I am new to Zope (less than a week) and I'm in the process of writing a small portal where users can sign themselves up. Right now it is working, but I have a few known problems - one of which is that my routine that checks for duplicate User IDs is case-sensitive (i.e. it would allow "bob","Bob" and "BOB" all to register). I also realize that what I have right now is kluged together - I'm sure there is a more efficient (and more elegant) way of doing what I've done. Here's the basic outline of what I have done so far. It is very skeletal right now, as I'm figuring out how to use Zope. Public Access page: -> Contains link to sign up -> Contains link to members only side Private Page: -> contains link to make entry in member database -> contains link to list members Logic Flow: NewLAGUserForm - captures first attempt to create User ID & calls VerifyLAGUserForm VerifyLAGUserForm - checks data, if all OK, calls AddLAGUser, otherwise redisplays entry form (with appropriate error messages) and submits input to VerifyLAGUserForm again AddLAGUser - makes entry into acl_users with appropriate role, makes entry into SQL database with user information, emails "thank you" message to user with User ID & password info SECURITY QUESTION: - In order for this to work I had to set the security for on acl_users (for this folder) to "Manage users" for "Anonymous". Does this open up any way for someone to gain access directly to the acl_users folder? I've tried to and it seems like it is still safe - I have the 'Member' role hardcoded into the add user script. Code Examples Rather than post lengthy codes segments to the list, I put all of the code examples online as text files via the following link: http://examples.subbob.net (non-zope) The working implementation of the above files may be found at: http://www.subbob.net:8081/wargames Feel free to try it out as I'm only in testing right now and will be purging the database when testing is complete. Outstanding Questions: 1) How to track a "state" within a given DTML Document or Method? The Verify form is very cumbersome as I go through each "test" twice. The first set of nested ifs are used to determine the overall validity of the submission - if it gets to the "center" of the nest, the data is submitted. If any errors exist, then I retest each parameter prior to redisplaying the form in order to flag the associated input box with an error message. I had to do that way because I couldn't figure out a way to accomplish it like this in DTML: If email-good then email-error=0 else email-error=1 Then check, if all error values=0, submit the form, otherwise display the errors. I'll appreciate any feedback on what I've done so far - I've probably violated most accepted practices of "good" zope coding! :)