Visitors and guests
Visitors/guests have lowest access in labdb. In some cases they may be able to perform basic searches to one or more modules. Although the output will contain minimum details, it could still be a useful feature in some resources.
This category contains three types of users.
A Standard User has enhanced access to all modules and records in terms of browse and search features.
A Manager has all the rights of a Standard User and, in addition, can access many system-wide and module settings as well as perform back up of module database tables.
Finally, an Administrator has all the rights of a manager as well as greater access to settings. The Administrator can also create/ban/delete user accounts.
A registered user (both Standard as well as Manager) can be assigned the role of a module curator. Such a user can manage module contents. The Curator has the ability to add, delete and modify module records. Multiple browse options are provided to facilitate module data management.
The following diagram outlines the flow of information in labdb.The default/main landing pages are INDEX (standard user interface) and ADMIN.The admin interface allows backend entry to the site. A sitelock feature can be used to restrict access to the default landing page.
Software access control
PHP-based session method has been implemented to authenticate users and limit content delivery.
The function page_protect when placed in the beginning of a page will regenerate a valid session and allow contents to be restricted to registered users. Visitors/guests will get a warning or error message.
For this to work effectively page_protect must be combined with $_SESSION superglobal variable, preferably using session generated user_id value.
Users and access privileges
User levels are defined in GVAR2 script file. The following four levels are allowed -
- full access to software, users, and modules
- full access to assigned module(s),
- most access to SETUP and database record backup
- enhanced browse and search access to resource modules
- can curate modules if enabled
- no access or bare minimum search access to module records
The software is designed to scan the web directory for folder names with prefix mod_. All such folders are recognized as modules. The SQL database table contains a list of all installed modules.
A new module folder (uploaded in the directory) can be installed by managers and administrators using the SETUP script. The module folder contains the following script files and subfolders.
- Required subfolders
- Required files
- browse.php (browse records)
- info.txt (brief description of the module)
- input.php (html form to input records)
- manage.php (manage database records)
- mod_setup.php (customize module operations)
- mod_var.php (module-specific variables)
- navtab.php (module-specific navigation links/buttons)
- output.php (output records on the screen)
- search.php (allow searching of database records)
- sql.sql (SQL table structure to add to database)
- Recommended files
- mod_function.php (module-specific functions)
Module access control
The global variable access is used to set user access to modules. Its value ranges from 0 to 7. See below for details.
0 No access to module
1 Minimum search option
2 Enhanced search option, minimum browse option
3 Enhanced search and browse options
4 Above features plus ability to enter new records to a module
5 Above features plus the ability to update existing module records
6 Above features plus the ability to enter new and update existing module records
7 Full access to search, browse and alter module records
In addition to access, the following discrete variables allow fine grain control of module records. The variables are global in scope and are set as TRUE or FALSE.
s Minimum search option
sE Enhanced search option
b Minimum browsing option
bE Enhanced browsing option
mE Insert new records to a module
mU Update existing module records
mD Delete existing module records
The relationship between access and discrete variables is shown below.
access level 1 - s
2 - sE, b
3 - sE, bE
4 - sE, bE, mE
5 - sE, bE, mU
6 - sE, bE, mE, mU
7 - sE, bE, mE, mU, mD
Displaying module records
Records can be viewed in a box format using a function box_table. This function takes an array of 12 variables (all required) and displays records and their locations in a table format. Box size (row and height) can be specified. Default is 10x10 size box.
Three different navigation function (tools) are available to enable browsing of module records. These provide FRONT/BACK links and a SELECT dropdown list.
- The box_navbar accepts an array of 7 (min) or 13 (max) variables and allows navigation of records using FRONT/BACK and dropdown links. This is used for the box table format.
- The second tool nav_tab_tool accepts an array of 10 variables. It allows browsing of records (using FRONT/BACK navigation links) in a table format.
- The last and final one, jump_to_page_tool, accepts the same array as nav_tab_tool but shows a dropdown list and allows the user to view any page/set of records in a table format. The table will need to be drawn separately.
Global and module-specific features and access controls
The SETUP script file allows control of certain features including access (user access). It is accessible to Managers and Administrators. Use it to make changes that affect the entire system and modules. The module-specific fine controls are now placed in MOD_SETUP script file (located inside each of the module folders), a preferred place to keep features that are unique to each module.
The boxmap script in wormdb-specific module file MOD_FUNCTION can be used to get a bird's-eye view of current box table during entering a new or modifying an existing record.
Global and module-specific messages
Messages are divided into two broad categories - system-wide (global) messages (placed inside the script GMSG) and module-specific messages (inside MOD_VAR script in each module folder).
The global function rel_date_format accepts date in a specific format, i.e., January 2, 2013, and outputs an array of three elements: software release year and software release date (long and short formats).
The site_lock feature in SETUP script allows lock down of the entire site. The admin can still access the site via backend (ADMIN) and make some changes. However, this approach has many problems and therefore not very useful. The only immediate application could be to block access to the site in the event of an issue. Significantly more work is needed to develop a full-fledged backend admin interface. This will be done in the future.