CodeCharge Studio
search Register Login  

Web Reports

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

YesSoftware Forums -> Archive -> CodeChargeStudio.Discussion

 User authentication + password reminder

 Print topic Send topic

Author Message
AlPacino
Posted: 06/11/2003, 1:52 AM
Hi,

is there any forum topic or documentation how to implement multiuser system
with CCS. When user login to manipulate only with their records and have
permission to change (edit) only apropriate records.. I have developed
standard CCS login box...and user groups..made pages restricted etc..

But how to implement user sessions or something like that.

Platform: win2k , ASP, Access 2002

Any link would be appreciate , Thanks a lot
DonB
Posted: 06/11/2003, 5:55 AM
It sounds like what you want to do is have each user view and manipulate at
set of data that is keyed to their userID where each user's data is distinct
and separate from all others.

The way to accomplish this is to ensure all queries involve the userID:
(e.g., SELECT * FROM sometable WHERE userID = 123, or UPDATE sometable SET
somecolumn = somevalue WHERE userID = 123).

This way you let each user manage only their own data, hiding the data keyed
to all other users. An important thing to remember, is that CCS will let
you pass the UserID as part of the parameters passed via the URL (e.g.,
www.mydomain.com?userID=123). This is NOT secure at all. Use the (perhaps)
less obvious technique of modifying the datasource to include a
"session"-type parameter in the WHERE clause, which utilizes the UserID
stored in a session variable by your login form, instead of something tacked
onto the URL. The user can easily change the URL and defeat your security.
Using the session variable is much more secure. Click the "..." button in
the Properties window on the Data Souce line. This is where you select the
WHERE clause values.

DonB


"AlPacino" <don@infobih.com> wrote in message
news:bc6qk0$l22$1@news.codecharge.com...
> Hi,
>
> is there any forum topic or documentation how to implement multiuser
system
> with CCS. When user login to manipulate only with their records and have
> permission to change (edit) only apropriate records.. I have developed
> standard CCS login box...and user groups..made pages restricted etc..
>
> But how to implement user sessions or something like that.
>
> Platform: win2k , ASP, Access 2002
>
> Any link would be appreciate , Thanks a lot
>
>

   


These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

Web Database

Join thousands of Web developers who build Web applications with minimal coding.
CodeCharge.com

Home   |    Search   |    Members   |    Register   |    Login


Powered by UltraApps Forum created with CodeCharge Studio
Copyright © 2003-2004 by UltraApps.com  and YesSoftware, Inc.