NetTalk Central

« previous next »
Pages: [1]

Author Topic: Restricting access to a browse record from the Change button  (Read 3523 times)

Richard I

  • Sr. Member
  • ****
  • Posts: 398
    • View Profile
    • Email
Restricting access to a browse record from the Change button
« on: July 12, 2016, 07:48:09 PM »
Hi
I want to password protect changes to a record in a browse.

I have a browse window  with records.
One of the fields in the record is a password field  Name:password
I have copied into the  app, the loginForm and am calling that from the Change button
Can I code somewhere that if the loc:login = Name:password  on the record that has been highlighted , then allow the form to open?
Thanks
Richard
Logged

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11244
    • View Profile
Re: Restricting access to a browse record from the Change button
« Reply #1 on: July 13, 2016, 11:27:52 PM »
hi Richard,

I'm not sure I understand your exact flow, but when you get to the form the ID of the selected browse record should be in the session queue. So from that ID you can load the record from the table and compare the password.

cheers
Bruce
Logged

Richard I

  • Sr. Member
  • ****
  • Posts: 398
    • View Profile
    • Email
Re: Restricting access to a browse record from the Change button
« Reply #2 on: July 14, 2016, 01:55:32 AM »
Hi Bruce,
Thanks but can I explain further?
Im creating an open netTalk app that anyone can add a record to
The fields are Name etc and a password field or call it unique ID field
This is saved in the browse.
Should a person wish to change their  details in the browse then I want them to be only able to access their own particular browse record by their unique ID

Im trying to allow the form to be called conditionally on whether the code typed in to the generic login window matches the unique ID  in the highlighted browse record.

So it all happens in the process of calling the form
If the codes dont match then the form wont  open but a loc;alert should trigger....

I suppose Im asking whether your reply is available prior to the form being opened...?

Cheers
Richard




« Last Edit: July 14, 2016, 02:00:49 AM by Richard I »
Logged

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11244
    • View Profile
Re: Restricting access to a browse record from the Change button
« Reply #3 on: July 14, 2016, 10:32:27 PM »
Hi Richard,

>> Should a person wish to change their  details in the browse then I want them to be only able to access their own particular browse record by their unique ID

I think you're using one field to do 2 things, and that's probably not a good idea.
Rather have a proper, random, unique ID for the record (which the user never sees) and then let him enter his password for the record.

Your current system assumes that everyone will enter a unique password and that is definitely NOT gonna happen.

The user should identify themselves using a user name _and_ password, not just a password. And you should not even store the password (you should store a Salted-Hashed version of the password.)

start from there and let your design flow from that.

cheers
Bruce

Logged
Pages: [1]
« previous next »