CodeCharge Studio
search Register Login  

Visual PHP Web Development

Visually Create Internationalized Web Applications, Web Reports, Calendars, and more.
CodeCharge.com

YesSoftware Forums -> Archive -> CodeCharge.Discussion

 Re: Security Clue needed.

Print topic Send  topic

Author Message
kmc
Posted: 03/06/2001, 3:11 PM

Geeze, some days are dumb one's aren't they?
OK, I've got it - forget the previous post - duh!

Next time I won't "write out loud" until I've thrashed my problem a day or
two.

Slinks away.....

kmc


"kmc" <kmcook@tasmail.com> wrote in message
news:983nrk$2sr$1@mail.tankhill.com...
> No, no, not that way, else I'd be creating a page per user, surely?
>
> Users table:
> id - autonum -
> loginid - text
> name - text
> email - text
> ...etc
>
> Projects table: - to be displayed in grid/edit showing only logged on
users
> records
> id - autonum
> field...
> field...
> proj_manager - ForeignKey to id field in Users table - so I can pull name,
> email etc.
> field..
> ...etc
>
> What I need is, in addition to having the login id in the session
variable
> UserId,
> is to pick up the Pkey value from the User login record in the Users
table.
>
> Then, on invoking the gridform's page, an SQL query brings only the
records
> matching the users PK value picked up from the users table.
>
> So, I can add an SQL statement to the gridform, I require a session
variable
> too as input,
> but see no way to pick up the PK from the user table, only see the pick up
> of the actual login-id,
> (plus the optional sec level)
>
> I'd expect most 'user- verify - login' tables would not be keyed on the
> login id but a sysgen number'.
> In all work here, we store the user's PK against their task/project/case,
> not their login id.
>
> There's a clue in the newsgroup postings , item 'sessions' om 9/02/2001
from
> 'netk' that seems to go close
> to describing the same need as I have.
>
> This filtering is a BIG security issue here - I'll keep on to try and
solve
> with CC without manual coding.
> But...I'm sort of doubtful at the moment.
>
> Anyone done anything like this filtering according to userid key using CC
> autogen only?
>
> TIA
> kmc
>
>
>
>
>
>
>
> "CodeCharge" <support@codecharge.com> wrote in message
>news:9824dm$nq0$1@mail.tankhill.com...
> > Hi,
> >
> > I think that you may not be able to do this today directly in
CodeCharge,
> > but tomorrow we're releasing a new version that will contain additional
> > events, and you may use OnLogin Event in login form:
> > if bPassed then
> > if sLogin="Joe" then response.redirect("joe.asp")
> > end if
> >
> > Additionally, you will be able to completely replace CodeCharge
> > Authentication function with your own.
> >
> > Adam Stock
> > CodeCharge Support
> >
> >
>
>


   


These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

MS Access to Web

Convert MS Access to Web.
Join thousands of Web developers who build Web applications with minimal coding.

CodeCharge.com

Home   |    Search   |    Members   |    Register   |    Login


Powered by UltraApps Forum created with CodeCharge Studio
Copyright 2003-2004 by UltraApps.com  and YesSoftware, Inc.