Multi users, the users must not be able to see each other's data.
In the past I done one database and the select statements had the users ID in it, so only the user's data was returned. The user's data is sensitive and users should never be allowed to see each other's data.
Some sites I've notice have different directories for each user. I am curious why.
Are there advantages to this architecture? From a security point of view? Helps prevent cross scripting? How does this work, does each /subdirectory have a separate db table?
Is there one common code folder?
I realize these are a lot of questions and the answers are prob way to long.
Can anyone recommend a site or book that covers this topic?
first of all its up to you how to restrict every user to their own data and how. mostly those site are using same database and tables for all users. the directory or path you see after the actual domain name is not a real directory often, they use URL Rewrite to make it more readable and SEO friendly.
however you can perform different kinds of validations while working with database.
Hello, maybe you can get some idea from this page (google: ozekisms.com/index.php?owpn=422). When I was coding in PHP the doumentations/examples on this page helped me a lot.
Reply With Quote
Bookmarks