Hello, I am working on a voting system for my schools' computer science classes. Students in each class will vote for the student of the week. The student heirarchy is represented in the Zope filesystem by folders: at the top is the class folder, then period folders and finally student folders. Each student folder contains an acl_users with that students login information. An important feature in this voting program is to authenticate students when they vote, so that they are not able to vote in classes/periods they are not in. My current problem is figuring out where in the aquisition path the voting scripts should go, so that when a user goes to the voting form it prompts him/her to login and builds a list of students based on the class this student belongs to. So far I can build the list of students by using aquisition, but I am having trouble with authentication. Here is the voting form i can generate by looping through the folders in the advanced topics class (which only has one period, so it is not sectioned into periods): http://linus.yorktown.arlington.k12.va.us/Adv/vote_form I hope my explination made some sense ;) What I would like to know is how some of you would approach this problem? How should I go about designing this voting form, security wise? Any other suggestions? thanks a bunch, - lex ===== "The Python literature says implement time-critical bits in C, the C literature says implement the time-critical bits in assembler, some assembly programmers hand-craft critical machine code, and you could always design and fabricate your own chips." - Tim Rowe, digitig@cix.co.uk __________________________________________________ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com