Usersecurity help file

git-svn-id: file:///Users/Shitiz/Downloads/lssvn/trunk/unstable@452 b72ed6b6-b9f8-46b5-92b4-906544132732

admin/lang/english/users.html

@@ -0,0 +1,60 @@
+<body bgcolor="#E5E5E5">
+
+<p><font face="Verdana" style="font-size: 8pt; font-weight: 700">You are currently viewing the
+<u>User Control</u> section of PHPSurveyor.</font></p>
+
+<p><font face="Verdana" style="font-size: 8pt">From this point you can view and 
+edit the security settings and user access rights for your script.</font></p>
+
+<p><font face="Verdana" style="font-size: 8pt">PHPSurveyor security settings 
+rely on the Apache directory security system. If you are not using the Apache 
+web surver, you cannot use these security settings and you should initialise 
+directory security using your servers standard methods.</font></p>
+
+<p><font face="Verdana"><font style="font-size: 8pt"><u><b>Initialising Security<br>
+</b></u>The first time you run security from PHPSurveyor, it will 'initialise' 
+the security settings. When it 'initialises', the script finds the Apache &quot;htpasswd&quot; 
+executable file and creates a 'user' file. It also creates a 'htaccess' file in 
+your admin directory that restricts access to the admin directory to only those 
+users in the htpasswd file. The initial username and password are determined by 
+the 'default' settings in your config.php file. Once you have initialised 
+security succesfully, your browser will ask for this username and password 
+before allowing you to continue using the administration scripts of PHPSurveyor.</font></font></p>
+
+<p><font face="Verdana" style="font-size: 8pt"><u><b>Adding Users</b></u><br>
+Once you have initialised security and 'logged in', you will be able to view the 
+existing users on your system, add new users, delete users or modify users. This 
+is fairly straight forward. In the list of users that displays, click on the 
+&quot;edit&quot; button to modify an entry, or the &quot;del&quot; button to delete it. If there is 
+only one entry in the user table you will not be able to delete that.</font></p>
+
+<p>
+<font face="Verdana" style="font-size: 8pt; font-weight: 700; text-decoration: underline">
+Turning Off Security<br>
+</font><font face="Verdana" style="font-size: 8pt">To turn off PHPSurveyors 
+security settings, click on the &quot;Turn Off Security&quot; button. This will delete the 
+htpasswd, htaccess file and all user information from the directories.</font></p>
+
+<p><font face="Verdana" style="font-size: 8pt"><u><b>Limitations of PHPSurveyor 
+Security</b></u><br>
+Until a more flexible security system is implemented, it should be remembered 
+that the PHPSurveyor security settings are an 'all-or-nothing' affair. Users 
+either have access to ALL administration functions, or they have none. 
+Eventually a system is planned that allows you to set levels of access. Note 
+especially that the user security feature is accessible to all users, including 
+the PLAIN-TEXT PASSWORDS.</font></p>
+
+<p><font face="Verdana" style="font-size: 8pt"><u><b>Troubleshooting</b></u><br>
+If you are having trouble setting up security:</font></p>
+<ol style="font-family: verdana; font-size: 8pt">
+  <li><font face="Verdana" style="font-size: 8pt">Make sure you have read/write 
+  permissions in the admin directory. PHPSurveyor needs to be able to create a .htpasswd 
+  and .htaccess file here.</font></li>
+  <li><font face="Verdana" style="font-size: 8pt">Make sure you have access to 
+  the htpasswd executable file. On windows servers in particular, a copy of this 
+  will almost certainly need to be placed in the /phpsurveyor/admin directory 
+  along with the other scripts. On Linux servers, the script will attempt to 
+  find the htpasswd executable using &quot;find&quot;.</font></li>
+</ol>
+
+<p>&nbsp;</p>