Web app implementation question.

Posted by John Berryman on Stack Overflow See other posts from Stack Overflow or by John Berryman
Published on 2010-12-29T03:39:00Z Indexed on 2010/12/29 3:53 UTC
Read the original article Hit count: 200

I would like to create a web app similar to Stack Overflow in that the users will have different "point" levels and that their capabilities within the web app will be different based upon their point level.

Question: How can this best be implemented? How can it be implemented in a way that is un-hackable (i.e. accessing capabilities that should not be available)?

I figure there are two ways to do this: server-side and client-side. For the server-side solution, for each page request you check who the user is and have the CGI rewrite the page so that the client only gets a web page with the intended capabilities. For the client-side solution, the server gives the client the fully capable app and it is the client's job to check the point level and to handicap the app appropriately.

It seems like the client-side solution would be easier on the server, (which is really important for my app), but more susceptible to someone hacking and using capabilities unwarranted by their point level.

© Stack Overflow or respective owner

Related posts about web-development

Related posts about web-applications