0

I have a web application where I have 2 kinds of users: teachers and others. I have created a usertable where the accountinfo resides. with accountinfo, I mean emailaddress, username, password, lastactivitydate etc. Each user has a profile and a profile contains data like age, aboutme, address etc, so this info is in nature different from what is in the user table, that's why I have a separate UserProfile table with a FK of UserId pointing back to the user table.

I was quite happy with this design till I realized that the profile for a teacher has more fields then for others (the others may get additional fields that differ from those of teachers also in the future). For a teacher, I need for example his school etc. So then I would have an additional TeacherProfile table containing the extra data. So that would mean that I would do a join between 3 tables to get all the data for a teacher: User, BaseUserProfile, TeacherProfile. So I am wondering if it was a good idea to separate the base userprofile data to a separate table, of should I merge that table with the User table? What other options are there for this problem?

4

1 回答 1

1

2种用户

这些通常称为roles. 所以你通常会有这些表:

  • tbl用户
    • 用户 ID (PK)
    • 角色 ID (FK)
    • 电子邮件
    • 上次登录
    • 密码哈希
  • tblUserProfile
    • 用户配置文件 ID (PK)
    • 用户 ID (FK)
    • 包含教师和学生的列,一些值将NULL用于学生
  • tblUserRole
    • 角色 ID (PK)
    • 角色名称

我知道这可能是一项学习任务,但即使在那里开始使用良好的安全实践 - 根本不要存储密码(加密或未加密)。而是存储用于生成哈希的密码和盐的安全哈希。

于 2013-06-10T14:58:28.090 回答