Today at 11:07pm, Oscar Schultz said:
The app should support winxx, mac, unix, linux and text (if possible). The app
also must scale from localhost to intranet to internet. The app must also
scale from a few users up to several hundred or more concurrent users.
Security of data is more important than speed or user ease of use. The app
should also require the minimum software installs on the user's machine and
add no additional security risks for the users.
As I have reviewed the various requirements and options basing app on the web
is the best option I see. Feel free to make your suggestions.
I 100% agree with that conclusion. I'm glad I'm not the only one who feels
that way.
That leaves php or perl unless someone knows some really cool c and c++
tricks.
For a web-based application, PHP is far ahead of perl.
That still leaves the problem of how to secure the app and make some of the
user information persistant - no one wants to enter their userid and password
on every form. Cookies and hidden data fields seem to be the only real
option. What are the other options? I have considered having one user enter
the data and a second confirm the data. Right now cookies still look like the
best option.
I would highly recommend using PHP Sessions for this. They're incredibly
easy to use, easier to secure, and very widely used for this purpose.
They're based on cookies underneath, but PHP takes care of all the details
for you.
I do PHP+MySQL development day in and day out, and have been doing so for
several years now, so if I can be of any assistance in finding good
solutions to the problems you'll run into, please let me know.
The key is that if you don't *really* have to be web-accessible, then
don't.
I think this is one case where web-accessible makes the most sense. By a
landslide in my opinion.
People have brought up several desirable qualities: all leaders and
parents can get at the data at any time, data stays when scoutmaster
leaves, and many others. Those alone are just screaming for a web-based
application. Anything installed on the scoutmasters computer is
automatically out, cause it doesn't meet those requirements. Something
installed on the ward computer _could_ meet those, but not the "at any
time" part, and definitely not easily due to many demands on that one. Not
to mention that church policy might not like random third-party apps, and
random scout parents, on a computer that is supposed to be kept as secure
as possible.
Despite all the security concerns that have been expressed, a web
application is the best way to solve this problem. Is it a perfect
solution? No, but neither is anything else, and it comes closer than all
the rest to meeting all the requirements/desires.
As was stated so nicely, let the more security conscious people fork if
they want, but if you build it, they will come. If the system is good and
useful and reasonably secure, it will draw plenty of interest and support.
We can't let ourselves be unreasonably held hostage by security fears. The
benefits and the risks must be weighed and a balance found between the
paranoid and the security-ignorant solutions.
Keep up the great work, Oscar!
Thanks,
Mac
--
Mac Newbold Code Greene, LLC
1440 S. Foothill Dr. Suite #250
Office: 801-438-0142 Salt Lake City, UT 84108
Cell: 801-694-6334 www.codegreene.com
_______________________________________________
Ldsoss mailing list
Ldsoss@lists.ldsoss.org
http://lists.ldsoss.org/mailman/listinfo/ldsoss
