Retrieving One persons data after login using UserID Session

CodeCharge Studio

Register

Login

Visual Web Reporting

Visually create Web Reports in PHP, ASP, .NET, Java, Perl and ColdFusion.
CodeCharge.com

YesSoftware Forums -> CodeCharge Studio -> ASP

Retrieving One persons data after login using UserID Session

Author

Message

Brady

Posted: 07/06/2004, 12:22 PM

I have an editable Grid I created with the wizard and when a user logs in I want the Grid to open up only that persons monthly information on it. Codecharge examples show select from a list of items I have no problem with that. I need a one to one.

Example
-A user logs in. The UserID session number 100023 which is the employees primarly key value. I have an editable grid that has the following to retrieve the information

SELECT SSNum, monthy_status, [date], complete
FROM Monthly_table1
WHERE SSNum = '{UserID}'

I have a textbox on the page and the UserId is coming across. I set the default value to CCGetUserID()

I tried making this field hidden and have "WHERE SSNum = {textbox1} but that didnt work.

All I get back is the first person info in the database.

If anyone can help I would appreciate it. Thanks B

DonB

Posted: 07/06/2004, 7:49 PM

First, for security reasons, do not use a query parameter as the selection
criteria in a situation like this. The user can change that to anything
they like. Not secure at all!

In the Data Source, set the Where parameter Field to SSNum, the condition to
"equals (=)", the type to "Expression" and set the Parameter Source to
"CCGetUserID()".

This will set the grid datasource to display all records for that one
UserID. The selection will be completely managed on the server side where
the user can't fiddle with it at all.

--
DonB

logging at http://www.gotodon.com/ccbth, and blogging at
http://ccbth.gotodon.net

"Brady" <Brady@forum.codecharge> wrote in message
news:640eafc090d14b@news.codecharge.com...
> I have an editable Grid I created with the wizard and when a user logs in
I want
> the Grid to open up only that persons monthly information on it.
Codecharge
> examples show select from a list of items I have no problem with that. I
need a
> one to one.
>
> Example
> -A user logs in. The UserID session number 100023 which is the employees
> primarly key value. I have an editable grid that has the following to
retrieve
> the information
>
> SELECT SSNum, monthy_status, [date], complete
> FROM Monthly_table1
> WHERE SSNum = '{UserID}'
>
> I have a textbox on the page and the UserId is coming across. I set the
default
> value to CCGetUserID()
>
> I tried making this field hidden and have "WHERE SSNum = {textbox1} but
that
> didnt work.
>
> All I get back is the first person info in the database.
>
> If anyone can help I would appreciate it. Thanks B
> ---------------------------------------
> Sent from YesSoftware forum
> http://forums.codecharge.com/
>

Benjamin Krajmalnik

Posted: 07/07/2004, 10:41 AM

Don,

I use this technique extenively, but merely set the parameter type as
session, and the source as UserID.

DonB

Posted: 07/07/2004, 12:05 PM

That works, but I felt going through the function interface (rather than
grabbing the session variables directly) would be a better habit to follow,
should Yes alter the security mechanism at some point in the future. The
function is also consistent across other platforms (well, at least for PHP)
so there's less to be concerned with when porting from one to the other.

--
DonB

logging at http://www.gotodon.com/ccbth, and blogging at
http://ccbth.gotodon.net

"Benjamin Krajmalnik" <kraj@illumen.com> wrote in message
news:cchcjm$ds$1@news.codecharge.com...
> Don,
>
> I use this technique extenively, but merely set the parameter type as
> session, and the source as UserID.
>
>

Brady

Posts: 1

Posted: 07/19/2004, 10:00 AM

Excellent! Thank I did exactly what you said and it worked great! Thanks for all the help!

Quote DonB:
First, for security reasons, do not use a query parameter as the selection
criteria in a situation like this. The user can change that to anything
they like. Not secure at all!

In the Data Source, set the Where parameter Field to SSNum, the condition to
"equals (=)", the type to "Expression" and set the Parameter Source to
"CCGetUserID()".

This will set the grid datasource to display all records for that one
UserID. The selection will be completely managed on the server side where
the user can't fiddle with it at all.

--
DonB

logging at http://www.gotodon.com/ccbth, and blogging at
http://ccbth.gotodon.net

"Brady" <Brady@forum.codecharge> wrote in message
news:640eafc090d14b@news.codecharge.com...
> I have an editable Grid I created with the wizard and when a user logs in
I want
> the Grid to open up only that persons monthly information on it.
Codecharge
> examples show select from a list of items I have no problem with that. I
need a
> one to one.
>
> Example
> -A user logs in. The UserID session number 100023 which is the employees
> primarly key value. I have an editable grid that has the following to
retrieve
> the information
>
> SELECT SSNum, monthy_status, [date], complete
> FROM Monthly_table1
> WHERE SSNum = '{UserID}'
>
> I have a textbox on the page and the UserId is coming across. I set the
default
> value to CCGetUserID()
>
> I tried making this field hidden and have "WHERE SSNum = {textbox1} but
that
> didnt work.
>
> All I get back is the first person info in the database.
>
> If anyone can help I would appreciate it. Thanks B
> ---------------------------------------
> Sent from YesSoftware forum
> http://forums.codecharge.com/
>

Send private message

Add new topic

Subscribe to topic

These are Community Forums for users to exchange information.
If you would like to obtain technical product help please visit http://support.yessoftware.com.

Web Database

Join thousands of Web developers who build Web applications with minimal coding.
CodeCharge.com

Home | Search | Members | Register | Login

Powered by UltraApps Forum created with CodeCharge Studio
Copyright © 2003-2004 by UltraApps.com and YesSoftware, Inc.