SEARCH:
Documentation
Programming With Andromeda
Web Programming

Public Pages

Andromeda can be used to build public sites, internal "desktop-style" sites, or combination sites that have separate public and private faces.

When a page is viewable by a person who has not logged in we call that a "public" page. A typical example would be an online catalog. All of the table maintenance pages, where users enter items, prices, and the like are private pages that require a login. But visitors to the site can browse through the catalog on public pages.

Web Security and Public Pages

A public page must be registered. This is because Andromeda operates on a Deny-by-default security model, and unless the page is registered, Andromeda will send people to the login page instead of the page itself.

Registering a page as public does not affect database security. If a public page attempts to access a table that requires a privileged login, it will receive an error from the database server!

Register a public page by adding it to the global array $MPPages. The index of this array is how you register it, not the value. The value can be anything and is ignored.

global $MPPages;
$MPPages['pagename_1']=1;
$MPPages['pagename_2']=1;

Database Security and Public Pages

If you have public pages, then presumably your program will be accessing tables in the database. Before you can do this you must grant access to those tables to the general public.

Here is how it works. When a visitor comes to your public Andromeda site, and the user has not logged in, then Andromeda will connect to the database with a username that has the same name as the database, and a password that has the same name as the database. This is called the "public" user and unless you give it some privileges the absolute only thing it can do is connect to the database, after that it cannot see even one table.

So the first thing we might do is grant this user read-only access to the items table. When you grant access to the public user, we use the special designation "$LOGIN" as the group name, as in this example:

table items:
    module: inventory
    description: items
    group $LOGIN:
        permsel: "Y"

This can also be done at the module definition level with by doing the following:

module inventory:
    uisort: 100
    description: Inventory
    group $LOGIN:
        permsel: "Y"