Web app implementation question.
Posted
by
John Berryman
on Stack Overflow
See other posts from Stack Overflow
or by John Berryman
Published on 2010-12-29T03:39:00Z
Indexed on
2010/12/29
3:53 UTC
Read the original article
Hit count: 200
web-development
|web-applications
I would like to create a web app similar to Stack Overflow in that the users will have different "point" levels and that their capabilities within the web app will be different based upon their point level.
Question: How can this best be implemented? How can it be implemented in a way that is un-hackable (i.e. accessing capabilities that should not be available)?
I figure there are two ways to do this: server-side and client-side. For the server-side solution, for each page request you check who the user is and have the CGI rewrite the page so that the client only gets a web page with the intended capabilities. For the client-side solution, the server gives the client the fully capable app and it is the client's job to check the point level and to handicap the app appropriately.
It seems like the client-side solution would be easier on the server, (which is really important for my app), but more susceptible to someone hacking and using capabilities unwarranted by their point level.
© Stack Overflow or respective owner