Solved

Multiple client's directories management in an Application Service Provider model

Posted on 2007-04-10
8
231 Views
Last Modified: 2013-11-13
I need web-based, platform independent application that implements Application Service Provider (ASP) model.
It will be developed using PHP. I am looking for an open source resource that provides the mechanism on how to manage the multiple client's directories in the application.

Thank you very much.
0
Comment
Question by:llping8
  • 6
  • 2
8 Comments
 
LVL 11

Expert Comment

by:walkerke
ID: 18887356
Since PHP is not platform independent, that would be difficult. Could you elaborate on what an Application Service Provider model is? Does the client have multiple directories or are there multiple clients whom each have a directory? Where is the directory located, locally on their computer or on a server?
0
 

Author Comment

by:llping8
ID: 18887828
Lets assume it is on a Linux server. As I know, Application Service Provider (ASP) model a.k.a. "Software as a service".
There is a server with an application. The application provides service to clients. Basically each client will have their own directory (basically is ONE directory for each client). When a client sign in, he will only able to access his data in his own directory. There is only one application running.

My question is how does PHP  manage the client access? After a client sign in, how PHP can prevent him/her from accessing other client's directory.
0
 

Author Comment

by:llping8
ID: 18887832
The client's directory is in the server where the application resides.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:llping8
ID: 18888240
Additionally, each client will have his/her own database (MySQL) space to store data. So, when a client sign in, only the respective file directory & database is available for access.
0
 
LVL 11

Accepted Solution

by:
walkerke earned 500 total points
ID: 18894684
This is really beyond my expertise, so I hope someone else will contribute.

My own approach to this would be to use PHP's rich file system features to do all the file management. I would assign a unique identifier code to each user and begin each folder and file name with that code, but mask out the code when presenting the directory tree to the client's browser. I would embed a safeguard within the PHP application which prevents the client from maneuvering to a folder or accessing a file that does not being with the same code as the one they are maneuvering from. I would also implement a PHP session and tie the session id to the client id.

MySQL's own security features will prevent one user from accessing another user's data unless they are specifically given access to it.
0
 

Author Comment

by:llping8
ID: 18894979
Thank you, walkerke. I appreciate your input. I will search other resources as well.
0
 

Author Comment

by:llping8
ID: 18896452

I am googling & yahooing all the while, and only thing that i can think of is the mechanism used in some web content management system. I am wondering, how are those CMS manage so many users directory without letting users view other user's content. Are they open new directory for a new user? I tried to install Mambo in my localhost to do some research.
0
 

Author Comment

by:llping8
ID: 18896716
I guess I was wrong about CMS. Each CMS only manage ONE website. With multiple manager can access. But basically they are managing the same site with differrent level of access.  It is a different story.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question