[Typo3-dev] the horror of different usertables
Elmar Hinz
elmar.hinz at web.de
Mon May 31 18:13:37 CEST 2004
>
>
>>That is the reason why this point is so important and will cause trouble as long
>>as is not solved. Directly in the center of the city you set up this big wall,
>>just at a place where only the fewest people really need it. And a lot of people
>>get victim of disater while going the unnecessary long ways to get on the other
>>side.
>
>
> With your suggestion one bit could trigger the end of the world... :-)
>
The image of one bit is in any case very nice. But as each user would be
assigned to his groups it would be one bit in each assigning record. That means
lots of bits if you have lots of users. Each bit on a differnt place on the data
carrier.
Following the bit argument you could never trust your bank, cause with the
change of one bit all your money can go to someone else. :-)
The risk lies rather in db queries, that are not coded correctly and admins that
don't understand their system of groups. Things that happen.
>
>
>
>>In the resulting overhead of syncronization, as you propose it, I personally
>>rather see new doors of weakness. Syncronization isn't trivial and failures have
>>to be expected.
>
>
> Well, it *is* trivial. I could make a bugfree syncronization script in
> 100 lines PHP code after this model:
>
> <?php
>
> $be_users = selectAllBackendUsers(); // Backend users = master table
> $fe_users = selectAllFrontendUsers(); // Frontend users = slave table
>
> deleteAllFeUsersThatAreNotBackendUsers($be_users,$fe_users);
> createMissingFeUsersThatAreBackendUsers($be_users,$fe_users);
> synchronizePasswordsForTheRest($be_users,$fe_users);
>
> ?>
>
>
Ok, lets overthink the mode of two synchronised table systems. Is it so trivial
as you describe?
a.) You argued right that the circle of FE users is usually much bigger than
that of BE users. Your approach kills all FE users that are not in the BE. Why
does that matter? There are a lot sites, where FE users register themself. So
they are not in the BE Table and shouldn't go there until the admin has added
them to an appropriate group for that.
b.) On the other hand you want't to make use of the BE user administration.
Regarding a.) that means that you probably need to compare the timestamps to
decide which record is newer.
c.) You probably can't convert encrypted BE passwords to unencrypted FE
passwords. (OK, there are plannings to change this.)
So how about this? Rather abstract.
<?php
$GroupMap = getFeToBeUsergroupsMap();
copyFeToBeUserIfYoungerAndInMappedGroup($GroupMap);
copyBeToFeUserIfYoungerAndInMappedGroup($GropMap);
?>
Assumption c.) is already solved.
As long as c.) is open Passwords could only changed from the frontend.
Regards
Elmar
More information about the TYPO3-dev
mailing list