IWP is great to put a quick application form together for the web. I would like to create an user account for the people who submit their info, so they can edit it again later if needed.
I would like to use FM account feature to handle the login credentials. The problem with that approach is that I don't know how what the privilege set of the a first-time user should have; After-all a script must be able to create a new user account. Would granting a firts-time user those privileges great gaping security hole?
Can someone recommend a strategy for creating web submission form, that can be edit by the user later?
This is what I got so far.
- The first-time with 'guest' credentials log in throught a weblink.
- The FM startup script redirect the user to the only template the user has access to a located ONE specific record.
- The new-User types up a username and password and submit it. The submit-script (Full access privileges) does some anti-spam checking, checks if the username exist and if not create the user name and relogs the user in with their new credentials.
Am I on the right track here? What happens if two new-user try to submit a new username at the same time? is there a way around that?