Security/schema for different types of users?

Hi folks,

I am creating an app for an employment agency and I am kinda stuck with one of the issues with the data model.

There will be logins for both employees of the agency and for candidates. Does anyone have a recommendation for how to best handle this? Should there be separate tables to handle logging in from the frontend and then one for logging in through the backend? The obvious problem here is that different types of information will be held for different types of users.

Should the different parts of the app (frontend, backend) just simply have login actions pointing to different tables?

Thanks in advance,


So, the backend is for your customer and the frontend is for your customer’s customers?

Then I would separate these 2 apps definitely, with 2 kinds of user table and 2 kinds of auth system.

Thanks for your reply.

The idea would be to have a frontend where the person wh ois registered with the agency and is seeking work would be able to login, change details, search for jobs etc. Then at the backend, the staff of the company the site belongs to can log in, check user details, create jobs etc.

I started the site using the basic template. Would it be better to move this over to the advanced template?

Yes, I would use the advanced template. I believe it will make your project simpler than the basic template.

I actually asked about that at the link below before I started the app…

Is there any reason in particular why I would use the advanced template? I do appreciate your input and hope I dont take up much of your time but I am really trying to understand this better from a technical/professional perspective. Is this simply because there are two separate apps? Could you possibly (quickly, so as not to take up too much of your time) and give a rough concept for 2-3 apps, which template you would use and why? I think that would help me to better understand it.

Thanks again!

Um, it’s a very difficult question for me to answer.

I’m a programmer who thinks with a pragmatic manner, not an academic with a systematic thinking. I just thought that the advanced template will make things simpler for your particular needs.

Give me some time and let me think about it once again.

I also would like to hear other people’s opinions.

Thank you.

I too would be very interested in hearing other people’s thoughts on this. I have wondered if this forum would benefit from a sub-forum to discuss application development, database schemas etc. There are obviously other sites (such as StackOverflow) where such topics can be discussed but not only are the Yii forums so useful but it might be overall a lot more fruitful to be able to discuss such topics in an environment specific to the Yii framework.


Bump for anyone who wants to offer their advice/experience.

Basic app is what you go for in 90% of cases. As for the advanced one - I’m working right know on the webapp where administration part is separated from frontend - different layouts, structure etc. At the same time administrators can register new users for the frontend part (there is no registration part there - you signing in and using the app), so there have to be access to User model and so on. This is the case where advanced app comes handy although I could do the same thing using basic app with a bit of extra work - with advanced one few things are easier.

As for the separated tables for different kinds of users - if their data is very different (like say more than 20-30%) I would go for separated tables. With one table and such case you are just wasting the db space where some of the columns are empty because this particular user type doesn’t have this kind of data.