I am tasked with creating a web form for people to update their details. I have existing data which I need to authenticate users against to make sure we are updating the correct person. I get the feeling that if I code this from scratch I will be reinventing the wheel.
I'm looking either for an online survey solution like SurveyMonkey (but not SurveyMonkey as it does no have automatic authentication) or a web form system that I can install and configure.
Seems like I need to build my own.
I will code in PHP and use a MySQL database. The login screen will take three bits of information, which if found in a record in the database, will show the user a screen with their old data, and a form for updating this data. They enter their new data and hit submit which will put their information into another table in the database.
Nothing to hard but I'd rather use a pre-made system which is already debugged and comes with with some built in tools so the users can manipulate the data.
Related
Problem Statement
I'm working on building out a single-page Django web app and am trying to implement the following functionality:
- All viewers of the page are associated with a state. There are buttons on the page which enable viewers to change their state.
- The application stores a list of all current viewers of the page, and their associated states. Whenever a user changes their state, this stored list of viewers updates with this new information.
- The application should display how many people are online (viewing the page) at a given time.
Blockers
I'm unsure of how to collect a list of all current viewers of a page in Django, nor how to collect how many users are currently viewing the page.
Ideally, my application would not require a login to use: therefore, I'd rather either associate viewer state with a user object that doesn't require sign-in, or not associate viewer state with a user object (I'm still new to user objects though, so forgive me if this point doesn't make complete sense).
What I'm Looking For
A discussion of higher-level strategies which I can use to implement this functionality, or other places to look to gain insight in tackling my problem. I'm pretty new to Django, so I'd appreciate it if answers also direct me to locations in my Django project which are of relevance (e.g. "Consider doing X in views.py, then..."). Alternatively, if there are GitHub projects you know of with similar functionality, if you could direct me to them to investigate further, that would also be appreciated.
I'd be happy to offer further clarification as required. Thanks in advance!
I am writing this question after considerable investigation into this matter.
I have gone through Google's easy dashboards (gadash JS library), superProxy and plain analytics API, and couldn't find the best solution for my needs, although I can't believe my needs are so uncommon.
This is why I am turning to you, I have got a feeling I am missing something.
My requirement:
Display my own analytics account data to users on my website, preferably with Google's chart API or ga-dash, to resemble google analytics views as much as possible.
Users will not have to take part in authentication with Google API
Each user has his own query which is built dynamically !! (this is probably why superProxy cannot work for me because I think you need to manually set the queries in advance)
I use django-python as the basis for my website
problems with solutions I tried:
GAdash library - the problem is that each user has to be authenticated, and shown their own data, meaning they need access to my profile- that's simply not what I am looking for. It works great, but only for me. On the other hand if there was a way to make my profile truly public...
superProxy - sounds like a solution for this need exactly, however I don't think that you can programmatically set the queries.
I did find a way to retrieve the data for a query on the server side using my own credential which is a bit hacky, I am still missing that JS library which will parse this XML on the client side and display it as charts.
EDIT:
I ended up using Mark's solution (embeddedanalytics), since I could not find a better, easier solution.
Other alternatives were:
1. superProxy (lacking the ability to dynamically, programmatically loading new queries)
2. gaDash library - requires authentication from each user
3. Implement my own server side querying, and display to the user with some js graphics library - which would require considerable work on my side.
Check out www.embeddedanalytics.com. This is a platform/service which will do exactly what you are looking to do (disclosure - I work with them).
We also support your requirement that each user have its own dynamically built query. This is what we call our CMS Integration version. Are you trying to create a dashboard system for a CMS system you have built?
On the site that I'm developing we need to track the last visited page for each user (users login to the site). What's the best way to do this? We are already using a custom profile so adding a new field is easy. The site will not have a lot of traffic so updating this field wont be an issue, i think. Are there better ideas? Does sitecore already offers something that we can possible use?
OMS has a "Top Exit Pages" report by default... but that is tracked across sessions, not users.
A good IIS log parser should also be able to give you this information... again, that would be by session (or IP) and not logged in user.
If you really want to get every exit page AND filter by logged in user... what I would do is add a new pipeline processor to httpRequestBegin, and place it after the ItemResolver. Then save the Item.Paths.Path. I would advise against writing this data to the user Profile if you are using the default ASP.NET Profile handler and you have a decent amount of traffic, because it is highly inefficient. Roll your own simple storage solution here, or just dump the data to a log.
My first question would be: Why do you need only the last visited page of the user? What are you trying to determine?
In a lot of cases, you are probably starting down an analytics route, or perhaps even trying to drive some marketing.
