Results 1 to 8 of 8
  1. #1
    Join Date
    Jun 2011
    Posts
    26

    Unanswered: Security Question

    Hi All,

    I'm almost finished with a database I've created and would like to add a few security features. I am looking to be able to password restrict certain button actions by either a single login at the opening of the database or by each time that particular button is clicked. The main reason is that I only want some people to use the edit and delete buttons while restricting those buttons from others. Is it possible to do something like this and if so how?

    Thanks

  2. #2
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,418
    Provided Answers: 7
    Yes this can be done.

    What I would of done was built the Security in as I was written it.


    this is just 1 way of doing it.

    Store the Type of User in a PUBLIC varaible in the Program

    Create a Login Table With User / Password / Type of user

    then when the DataBase is open Show the Login form
    check the Password then set if OK set the PUBLIC varaible



    Create a Function

    Function OK(TypeOfUser)
    OK = False
    if TypeOfUser=PUBLIC_varaible then OK=True
    End Function

    now what I would do

    in the TAG Feild of the button add the Type of User that Can get in

    Private Sub Command1_Click()
    if OK(me.Command1.Tag)=False then Exit Sub

    'Rest of your Code
    .....
    .....

    End Sub
    Last edited by myle; 08-10-11 at 03:10.
    hope this help

    See clear as mud


    StePhan McKillen
    the aim is store once, not store multiple times
    Remember... Optimize 'til you die!
    Progaming environment:
    Access based on my own environment: DAO3.6/A97/A2000/A2003/A2007/A2010
    VB based on my own environment: vb6 sp5
    ASP based on my own environment: 5.6
    VB-NET based on my own environment started 2007
    SQL-2005 based on my own environment started 2008
    MYLE
    YOUR PASSWORD IS JUST LIKE YOUR TOOTHBRUSH DON'T SHARE IT.

  3. #3
    Join Date
    Jun 2011
    Posts
    26
    Hi Myle, thanks for your response, but I'm still having trouble as I'm not familiar with everything in your reply.

    I've made a module with the type of user:

    Module1
    Code:
    Option Compare Database
    Option Explicit
    
    Public staff As Variant
    Public admin As Variant
    Public master As Variant
    made a login table:

    User / Password / Type of user
    Staff / aaa / Staff
    Admin / bbb / Admin
    Master/ ccc / Master

    made a login form:

    includes User textbox, Password textbox, and validate button

    I'm sorry if this is juvenile, but I'm lost from this point on. I don't even know if I've done things correctly so far. How do you tie the table to the text boxes? How do you validate the username and password and then set that to the public variable? Where do I include the function? Do I recode the function to look like this?

    Code:
    Function OK(TypeOfUser)
    OK = False
    if TypeOfUser=staff then OK=True
    if TypeOfUser=admin then OK=True
    if TypeOfUser=master then OK=True
    End Function
    I appreciate your help. I thought I had a grasp on vba and access, but I realize there is a lot I still have to learn.

    Thanks again for your time and help.

  4. #4
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,418
    Provided Answers: 7
    Public staff As Variant
    Public admin As Variant
    Public master As Variant
    Public CurrentUser as Variant ' What can this user do

    you OK function will have to change a bit good try

    Function OK(TypeOfUser)
    OK = False
    if TypeOfUser=staff then OK=True : Exit Function
    if TypeOfUser=admin then OK=True :Exit Function
    if TypeOfUser=master then OK=True :Exit Function
    End Function


    in the code under the validate button
    set the CurrentUser value

    now in the code under each button

    if OK(CurrentUser)=False then Exit Sub
    ....
    rest of your code.
    hope this help

    See clear as mud


    StePhan McKillen
    the aim is store once, not store multiple times
    Remember... Optimize 'til you die!
    Progaming environment:
    Access based on my own environment: DAO3.6/A97/A2000/A2003/A2007/A2010
    VB based on my own environment: vb6 sp5
    ASP based on my own environment: 5.6
    VB-NET based on my own environment started 2007
    SQL-2005 based on my own environment started 2008
    MYLE
    YOUR PASSWORD IS JUST LIKE YOUR TOOTHBRUSH DON'T SHARE IT.

  5. #5
    Join Date
    Jun 2011
    Posts
    26
    Thanks again for the reply. I'm still not understanding how to use the username and password from the table to validate their identity and then how to use the associated typeofuser from the table to set that to the current user.

    I appreciate your help

  6. #6
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,418
    Provided Answers: 7
    when they click the validate button

    do a

    checkPassword = Dlookup("Password","LoginTABLE","User = '" & Me.userName &"'")

    if CheckPassword = me.typeinpassword then
    CurrentUser = Dlookup("TypeOfUser","LoginTable","User = '" & Me.UserName & "'")
    docmd.openForm "MainMenu"
    else
    msgbox("Can't found your Password in table")

    End if
    hope this help

    See clear as mud


    StePhan McKillen
    the aim is store once, not store multiple times
    Remember... Optimize 'til you die!
    Progaming environment:
    Access based on my own environment: DAO3.6/A97/A2000/A2003/A2007/A2010
    VB based on my own environment: vb6 sp5
    ASP based on my own environment: 5.6
    VB-NET based on my own environment started 2007
    SQL-2005 based on my own environment started 2008
    MYLE
    YOUR PASSWORD IS JUST LIKE YOUR TOOTHBRUSH DON'T SHARE IT.

  7. #7
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    persoanlly Id use the network logon
    I'd add the network logon to the releavnt workgroup file + groups
    then query the workgroup object to find out if that user had the required user permissions

    user doesn't have to logon and or remember passwords
    when a user leaves their network logon is revoked by the netwrok trolls so their is no security issue

    granted this approach only works where the workgroup security is active, that means any Access version before Office 2010 (but that may also be prior to 2007)
    I'd rather be riding on the Tiger 800 or the Norton

  8. #8
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,418
    Provided Answers: 7
    Thought of that would of been harder to explain
    hope this help

    See clear as mud


    StePhan McKillen
    the aim is store once, not store multiple times
    Remember... Optimize 'til you die!
    Progaming environment:
    Access based on my own environment: DAO3.6/A97/A2000/A2003/A2007/A2010
    VB based on my own environment: vb6 sp5
    ASP based on my own environment: 5.6
    VB-NET based on my own environment started 2007
    SQL-2005 based on my own environment started 2008
    MYLE
    YOUR PASSWORD IS JUST LIKE YOUR TOOTHBRUSH DON'T SHARE IT.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •