Help me be awesome in PHP/MySQL and make some user groups
May 1, 2009 2:17 PM   Subscribe

Building a comment system, and looking for good introduction to managing groups and users with PHP/MySQL, or a prerolled "user management system".

Ultimately, I need to setup a system for people to register as users, join (or be assigned to) groups, make comments (that are linked to their accounts), and filter comments by criteria (e.g., only show comments by other people in the same group). But, presumably, the "user" stuff would be separate from the "comment" stuff? So...broadly speaking, I need to create users and groups, and then track what every user does.

I found PHP User Class (, PHP Users (, and a short Sitepoint article ( after some quick Google searching. Anyone have any experience with either of those scripts, or know of any others? Or, know good resources to help me brew my own?

(As for why I am not just using Wordpress or Drupal or etc.,etc.etc.:)
I am working on a site involving a huge repository of text files and the ability to comment on those files. (1) the text files already exist as individual files (versus existing in a database somewhere), and (2) comments need to be on a per-line basis (versus the file as a whole, which is how CMS's usually work). Of course, if, with this vague description, you know of something that might be useful, let me know.
posted by isnotchicago to Computers & Internet (6 answers total) 3 users marked this as a favorite
This might or might not help you, but for comment systems I have switched to Intense Debate or Disqus. I love the advanced features and new approach to comments. It is also trivial to setup so you can comment on individual files. Just drop in a line of JS and you are ready.
posted by avex at 2:25 PM on May 1, 2009

What makes this project unusual is the whole line-by-line comments thing. What I have is a bunch of transcripts, and each line of each transcript needs to be able to have its own comments. So each line is wrapped in a <> and given its own ID, and that ID is stored in a database with the comment. All the comment systems I've seen (Disqus, the ones that ExpressionEngine, Wordpress, everywhere, etc. use) give you a comment box per page, rather than per item.

But I've never seen Intense Debate, so that's handy to put in my toolkit for the future.
posted by isnotchicago at 2:38 PM on May 1, 2009

You either need a turn-key system (and a willingness to deal with its limitations), or you need to hire someone who understands these things.

There are a lot of details here, more if you care about security, and it gets moderately complex, more than a couple of scripts" will handle.

Yeah, you can buy a house without a Realtor, you can set up an S-Corp without a lawyer, you can deliver your own baby at home, but there's a reason most people hire an expert. If your time and the results are worth anything, it's usually cheaper and faster and better to hire someone who knows enough to avoid newbie mistakes.

Or just use a turn-key system.
posted by orthogonality at 2:40 PM on May 1, 2009

Is this an "I want to have fun doing this" type project, or a "I need this done as quick as possible" or an "I need this done as well as possible problem"

If you're interested in doing this for fun and want to roll your own, you could try using CouchDB to store your data, rather then a relational database.

Also, have you thought about just using a wiki? People would be able to crap all over the comments, but obviously it's possible for people to be well behaved.

If you wanted to use disqus or some other online comment system, you'd need to break the text files into different, I guess, nodes so that they can be referenced individually.
posted by delmoi at 3:39 PM on May 1, 2009

The SitePoint tutorials aren't too bad, but really what it comes down to is this: a RYO solution is going to be easy if you (or whoever is doing it) knows what they're doing and has a little bit of common sense. It's going to be a struggle otherwise, and at worst you may open up some fairly bad security holes (things like properly escaping the session id strings passed in by the browser before sticking them in a MySQL query are trivial and only a function call away if you know to look for them, but utterly important). Using a pre-made user management library seems like overkill for me, and it can be really tricky to integrate those things into an existing site. I'd either get someone who knows what they're doing to hack it up quickly or go with a turnkey system.
posted by devilsbrigade at 4:43 PM on May 1, 2009

The project is a combination of "I want to have fun doing this" and "I need this done as quickly as possible".

Clearly user management is not a straightforward thing, so I was thinking of integrating a pre-made library/turnkey system/whatever for the "quickly as possible" side. We may wind up eventually outsourcing this to professionals, but for now something quick and dirty is fine enough just to see how things look. Any recommendations on this front?

Integrating an existing system or not, I would like to know how this is all done. The experts weren't always experts, and I am interested in learning for myself. Would looking at frameworks like CodeIgniter be worthwhile? (For instance, CakePHP has access control lists and authentication built-in.) What are things I should be reading about? ("Security", yes, but specifically?) Where should I be reading about these things? (Slog through the official PHP docs? MySQL docs?)
posted by isnotchicago at 7:09 AM on May 2, 2009

« Older help out a tattoo newb!   |   Are there any archery instructors in the... Newer »
This thread is closed to new comments.