marco4000
Posts: 1
|
Posted: 01/20/2014, 9:54 AM |
|
Hello everyone I hope you can help me solve this problem.
I have a database with these records:
EmployeeID `
`LastName`
`FirstName`
`Title`
`` TitleOfCourtesy
`BirthDate`
`` HireDate
`Address`
I need that when a user logs in with their lastName and Firstname (such as passwords) can change only their own record without touching the others.
How can you do this with the program?
Thank you.
|
|
|
Lucius
Posts: 220
|
Posted: 01/20/2014, 12:23 PM |
|
You need to programatically (so you need to write some code) either:
- restrict the record grid, to only display you logged user data
- restrict the record that the update is allowed only for logged user and other records are displayed read-only
Both can be done on Page's After Initialize event of the Grid. Use help file and search for "Update Allowed Run-Time Property (PHP)" this topic shows you exactly how to do the latter. I also bet if you spend enough time with this help file and examples, you will be able to do the first option also.
|
|
|
ReneS
Posts: 225
|
Posted: 01/21/2014, 2:11 AM |
|
Hi,
Once a user logs in, CCS creates a session for that user. Use that to filter your records. So in pseudo code: WHERE SESSIONID=USERID
Look at the security section in CCS, you can define which fields are "session" fields and map them to your corresponding database fields.
Look also here: http://forums.codecharge.com/posts.php?post_id=110945&s_keyword=session
Rene
|
|
|
eratech
Posts: 513
|
Posted: 01/21/2014, 9:53 PM |
|
Agree with the example in the Help file "Update Allowed Run-Time Property" shows what to do. Have done that myself in a project.
E
_________________
CCS 3/4/5 ASP Classic, VB.NET, PHP
Melbourne, Victoria, Australia |
|
|
ReneS
Posts: 225
|
Posted: 01/22/2014, 3:24 AM |
|
You are making it to difficult in my opinion.
Just restrict your grid with (pseudo): WHERE CCGetUserID=UserName (or whatever you have mapped to your authentication within codecharge studio)
Then your done
Rene
|
|
|
ReneS
Posts: 225
|
Posted: 01/22/2014, 3:25 AM |
|
You are making it to difficult in my opinion.
Just restrict your grid with (pseudo): WHERE CCGetUserID=UserName (or whatever you have mapped to your authentication within codecharge studio)
Then your done
Rene
|
|
|
eratech
Posts: 513
|
Posted: 01/22/2014, 6:00 PM |
|
ReneS - yes, that will stop the Grid from showing 'wrong' records, but if a user figures out how to change the URL parameters to access the 'wrong' Record, it will need some blocking from updates too.
Currently I'm doing a "Limited" admin area for users to access items they are in charge off - and am using the Grid filtering to start with, but am also putting the check in the Record forms and the Report queries otherwise users will start jumping around to other users records. Even if they cannot update them, I don't want the financial stuff visible between users.
_________________
CCS 3/4/5 ASP Classic, VB.NET, PHP
Melbourne, Victoria, Australia |
|
|
|