The Expert's number of “Accepted Answers” is a good indication of how many satisfied customers he or she has helped.
TheDoctor's Master of Science in Internet Information Systems was verified on or about December 2012 by a leading third-party verification service.View the Terms of Service section on verifications
FOR "THEDOCTOR" - I have some enhancements required for the file transfer application that you helped us with earlier The [file_users] table needs to have a new column called "status" - BOOLEAN. Default value is "1"
1. Right after registration of a new user (pending check #4 below), [file_users-status] = "1" - this requires update to register.php. as part of the registration process, in addition to the existing check being made to ensure that the email address is not already registered and additional check is required to ensure that a new user registration is allowed. A call must be made from this application database to the external "CORPORATE " database (described in #4 below) to obtain the value of [master-no_users]. As long as the value of [master-no_users] is greater than the total number of users with [file_users-status] = "1" a new user registration is allowed. This call to the external "CORPORATE" database would need to have the connection parameters (db name, user id , password) provided in the child-application - it there a way to avoid leaving such details on the child-application in order to protect the security of the external "CORPORATE" database? from someone getting into the code and obtain the login information?
2. A new menu option is required post login - Manage Users. This option provides the ability to toggle users between a status=1 and status=0 value. A list of records showing only the [file_users-email_address) must be shown with a button alongside that says "Disable" if currently [file_users-status]=1 or "Enable" if currently [file_users-status] = 0. These actions lead to the toggling of the value of [file_users-status]. "Enable" is allowed if any only if requirement #4 as described below is met. A call must be made from this application database to the external CORPORATE database (described in #4 below) to obtain the value of [master-no_users]. As long as the value of [master-no_users] is greater than the total number of users with [file_users-status] = "1" toggling an existing user from [file_users-status] = "0" to "1" is allowed otherwise the "enable" function must be disallowed with an alert message "Unable to enable user because maximum number of users have been reached".
3. During the login process, login.php needs to be updated that allows the user to log in with their email address and password ***** log as their record in the [file_users] table has status = "1". Else login must be denied.
4. The number of users allowed to be in status="1" in the [file_users] table is controlled by a record in an EXTERNAL database which needs to be created. In this "external" database called "CORPORATE" I need a table [master]. This table has three columns (1) database_id - CHAR (2) updated_on - DATE( and 3) no_users -INT 8. #1 and #2 columns of this [master] table form a composite key in the table. The value of [master-database_id] is the same as the database name where the application's tables exist. multiple such child-application databases could exist and each one would have its unique name with its own allowed number of users. The CORPORATE-masters table contains the name of all these child application database names in "database_id". No user interface is necessary to be developed to manage this [master] table - I have that covered.
5. We need to add a password ***** function in the application for registered users. There must be a "forgot password" link below the login.php user interface. When clicked the application would ask for a register email address. If this email address does not exist in the [file_users] table or if it exists but [file_users-status]=0 then an alert message needs to be generated "Password ***** not possible" If the email_address is found in [file_users] AND status="1" then an encrypted link needs to be sent to the email address provided. When the encrypted link is clicked (can only be clicked just once, which invalidates the link from future clicks) the user is taken to a form that pre-fills in the Email Address with no input allowed and allows the user to enter a password ***** New Password ***** "Repeat New password" If these passwords do not match, then and alert indicating "Passwords are not the same" must be generated. Otherwise the [file_users] table needs to be updated with the newly entered password ***** the "email_address"
6. We need to have a "Settings" option post login that can be allowed to be maintained only by the user having "admin" in the first 5 characters of the [file_users-email_address]. Under Settings it would be possible to disable or enable any of the following columns (see requirement #7) all of which are - BOOLEAN with 1 = enabled, 0=disabled (a) track ip address of uploading user (b) track geo-location of uploading user (c) track ip address of downloading user (d) track geolocation of downloading user
7. Instead of storing files uploaded by external and internal users both in the [userfiles] table, we would like to leave [userfiles] for only external users (no login required) and create a new table called [protectedfiles] to store the records for internal users (post login). Table [userfiles] needs to have two new columns (a) ip_address and (b) geo-location. If the "Settings" in #6 requirement above indicates that "track ip address of uploading user" = "1" and/or "track geo-location of uploading user" = "1" then the ip address and geo-location of the user's device must be logged in the [userfiles] table.
8. The [filedownloads] table also need to have the two new fields "ip_address" and "geo_location" and needs to track the ip address and geo-location of the device used to click on the encrypted download link in the email that they receive. Of course this update of these two new fields would depend on the settings in #6(c) and #6(d).