If the analytics is what you are going for, you can probably just pop an event out to your google analytics account with the current username as an event variable to allow you to look at analytics by user and by page. Alternatively, you could use the Sitecore OMS/DMS features for tracking all that data and looking at the analytics there.
If you are looking at driving marketing, you probably want to use OMS/DMS, especially if you want to start getting into personalization or engagement plans. OMS/DMS will track user activity, and all the pages they visit, though not by user account. With some customizations, you can probably add that data in, but it will depend on what you are trying to use the information for. The username may not be what is important to you.
If, however, you just want to know what page to send the user back to after logging them in, it would be better to just store that in session or pass as a post parameter if session is not a viable option for you.
i would like to know a good software engineering way to store user preferences in a web app.
to clarify further, my app has commands that the user can choose, so
i added a button that when some commands are selected, these commands are saved as favorites somewhere on the client's machine, that way if user X logs in at anytime he can check his favorite commands and load them automatically..
how to save these commands and where? and taking into consideration that several users using the same computer should not have access to each's favorites, so i want the favorite to be saved based on userID. where and how to save them? cookies? xml? and using php or javascript is better?
thx a lot for your help:)
The best way to do this is have them log in whenever accessing your site. Then you store all of the preferences on your server and deliver them down through your UI to their browser. This will mean that it doesn't matter what browser/device they happen to be using, their settings will follow them.
I'm not sure I like the idea of modifying someone's "favorites" in their browser. I'm not sure I'd stick with a site that wanted that level of control over my browser.
Now, if you are just talking about having a page on your site that had a list of "favorites", then that's okay. Just keep it server side.
Most typical would be to store them in a database of some sort on the server side, easily accessable by the UserID. Keep in mind 'preferences' are different from 'state'. State variables are usually stored via whatever cookie mechanism you are using.
What is your web app using to hold the data on the back-end? Most likely, that is where you will want to store user preferences. Since you will already be accessing that back-end (a database, perhaps?) to authenticate the user for login, retrieving that user's preferences is a simple step from there.
The real story here is that we need more details. Are you storing authentication information in a database, or something else? How are your user sessions stored (i.e., when a user logs in, how does your web app tell that his browser is logged in on subsequent requests)? Your question seems to state this, but to clarify, are these PHP pages containing some amount of Javascript?
Depends on your requirements. You will need to choose either to store user preferences in your database, provided your users authenticate, this is probably preferred solution. But if it meets your requirements you can save user preferences in a cookie.
Here is are javascript functions and jquery plugin with examples on how to work with cookies.
You're building a web application. You need to store the state for a shopping cart like object during a user's session.
Some notes:
This is not exactly a shopping cart, but more like an itinerary that the user is building... but we'll use the word cart for now b/c ppl relate to it.
You do not care about "abandoned" carts
Once a cart is completed we will persist it to some server-side data store for later retrieval.
Where do you store that stateful object? And how?
server (session, db, etc?)
client (cookie key-vals, cookie JSON object, hidden form-field, etc?)
other...
Update: It was suggested that I list the platform we're targeting - tho I'm not sure its totally necessary... but lets say the front-end is built w/ASP.NET MVC.
It's been my experience with the Commerce Starter Kit and MVC Storefront (and other sites I've built) that no matter what you think now, information about user interactions with your "products" is paramount to the business guys. There's so many metrics to capture - it's nuts.
I'll save you all the stuff I've been through - what's by far been the most successful for me is just creating an Order object with "NotCheckedOut" status and then adding items to it and the user adds items. This lets users have more than one cart and allows you to mine the tar out of the Orders table. It also is quite easy to transact the order - just change the status.
Persisting "as they go" also allows the user to come back and finish the cart off if they can't, for some reason. Forgiveness is massive with eCommerce.
Cookies suck, session sucks, Profile is attached to the notion of a user and it hits the DB so you might as well use the DB.
You might think you don't want to do this - but you need to trust me and know that you WILL indeed need to feed the stats wonks some data later. I promise you.
I have considered what you are suggesting but have not had a client project yet to try it. The closest actually is a shopping list that you can find here...
http://www.scottcommonsense.com/toolbox.aspx
Click on Grocery Checklist to open the window. It does use ASPX, but only to manage the JS references placed on the page. The rest is done via AJAX using web services.
Previously I built an ASP.NET 2.0 site for a commerce site which used anon/auth cookies automatically. Each provides you with a GUID value which you can use to identify a user which is then associated with data in your database. I wanted the auth cookies so a user could move to different computers; work, home, etc. I avoided using the Profile fields to hold onto a complex ShoppingBasket object which was popular during the time in all the ASP.NET 2.0 books. I did not want to deal with "magic" serialization issues as the data structure changed over time. I prefer to manage db schema changes with update/alter scripts synced with software changes.
