8. User Database
Interchange has a user database function which allows customers to save any pertinent values from their session. It also allows the setting of database or file access control lists for use in controlling access to pages and databases on a user-by-user basis.
The database field names in the user database correspond with the form variable names in the user session. If there is a column named address, when the user logs in the contents of that field will be placed in the form variable address, and will be available for display with [value address]. Similarly, the database value is available with [data table=userdb column=address key=username].
The ASCII file for the database will not reflect changes unless the file is exported with [tag export userdb][/tag]. It is not advisable to edit the ASCII file, as it will overwrite the real data that is in the DBM table. User logins and changes would be lost. Note: This would not happen with SQL, but editing the ASCII file would have no effect. It is recommended that the NoImport configuration directive be set accordingly.
The field names to be used are not set in concrete. They may be changed with options. Fields may be added or subtracted at any time. Most users will choose to keep the default demo fields for simplicity sake, as they cover most common needs. As distributed in the demo, the fields are:
code accounts acl address address_book b_address b_city b_country b_name b_nickname b_phone b_state b_zip carts city country db_acl email email_copy fax fax_order file_acl mv_credit_card_exp_month mv_credit_card_exp_year mv_credit_card_info mv_credit_card_type mv_shipmode name order_numbers p_nickname password phone_day phone_night preferences s_nickname state time zip
A few of those fields are special in naming, though all can be changed via an option. A couple of the fields are reserved for Interchange's use.
Note: If not running with PGP or other encryption for credit card numbers, which is never recommended, it is important that the mv_credit_card_info field be removed from the database.
The special database fields are:
accounts Storage for billing accounts book address_book Storage for shipping address book b_nickname Nickname of current billing account carts Storage for shopping carts p_nickname Nickname for current preferences preferences Storage for preferences s_nickname Nickname for current shipping address db_acl Storage for database access control lists file_acl Storage for file access control lists acl Storage for simple integrated access control
If not defined, the corresponding capability is not available.
Note: The fields accounts, address_book, carts, and preferences should be defined as a BLOB type, if using SQL. This is also suggested for the acl fields if those lists could be large.
Reserved fields include:
code The username (key for the database) password Password storage time Last time of login