Access only specific record in a form using password (1 Viewer)

PANTM83

New member
Local time
Today, 14:14
Joined
Jun 9, 2022
Messages
3
Good evening guys!

I am creating a new database. I will have users where they can add to the form what they buy. for example
category - PHONE amount 1
category - LAP`TOP amount 2
etc..

I want each time they access the database to have access only to the record has username in order they can delete or add categories.
All this using a pass and username (They will have given this to me and i will have add these two (pass and username)) in the database

How can i do this ?
I try to find a way when they access the database and they add their username to have access only to their record in the form! Not only to see this record but also i want they can make changes!!

thx a lot
 

Gasman

Enthusiastic Amateur
Local time
Today, 12:14
Joined
Sep 21, 2011
Messages
14,051
You store the username in each record and use that as criteria to populate the form?
 

PANTM83

New member
Local time
Today, 14:14
Joined
Jun 9, 2022
Messages
3
You store the username in each record and use that as criteria to populate the form?
I am not so expert! I added username and password in a form (table) for example form-table MEMBERS

I am creating a login form using this tutorial. I want a member can connect to form MEMBERS
But i want to open a form and not a table! Also i want each time the person who open his record to the form, to be able to make changes in this record

 

isladogs

MVP / VIP
Local time
Today, 12:14
Joined
Jan 14, 2017
Messages
18,186
There are many ready-made examples of login forms you could use.
For example, see
 

Gasman

Enthusiastic Amateur
Local time
Today, 12:14
Joined
Sep 21, 2011
Messages
14,051
Forms are the front end to tables. :(
Users should never access tables directly.

Suggest you take a step back and review some more of those videos from that person above.
I am not talking about the login form, but the form whose records come from your table.
I used to store the relevant login details in TempVars, so they were always to hand.
When the user creates a record, you store their username. No need for a password in that table, I would have thought.
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 07:14
Joined
Feb 28, 2001
Messages
27,001
Just as a consideration, if you have a table of users, be sure that there is a unique ID number for each user, then on records where this "ownership" is possible/applicable, just store the user's unique ID, which will likely be shorter than the user's name. Then it is a matter of remembering the current user's login ID number even though they logged in by name. Have your form filter on the user's ID number and your users will only see what they bought.

Note also that if you are in a domain environment, it IS possible to have a user's domain ID fed to you by appropriate calls - if you wanted to do that. I won't make assumptions, but be aware that it IS possible. And if you do that, you don't even have to log in. You can trust the computer's system's login if the domain is set up for secure access.

If not in a strict / formal domain, never mind the previous paragraph.
 

Pat Hartman

Super Moderator
Staff member
Local time
Today, 08:14
Joined
Feb 19, 2002
Messages
42,981
I leave the login form open but hidden after everyone has logged in. That way I can keep other security information easily accessible from all other forms.

When you restrict access by a data value, you need to consider your own use or perhaps some kind of supervisory access so you need a "supervisor" flag in the user table.

A new user cannot create his own credentials. Each user must be added to the database by a "supervisor" or admin or whoever is in charge. I typically let the user pick his own password so when a new user is added, I set the password to "password". Then in the login form, if someone logs in with "password", I validate the log in but then make the user change the password before actually getting in to the application. I also have a reset to "password" option on the user maintenance form should someone forget their password so you can clear the old one and let them create a new one.

Then for all forms, the RecordSource query includes criteria:

Where UserID = Forms!frmLogin!UserID OR Forms!frmLogin!UserType = "supervisor";

This will restrict the records returned to those matching the userID OR any userID if the UserType is "supervisor"
 

PANTM83

New member
Local time
Today, 14:14
Joined
Jun 9, 2022
Messages
3
Forms are the front end to tables. :(
Users should never access tables directly.

Suggest you take a step back and review some more of those videos from that person above.
I am not talking about the login form, but the form whose records come from your table.
I used to store the relevant login details in TempVars, so they were always to hand.
When the user creates a record, you store their username. No need for a password in that table, I would have thought.
Do you have any specific video in your mind?

also is the use only username! anyone with this username can see records of this username!
I leave the login form open but hidden after everyone has logged in. That way I can keep other security information easily accessible from all other forms.

When you restrict access by a data value, you need to consider your own use or perhaps some kind of supervisory access so you need a "supervisor" flag in the user table.

A new user cannot create his own credentials. Each user must be added to the database by a "supervisor" or admin or whoever is in charge. I typically let the user pick his own password so when a new user is added, I set the password to "password". Then in the login form, if someone logs in with "password", I validate the log in but then make the user change the password before actually getting in to the application. I also have a reset to "password" option on the user maintenance form should someone forget their password so you can clear the old one and let them create a new one.

Then for all forms, the RecordSource query includes criteria:

Where UserID = Forms!frmLogin!UserID OR Forms!frmLogin!UserType = "supervisor";

This will restrict the records returned to those matching the userID OR any userID if the UserType is "supervisor"
Do you have any videos? or any access sample to check?? Its a bit confused for me
 

Gasman

Enthusiastic Amateur
Local time
Today, 12:14
Joined
Sep 21, 2011
Messages
14,051
No, just any that show how forms and tables are related?
Each username should be unique?, little point having them otherwise?, and as Doc mentioned store the PK of that username, instead of the actual name.
 

Pat Hartman

Super Moderator
Staff member
Local time
Today, 08:14
Joined
Feb 19, 2002
Messages
42,981
also is the use only username! anyone with this username can see records of this username!
I'm not sure I understand the question.

The user needs to log in. He enters his userID and password in the log in form. After it is validated, the switchboard or menu form is opened but instead of closing the login form, I set its .Visible property to No so it stays loaded allowing me to reference it but it is no longer visible. The upside of this is that when testing, I can make the login form visible and change various controls without having to log out and log back in which gets to be a pain while testing security. The WHERE clause I suggested above limits the rows to those created by that particular user OR to the person designated as supervisor or admin.
 

Users who are viewing this thread

Top Bottom