newbie needs help

[rasyek]

I have never developed databases myself; however, I know HTML and CSS well, Javascript/ASP/VBScript somewhat and I've worked on websites with databases that others have created.

I have been given the following project and need help (where to start, programs to use, etc.). If anyone would be willing to give me some guidance, I would greatly appreciate it...Here's an overview.

I am adding a new section to our company intranet that only managers can access (along with the website administrator...me). The first page is a login page that will verify the credentials to access the site (managers go to one screen, administrator another). Access Info (name, date, time) will be recorded. Has options to register new user (form), update profile (known user info will appear on form pre-populated). System will reject if user doesn't have permission. Once they are in the system (and I'll probably have Q's about this later) they can choose different options from menu like reading articles. Database should be updated with activity info (actions, time online, etc.) from each users session.

This is the basic flow. I can probably figure out what to do once I get started, I just have no idea where to start. I've read the SQL course and I have access to MS InterDev and MS SQL Server - Enterprise Manager. Do I need any other programs? How do I get started setting up a new database? Do I need to link to a specific server? Which languages do I need to use for coding? How do I link my pages to the database info? Please help! Thank you.

[MAK]

create a login table and webpage table.

create table login(loginid varchar(10), pwd varchar(10), accesslevel int)
"mak","mutanakum",1
"xxx","tttt",2
"ttt","dfdfd",3



create table webpage (accesslevel int, page varchar(200))

1,"AdminPage.asp"
2,"UserPage.asp"
3,"Reportpage.asp"

Login page check for their access level and store it in session variable. redirect to the corresponding page.

In every page (admin/user/report) check for the status level in the session variable cas' some smartass love to type all the page types in the URL.

Display "Illegal access" when the session variable does not match the page they are accessing.

[nicc777]

There is also the Open Source alternative:

[L]inux
[A]pache
[M]ySQL
[P]HP/Perl

You don't really need Linux, as all the rest runs on Windows.

To check a login in MySQL can be as simple as:

Code:

SELECT IF( password = MD5('$password' ), 'yes', 'no' ) FROM my_user_table WHERE username = '$userid'

Reference: http://forums.databasejournal.com/sh...threadid=30551

You could do session management via encrypted cookies.

The whole solution won't cost you a sent extra, except your time to learn.

It would be worth it

Cheers