Msg#: 4629499 posted 2:26 am on Dec 11, 2013 (gmt 0)
First of all thank you for having a place like this for people like me who is starting to develop.
I'm trying to create a site that generates different urls for each an every one of the values on a Data Base previously created with all the info that should be displayed in that url.
It's an application / website that people could get to by scanning a QR code with their phones or typing the url on the address bar (the las part of the url is the employee's number) and retrieving their (insurance) information, it's information that most likely will remain static for the most part of the year unless an event (accident) has to be reported, only then the administrator should be updating the data.
I already have my html / css template set and I have a basic knowledge of php and python (django) and have no problems with the DB (MySQL) for the server side, I'm also considering using Angularjs since it's just one page but changing according to the request made.
Msg#: 4629499 posted 2:18 pm on Mar 26, 2014 (gmt 0)
Ditto what phranque said - I would want some type of authentication rather than having that out there in the clear.
Some big companies have a shocking disregard for this sort of thing, but it doesn't mean it's okay. One example: as of a couple of months ago, if I knew your email address I could pull up all your Jet Blue flights from the past couple of years. Based on an email inquiry from a complete stranger and using only the email address, I learned his full name and determined that he had traveled from city A to city B round trip on certain dates, from which I also learned that he had run a marathon while there.
Msg#: 4629499 posted 12:23 am on Mar 30, 2014 (gmt 0)
Thank you all, I'm sorry for taking this long but my client decided to drop the project and then I went to San Francisco, come back to Mexico, changed job so I took a while to get back on my feet and then my client decided to retake the project.
Anyways, phranque is right, what I'm planning to use is Oauth for each and every user that way only the ones with a valid email account (Yahoo, Hotmail, Gmail) can access it; I have used it on different occasions and apps that I use and everything seem fine to me.
Also phranque is right about the forming of the url: www.myapp.com/1234567, that's exactly what I was thinking, that way the employees only have to remember the site url and then add their employee's number.