay to have an account, and once logged in, has feature set X.
contentUser can register for free, and once logged in, has feature set Y.
All I need is a pointer in the right direction to get me started.
This can be achieved using a membership plugin where you have a free and a paid membership structure and limit the content access based on the user membership plan.
You can use plugins like Simple Membership and configure it to have both paid and free memberships.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
when ever the user make login by facebook or google it return data but it does not save it in fields added to registration form like full name and gender and so on , It only save the data into the users table it save the email and username what is the problem and what should i do too please some one give me an answer
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I want to customize default registration process in Drupal 7. The registration process includes 3 steps:
Show some account types (in a page or form?). For example "personal", "business", "organization"... And users will choose their own account type.
Fill information into registration form. Each account type which users choose in step 1 has some corresponding fields.
Finish registration with an confirmation email or something else.
The registration process is similar to https://secure.payza.com/signup
Thank you for helping.