E-Commerce Building

[rexist]

Hello, I'm currently building a e-commerce site from scratch.

I've built a library administration before but e-comm is something new for me so,

It's dynamic web using PHP, and sql database using PDO.

I've built the database, and I'm confused about something here.

My e-comm will have 2 kind of users operating in admin level. One is managing the sales, another managing the storage.

and I separate the login table from the admins, I wonder if it's the right choice or not. :mellow:

My question is:

Should I just make a table for admins with admin_level collumn and link it with admin_level table for deciding what kind of user are they.

or Just make 2 different table for sales_admin and storage_admin?

which one would be more efficient?

 

 

fyi these are my table now:

item_name [name_id, name, type_id, stocks, id_imgPath]

item_type [type_id, type]

items [item_id, name_id]

itemImgPath [id_imgPath]

admin [id, name, gender, address,  level_id, etc]

admin_level [level_id, level]

login[id, admin_id, username, password]

 

couldn't find the right keyword on google, might try to ask here

hope you can help, really confused, it's first time I make login system with two different kind of users.

sorry for bad english.

[Brenz]

Your best option would be 3 tables:

 

1. users
2. roles
3. user_roles

This allows you to expand the system at a later date and assign specific roles to users. Each user then has to be assigned each role specifically.

[Jirajha]

Your best option would be 3 tables:

 

1. users
2. roles
3. user_roles

This allows you to expand the system at a later date and assign specific roles to users. Each user then has to be assigned each role specifically.

 

This is probably the easiest to handle.

 

Some eCommerce Systems also handle logins OS-based if they are used internally. Especially if they are Windows-based since most decently sized companies are supposed to have a domain controller setup (if they use windows clientbased aswell). In this case, you just keep a table that's storing wich user can have access to which form they can access and/or use.  -edit: Or wich group of users can use certain forms.

 

In case of Window's Active Directory the keyword to look for would be LDAP. In case of a Linux-based environment you might want to look for a PHP package called PAM. NTLM integration for an Apache Webserver could be an option aswell.

Edited November 11, 2015 by Jirajha

[rexist]

Your best option would be 3 tables:

 

1. users
2. roles
3. user_roles

This allows you to expand the system at a later date and assign specific roles to users. Each user then has to be assigned each role specifically.

will try, thanks. So in the login table I should do

user_table(user_id, userinformation......)

role(role_id, role)

user_role (id, user_id, role_id)

login_tb(id, user_id, username, pass) relating with user_table?

does that sound good?

[rexist]

This is probably the easiest to handle.

 

Some eCommerce Systems also handle logins OS-based if they are used internally. Especially if they are Windows-based since most decently sized companies are supposed to have a domain controller setup (if they use windows clientbased aswell). In this case, you just keep a table that's storing wich user can have access to which form they can access and/or use.  -edit: Or wich group of users can use certain forms.

 

In case of Window's Active Directory the keyword to look for would be LDAP. In case of a Linux-based environment you might want to look for a PHP package called PAM. NTLM integration for an Apache Webserver could be an option aswell.

"In this case, you just keep a table that's storing wich user can have access to which form they can access and/or use.  -edit: Or wich group of users can use certain forms."

thanks, thisi is interesting, but how would the structure of table be? I mean for forms that users can access?

[Jirajha]

"In this case, you just keep a table that's storing wich user can have access to which form they can access and/or use.  -edit: Or wich group of users can use certain forms."

thanks, thisi is interesting, but how would the structure of table be? I mean for forms that users can access?

 

Think of a modular design:

You have a module that's responsible for stocks, one that is for item- and product data, one that does the connection to ebay, one for amazon etc.

 

Each module consists of it's own data structures. Each module also has it's own frontend (a form or in your case: a webpage), or a page within the frontend to be precise.

So each module typically has a table that just stores its own permissions for a user or a role.

user (user_id, user_name)role (role_id, role_name)user_role (id, user_id, role_id)role_generalPermissions(rgp_role_id, rgp_canInvoice, ...)role_StockPermissions(rsp_role_id, rsp_canAccessStockPage, rsp_canModifyStockPage, rsp_canTransferStock, ...)

Another thing I have seen would be something like:

user (user_id, user_name)role (role_id, role_name)user_role (id, user_id, role_id)role_permissions (rp_role_id, rp_permissionName, rp_permissionValue)

Storing each thing they are allowed to do in a new row.

Like:

rp_role_id  |  rp_permissionName  |  rp_permissionValue1                   CanAccessStuff           true1                   CanModifyStuff            false2                   CanAccessStuff           true2                   CanAccessStuff           true

[rexist]

 

Think of a modular design:

You have a module that's responsible for stocks, one that is for item- and product data, one that does the connection to ebay, one for amazon etc.

 

Each module consists of it's own data structures. Each module also has it's own frontend (a form or in your case: a webpage), or a page within the frontend to be precise.

So each module typically has a table that just stores its own permissions for a user or a role.

user (user_id, user_name)role (role_id, role_name)user_role (id, user_id, role_id)role_generalPermissions(rgp_role_id, rgp_canInvoice, ...)role_StockPermissions(rsp_role_id, rsp_canAccessStockPage, rsp_canModifyStockPage, rsp_canTransferStock, ...)

Another thing I have seen would be something like:

user (user_id, user_name)role (role_id, role_name)user_role (id, user_id, role_id)role_permissions (rp_role_id, rp_permissionName, rp_permissionValue)

Storing each thing they are allowed to do in a new row.

Like:

rp_role_id  |  rp_permissionName  |  rp_permissionValue1                   CanAccessStuff           true1                   CanModifyStuff            false2                   CanAccessStuff           true2                   CanAccessStuff           true

You've showed me pretty much the big picture... gonna try it thanks.