With the anon/auth cookies identifying the user on the client you can use the ASP.NET AJAX client-side to call the authentication web services using the JS proxies that are provided for you as a part of ASP.NET. You need to implement the Membership API to at least authenticate the user. The rest of the provider implementation can throw a NotImplementedException safely. You can then use your own custom ASMX web services via AJAX (see ScriptReference attribute) and update the pages with server-side data. You can completely do away with ASPX pages and just use static HTML/CSS/JS if you like.
The one big caveat is memory leaks in JS. Staying on the same page a long time increases your potential issue with memory leaks. It is a risk you can minimize by testing for long sessions and using tools like Firebug and others to look for memory leaks. Use the JS Lint tool as well as it will help identify major problems as you go.
I'd be inclined to store it as a session object. This is because you're not concerned with abandoned carts, and can therefore remove the overhead of storing it in the database as it's not necessary (not to mention that you'd also need some kind of cleanup routine to remove abandoned carts from the database).
However, if you'd like users to be able to persist their carts, then the database option is better. This way, a user who is logged in will have their cart saved across sessions (so when they come back to the site and login, their cart will be restored).
You could also use a combination of the two. Users who come to the site use the session-based cart by default. When they log in, all items are moved from the session-based cart to a database-based cart, and any subsequent cart activity is applied directly to the database.
In the DB tied to whatever you're using for sessions (db/memcache sessions, signed cookies) or to an authenticated user.
Store it in the database.
Do you envision folks needing to be able to start on one machine (e.g. their work PC) but continue/finsih from a different machine (e.g. home PC)? If so, the answer is obvious.
If you don't care about abandoned carts and have things in place for someone messing with the data on the client side... I think a cookie would be good -- especially if it's just a cookie of JSON data.
I'd use an (encrypted) cookie on the client which holds the ID of the users basket. Unless it's a really busy site then abandoned baskets won't fill up the database by too much, and you can run a regular admin task to clear the abandoned orders down if you care that much. Also doing it this way the user will keep their order if they close their browser and go away, a basket in the session would be cleared at this point..
Finally this means that you don't have to worry about writing code to deal with de/serialising the data from a client-side cookie, while later worrying about actually putting that data into the database when it gets converted into an order (too many points of failure for my liking)..
Without knowing the platform I can't give a direct answer. However, since you don't care about abandoned carts, then I would differ from my colleagues here and suggest storing it on the client. Why store it in the database if you don't care if it's abandoned?
Then again, it does depend on the size of the object you're storing -- cookies have their limits after all.
Edit: Ahh, asp.net MVC? Why not use the profile system? You can enable an anonymous profile if you don't want to bother making them log in
I'd say store the state somewhere on the server and correlate it to the user's session. While a cookie could ostensibly be an equal place to store things, if you consider security and data size, keeping as much data on the server as possible becomes a good thing.
For example, in a public terminal setting, would it be OK for someone to look at the contents of the cookie and see the list? If so, cookie's fine; if not, you'll just want an ID that links the user to the data. Doing that would also allow you to ensure the user is authenticated to the site in order to get to that data rather than storing everything on the machine - they'd need some form of credentials as well as the session identifier.
From a size perspective, sure, you're not going to be too concerned about a 4K cookie or something for a browser/broadband user, but if one of your targets is to allow a mobile phone or BlackBerry (not on 3G) to connect and have a snappy experience (and not get billed for the data), minimizing the amount of data getting passed to the client will be key.
The server storage also gives you some flexibility mentioned in some of the other answers - the user can save their cart on one machine and resume working with it on another; you can tie the cart to some form of credentials (rather than a transient session) and persist the cart long after the user has cleared their cookies; you get a little more in the way of fault tolerance - if the user's browser crashes, the site still has the data safe and sound.
If fault tolerance is important, you'll need some sort of persistent store like a database. If not, in application memory is probably fine, but you'll lose data if the app restarts. If you're in a farm environment, the store has to be centrally accessible, so you're again looking at a database.
Whether you choose to key by transient session or by credentials is going to depend on whether the users can save their data and come back later to get it. Transient session will eventually get cleaned up as "abandoned," and maybe that's OK. Tying to a user profile will let the user keep their data and explicitly abandon it. Either way, I'd make use of some sort of backing store like a database for fault tolerance and central accessibility. (Or maybe I'm overengineering the solution?)
If you care about supporting users without Javascript enabled, then the server side sessions will let you use URL rewriting.
If a relatively short time-out (around 2 hours, depending on your server config) is OK for the cart, then I'd say the server-side session. It's faster and more efficient than accessing the DB.
If you need a longer persistence (say some users like to leave and come back the next day), then store it in a cookie that is tamper-evident (use encryption or hashes).