CMonteiro_PT
|
| Posted: 05/21/2004, 1:45 AM |
|
Hi everyone,
If I have 10 users and each one with his own record, how can I be sure that
he don't acccess other record by altering the url? I already have security
levels. But what I want is that when a users login (get in) with maybe a
session or something, with his ID, login and password they would only change
or update his record and not others. How do I accomplish this in the better
way?
Thank's in advance for any help.
--
-----
CM
Turn off your script-blocking feature on your antivirus software, and enjoy
CCS!
http://docs.codecharge.com/studio/html/CommonErrors/PageIIS.html?toc
-----
|
|
|
 |
materix
|
| Posted: 05/21/2004, 1:17 PM |
|
This is an interesting question, which I also would like to know the answer to.
|
|
|
|
Tony Do
|
| Posted: 05/21/2004, 5:44 PM |
|
Use the available Session("Userlogin"). You must implement security method
to table to accomplish this.
1/ Create the a field username in your table
2/ In the before insert of your form, assign the session("Userlogin") to
that field.
ie
<code>
EventCaller .username.value = session("UserLogin")
</code>
3/ In the before show event of your Record form
Check to see if it is in edit mode, if it is and the field user is different
to the session("UserLogin") then disable update and delete button.
<Code>
If (EventCaller.EditMode) AND (EventCaller.UserName.value <>
Session("UserLogin")) Then
EventCaller.UpdateAllowed = false
EventCaller.DeleteAllowed = false
EventCaller.[Updatebuttonname].visible = false
EventCaller.[Deletebuttonname].visible = false
End If
</Code>
Note: UpdateButtonName and DeleteButtonName is the name of your update
button and delete button
If you don't want user to see other users record then you could achieve this
by having an extra line in the above if block.
EventCaller.visible = false
"CMonteiro_PT" <geral@NOSPAM.pt> wrote in message
news:c8kfjo$2il$1@news.codecharge.com...
> Hi everyone,
>
> If I have 10 users and each one with his own record, how can I be sure
that
> he don't acccess other record by altering the url? I already have security
> levels. But what I want is that when a users login (get in) with maybe a
> session or something, with his ID, login and password they would only
change
> or update his record and not others. How do I accomplish this in the
better
> way?
>
> Thank's in advance for any help.
>
> --
> -----
> CM
>
> Turn off your script-blocking feature on your antivirus software, and
enjoy
> CCS!
> http://docs.codecharge.com/studio/html/CommonErrors/PageIIS.html?toc
> -----
>
>
|
|
|
|
|
