[pmwiki-users] Self registration

The Editor editor at fast.st
Thu Jan 22 14:33:21 CST 2009


On Thu, Jan 22, 2009 at 1:48 PM, Patrick R. Michaud <pmichaud at pobox.com> wrote:
>> Is there an advantage to putting the authentification & user-info type of
>> data in the profile page?  I don't think I've seen an argument on that side
>> yet although I may have missed it...
>
> (1)  having all of the information on the SiteAdmin.AuthUser page can
>     make it very cluttered for an admin to view/modify; putting
>     info in profile page (with pagelist commands for displaying
>     summary) keeps SiteAdmin.AuthUser itself clean
> (2)  a small mistake in SiteAdmin.AuthUser can suddenly wipe out lots
>     of accounts
> (3)  it's far quicker to grab authentication information from a
>     profile page than it is to parse and process the SiteAdmin.AuthUser
>     page, especially if there are large numbers of accounts

Though I would probably vote for using an AuthUser page in PmWiki, or
better still a .htpasswd file, I used profile pages in BoltWire to
store login information for the reasons Pm mentioned, (particularly
#3) plus perhaps a few more. In particular:

* I wanted to keep all profile information together, not in different
locations (login info one place, other vars elsewhere)
* It is easy to delete all account information by deleting one page.
* It lends itself to generating various kinds of lists based on
certain data values, such as an email list for members in a given
Country
* I can have data fields beyond a single line (like a description or
bio field for example). In fact pictures, or whatever.

Obviously you can do all these things either way, but it required less
overhead to use already built in mechanisms available for profile
pages.

That said, I'm finding now that doing things like generating email
lists for example is more cpu intensive when I have to do a pagelist
of hundreds of members. Either 1) I use the index which may or may not
be perfectly current, or 2) I manually scan the files which can
involve hundreds of file reads. I've also found 3) because of the
nature of passwords and emails I have to construct custom processes
anyway to either protect the security or manage verification, so I
can't really use simple data forms. If I were to do it over, I think
setting up a .htpassword file just for the passwords and emails might
have been easier, faster, and more secure. Logins only occur once in a
while per user so the look time should be trivial. And BoltWire at
least has easy mechanisms for linking that kind of information to
other profile data fields, much like a mini index.

Just my 2 cents on an interesting question.

Cheers,
Dan



More information about the pmwiki-users mailing list