Jeff
|
| Posted: 02/25/2003, 11:48 AM |
|
Hello, I am using CC 2.0 ASP with templates and have built a nice website, but I need to restrict users to just their information. I would like to do this by passing the logon Id into a field when a user inserts a record, and then show only records to a user that they have created. I have read the forum for 3 days now but cannot get the session variable to work. someone please spell it out for me?
My login works well, it is taken from a table that contains the following fields (login password securitylevel)
|
|
|
|
Kip Dole
|
| Posted: 02/25/2003, 2:17 PM |
|
When the user logs in add a session variable
Take a look at my project. I just did this for learning.
1. You need several levels of security.
2. Set up the user as a level 1.
3. Look at the properties of page_login >form_login>Events>Custom Login
This adds a session variable for UserCompany
Session("UserCompany") = CLng(DLookUp("dbo_person_security", "company", "login =" & ToSQL(sLogin, "Text") & " and password=" & ToSQL(sPassword, "Text")))
4. Look at the menu_default and what happen when they click Call Log. It send them to the page_redirect_default.
If they only have a level 1 it will take them to page_call_log_customer_grid
Notice they don't have a search screen.
Notice the page_call_log_customer_grid input parameter looks at a session variable UserCompany and only shows those records for that customer.
*// Of course if the user level was 2 they would be sent to a page with a search form.
There are probably many ways of doing this but this worked for me. Good Luck!
If you want to see my test program go to:
www.afcnfc.com/myhelp/
There are 4 different passwords and levels you can use. Try the programmer and customer.
customer customer
support support
programmer programmer
admin admin
www.afcnfc.com/call_log/call_log.zip
|
|
|
|
Jeff
|
| Posted: 02/25/2003, 4:51 PM |
|
Thanx Kip,
If I could ask one question? How would you make it so that your support staff could only see their records? that is what I am really looking for. I beleive I have to use the UserId variable as a session but for the life of me I can't figure it out.
Hope you can help, thats pretty neat what you have done by the way
|
|
|
|
|
|
