Can someone please walk me through setting up web database permissions? I am using Access as my database. I am having a hard time understanding the concept.
For example:
When I login as
Admin: All rights
Teacher: Add, Edit rights
Student/parent: no rights

I do not understand on the format code to perform this function. Any help would be greatly appreciated.
Thank you, Phillip

Well, it seems to me, you need some sort of login script and a user level.

An admin would have his/her username and password to type in, when they do this, they will be reconized by the userdata base as admin.

A teacher would have his/her username and password to type in, when they do this, they will be reconized by the userdata base as a teacher.

A Student wouldn't have a username and password to type in, for they would not need to, and they would just visit the site, and have no access commands. So anyone that doesn't sign in, is reconized as default, or student/parent/user.

Understand?

Now, I believe you will need to take some time to find/create a login script, and add the user levels into it. This might be a large task for you if you want to have complete safetly, and that really depends on what the information in the database is. Such as personal information or marks and grades.

Reply if you need more help or have any more questions.

I have created a login script that recognizes the user name and user level but isn't there something I have to set up on the database end to get it to work. Right now after you login, it welcomes you into the group you belong to, just not display the database permissions. Admin, Teachers, Students/Parents all see the same database permissions.

Does this make any sense?

Read the tutorial I gave you in the other thread, that should help some... then what you can have is some field in the database that has a permission level, such as:

permissionlvl

with a value of 1, 2, 3, 4, or 5 for instance...

Then store their UserID in a session variable or cookie, and whenever they request information from the database, check the db to see what their permission level is., i.e.:

permissionquery = "SELECT permissionlvl FROM mytable WHERE userid = " & Request.Cookies("userid")
set rs = conn.execute(permissionquery)
If not rs.EOF Then
permissionlvl = rs("permissionlvl")
Else
Response.Redirect("login.asp")
' Or, as Morgoth suggested, something like
' permissionlvl = 1 for general users
End If

Select Case permissionlvl
Case 1
'Write basic information, etc.
'I usually call different subroutines to Response.Write
'different HTML depending upon a condition, as in this example
'like for instance Call DisplayBasicInfo()
'which would call a subroutine called "DisplayBasicInfo()"
'that would write the appropriate HTML...
Case 2
'Write something different...
Case 3
'I think you get the idea now.
Case Else
'Display everything
End Select

According to that, you can decide which queries to run or what information you want to display on the page, etc.

That's just one simple way to do it (and likely not the most efficient), but it's the basic idea, and should be effective.

Where's glenngv? He might have an even better way to do this with Access, or some other nifty ideas. :)

I agree with whammy on this. He has a good method.
But... it is confusing sometimes.