Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 192
  • Last Modified:

Forms Question

null
0
aguldber
Asked:
aguldber
  • 4
  • 2
1 Solution
 
icdCommented:
The use of a form to edit the information would be the most common approach. It sounds like what you want to do is very much like a common script does called a 'guestbook'. This allows people to add to html document a comment about themselves. In your case a description of the servers availability would be added.

The main advantage of using a forms based approach is that you do not need anyone to have any special software, Frontpage or otherwise, other than the browser that they would use anyway.

To restrict access to the page that allows the 'document' to be edited you would use the security features of the server. On UNIX this is known as the .htaccess method. Basically on accessing the URL the user is prompted to enter a username and a password. If only a small number of people needed access to it then they would each have their own username and password and this information can be used by the script to indicate who made the document changes.

If this approach is acceptable then I can give you further details on what you need to do.
0
 
aguldberAuthor Commented:
If it can maintain the functionality I'm looking for, yes this could work quite well. I do have some questions/concerns. First, the server we are using is Microsoft's IIS 3.0 so the unix approach won't work here. Another thing is that this site is meant to be viewable by everyone, yet we don't want everyone to be able to 'post' to the site. FrontPage's permissions only allow for restrictions to be done on the site level, thus to secure the 'post' page it would have to reside on a second site. I don't know if the results page has to be on the same site as the 'post' page. If it does, then very few people will be able to view it and it defeats the purpose of this site. Also, I don't know if when you 'post' new information if the results page also contains the old information along with the new. I tried to test this today but had some setting wrong with the discussion webbot and haven't figured out the problem yet. Let me know what you think...
0
 
icdCommented:
I don't know much at all about how security works on MS IIS 3.0 but I would be suprised if it were not possible to restrict access at least to the directory level. If this is the case then you put the restricted pages (the update form) in a restricted access directory and everything else in another directory for which people have free access.

As for what to do with the 'old' information when you post new. You have two or three choices.

1. The new information totally wipes out the old

2. The new information is appended on the end of the old. Even older items are removed (a) by date (b) by number (c) manually

3. The 'old' information is put onto the edit form so that the choice over what should remain or be deleted is made by the person doing the update.

If you still have problems with restricting access then you could take the 'soft' option. Generate a page with a form that asks for username and password. The form action (using the post method) would call another script that verifies the information. If the information is valid then it generates a form containing the server information text to be modified.


0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
aguldberAuthor Commented:
I found the actual discussion wizard on frontpage explorer this afternoon - I was inadvertantly doing it be hand. I have talked  with the IIS 3.0 administrator and he said we can work on the security side of what I am trying to do but I first have to get it working. I did not get the opportunity to try the wizard though and unfortunately I be out of town until Monday so I will try it then and let you know if this works. Thanks for all your help so far...
0
 
aguldberAuthor Commented:
I've got a discussion form wizard to work with it listing the posts in a historical format. If you can tell me how to get the new information replace the old using this FrontPage's discussion form, I can then talk to the administrator more about securing the
posting mechanism, which he says shouldn't be too hard to do.
Thanks for everything...
0
 
aguldberAuthor Commented:
Having explored this option fully, we discovered that it didn't give us the flexibility that we had with the Word document solution. This would have worked if we could have locked it down effectively without at the same time limiting the number of people who could view the results. The other problem was that there could be multiple things wrong with the server and the user would only look at the top message, even if there was another posting link right below it. This is a good solution for a lot of things, but unfortunately it doesn't work here. Thanks for trying...
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now