SteveS
Posts: 41
|
| Posted: 01/24/2005, 4:31 AM |
|
Hi,
I have a table with username, password, telephone number etc in. When the user logs in (using the username and password from this table) I would like to resulting page to hide all records that do not match the username. The user will then just see their own data and be able to change it.
This needs to be implemented as security so the user cannot change the link to access someone elses data.
Thanks for any assistance.
Regards,
SteveS
steve@spstsl.co.uk
|
 |
 |
GaryDN
Posts: 34
|
| Posted: 01/24/2005, 6:04 AM |
|
if you use the session value for username as a filter it will only show you the data that matches.
so in Table Parameter you select type to be session. Parameter source is the session name of your userlogin and you should be set.
|
|
|
|
SteveS
Posts: 41
|
| Posted: 01/24/2005, 6:48 AM |
|
Thanks for the help Gary - is this a secure solution? ie if a user *user_id=1) changes the url (ie ?user_id=3) will they see the data?
|
|
|
|
mrachow
Posts: 509
|
| Posted: 01/24/2005, 7:17 AM |
|
Session variables are living on the server only. They are not a part of the URL (no GET parameter).
_________________
Best regards,
Michael |
|
|
|
Tamer
|
| Posted: 03/17/2005, 5:46 PM |
|
After I was able to browse the matched records based on user login. When I try to update it, It does not save the user id to the related tabels.
So, If I have 5 tabled that have 5 different pages with one login, When I go to page No#2 for example, and update a field and save the record, It dosn't save the user id, so when i try to retrieve agin it will come up on this user profile.
Any help will be appreciated
|
|
|
|
Oper
Posts: 1195
|
| Posted: 03/17/2005, 6:12 PM |
|
In DataSource Definition use
Userid = ccgetuserid() (as Expresion)
_________________
____________________________
http://www.7bz.com (Free CMS,CRM Developed in CCS)
http://www.PremiumWebTemplate.com
Affiliation Web Site Templates
Please do backup first |
|
|
|
Tamer
|
| Posted: 03/18/2005, 1:12 PM |
|
Hello,
which page you are refering to. I did that on the miantenance and the list pages and it gave me an error that ccgetuserid() is not defined.
One more question, I'm already using UderId as a session parameter to pass the values to the page. However, it's still not working
Regards,
Tamer
Quote Oper:
In DataSource Definition use
Userid = ccgetuserid() (as Expresion)
|
|
|
|
S_A
Posts: 29
|
| Posted: 03/18/2005, 11:24 PM |
|
Tamer,
You should put CCGetUserID() in the "default value" section of the properties of the control you are working with. That will work OK. If you wish to save this to a field in the form record make sure that the control source is bound to that correct field. You may optionally wish to change the field to a label (so that it can't be edited) or better still hide it as the user usually has no need to see who they are.....as they should know!
|
|
|
|
