Getusername function

[tucker61]

I have a function called hetusername, which looks at who is logged on, to see if they have permissions to press certain buttons etc.

What this means is that a user could be logged on for 1 hour and in that time the code could check their user details 10 or more times.

Trying to think of a way that it inly needs to check the username once, and this is stored somewhere.

I do have a hidden timer form. So might be best just storing the data on that hidden form.

Any thoughts ?

 

[Gasman]

I used to ask people to log in, and stored it in a TempVar.

 

[theDBguy]

Even if you don't use a login form, you could probably use the getusername function once to store the username in a tempvar and then simply refer to that tempvar whenever you need that information rather than execute the function multiple times. Just a thought...

 

[azhar2006]

If you want to lock certain buttons inside the form, you can use (InputBoxDK) which is enough for that. I use it in most programs.

Private Sub Option8_BeforeUpdate(Cancel As Integer)

If Me.Option8 Then
    Me.Button name.Enabled = False
ElseIf InputBoxDK("Enter the password to unblock the print buttons.", "access-programmers.co.uk") = "pass" Then
    Me.Button name.Enabled = True
MsgBox " The ban has been lifted.", , "AZ"
Else
    MsgBox "Incorrect password", , "AZ"
    Cancel = True
End If

End Sub

 

[Gasman]

And just where do you find InputBoxDK ?

 

[tucker61]

If trying to set as Temp Vars.
Is the following correct - as i need to remove the first and last character from the username (as within AWS).

TempVars!MyTempVar = Mid(Environ("UserName"), 2, Len(Environ("UserName")) - 2) ' Create or set the TempVar

My Original code is below

Public Function GetUserName() As String
GetUserName = Mid(Environ("UserName"), 2, Len(Environ("UserName")) - 2)
End Function

 

[Gasman]

Debug.Print it and find out?
Might want to give it a better name as well? TempVars!Username ?

 

[azhar2006]

And just where do you find InputBoxDK ?

Code written by Daniel Klann
March 2003
64-bit modifications developed by Alexey Tseluiko and Ryan Wells (wellsr.com) February 2019

 

[tucker61]

Debug.Print it and find out?
Might want to give it a better name as well? TempVars!Username ?

Compile Error - Invalid outside procedure - Highlighting the "Username" in Mid(Environ("UserName")

 

[Gasman]

Code written by Daniel Klann
March 2003
64-bit modifications developed by Alexey Tseluiko and Ryan Wells (wellsr.com) February 2019

View attachment 116457

What is that doing, over and above a standard inputbox?

 

[Gasman]

Works for me in immediate window?

 

[azhar2006]

What is that doing, over and above a standard inputbox?

It just converts the numbers and letters in the inputbox into stars.

 

[Gasman]

I would have just used a form.

 

[azhar2006]

I would have just used a form.

Gasman I don't know why I love you so much. You are amazing ​

 

[tucker61]

I would have just used a form.

I have now added the fields i need to the hidden form. Thanks

 

[Gasman]

I have now added the fields i need to the hidden form. Thanks

That was directed at @azhar2006, re the inputbox?
You should be able to use your function anywhere?

 

[theDBguy]

If you don't use a login form, you will have trouble testing because you will need to find a way for "getusername" to return the ID you want to test with.

I inherited an app with a login form for the users to enter their username and password, and I decided to use GetUsername instead. I never had any problems with returning the ID, and the users were happy for not having to remember one more password.

 

[theDBguy]

I think you missed my point. Also, they can use whatever password they like. Assuming the login eliminates 50% of the user verification AND allows a random person to sit down at your desk as you.

I guess I did miss the point. I thought you were saying a login form is necessary.

 

[theDBguy]

When a log in is deemed necessary by the customer, you need to test the security such as it is. You seem to have decided to bypass the security check entirely. When you assume that only the user who ever opens the app is the one authorized, then you are just giving up. Why bother at all, let alone use 2 pieces of data instead of 1 to identify a user? Then assuming you actually want to test security, do you go to the user's desk to test as him or do you change your computer settings so you can pretend to be him?

Most apps don't need real security since they operate in a secure environment and people tend to not desk hop so I have no problem using the computer's credentials rather than a log in form when you don't need any security at all.

Hi Pat. All I need to grab from the session is the user's network username. With that, I can tell what they have permission to do within the app (role-based). Each user, of course, has their own unique network username, so nobody can impersonate another. In other words, the app is secured with just the username available, just as it was when it had a login form with a username and password - nothing is really bypassed, except the part where the user is asked to enter their password and then have to be verified. I got rid of that. No unauthorized person can use the app because of their assigned network username. Hope that makes sense...

 

[theDBguy]

I hear you and I disagree.

I understand. I hope you're not saying your way is the only way to do security. I don't think my app is less secure than it was when it had a login form.