Solved Using recordset match to set TempVars (1 Viewer)

mistyinca1970

Member
Local time
Today, 07:31
Joined
Mar 17, 2021
Messages
117
OK, I have a login form that uses recordset to validate the associated password entered into the login form.

I have been using this information entered to capture TempVars that will be used throughout the many forms in this DB. Up until now, it set the useraccess of the person who logged in and uses their email address via TempVars in any send email functions.

I'm going to be expanding the use of this database to multiple divisions in my org. And I only want certain records in various queries to be available to users who login with that respective division. So division is a column in the main table (tblContracts), and I am using it as a criteria in the query that is the data for one of the main forms.

Currently, I'm accomplishing this by having a combo box on the login form so the user can select his/her division. But that is really not the way I want to go. I would prefer it to find the corresponding division associated with that user and set it as a TempVars...then that TempVars will be the criteria in my query for the data associated with the form.

Anyway, here's my login form's login button on click event:
Code:
Private Sub btnLogin_Click()
    Dim rs As DAO.Recordset
    Dim db As Database
   
    Set db = CurrentDb
    Set rs = db.OpenRecordset("qryLoginAccess", dbOpenSnapshot, dbReadOnly)
       
    rs.FindFirst "Username='" & Me.txtUserName & "'"
   
    If rs.NoMatch = True Then
        Me.lblIncorrectLogin.Visible = True
        Me.txtUserName.SetFocus
        Exit Sub
    End If
    Me.lblIncorrectLogin.Visible = False
   
    
    If rs!Password <> Me.txtPassword Then
        Me.lblIncorrectLogin.Visible = True
        Me.txtPassword.SetFocus
        Exit Sub
    End If
    Me.lblIncorrectLogin.Visible = False
   
    TempVars("UserType") = rs!UserAccess_ID.Value
    TempVars("EmailAddress") = Me.txtUserName.Value
    TempVars("UserDivision") = Me.cboDivision.Value
           
    If rs!UserAccess_ID = 1 Then
        Dim prop As Property
        On Error GoTo SetProperty
        Set prop = CurrentDb.CreateProperty("AllowBypassKey", dbBoolean, False)
       
        CurrentDb.Properties.Append prop
    End If
   
SetProperty:
    DoCmd.OpenForm "frmUpcomingContracts"
    DoCmd.Close acForm, Me.Name

   
End Sub

And here is the recordset (qryLoginAccess) being called in this one:
Code:
SELECT tblStaffDivision.ID, tblStaffDivision.Email AS Username, ********* AS [Password], tblStaffDivision.UserAccess_ID, *********** AS Password2, tblStaffDivision.Division
FROM tblStaffDivision
ORDER BY tblStaffDivision.Staff;
(********** concatenated password removed here for security reasons)

So I want it to find the division associated with the email address of the user that logs in and set the TempVars off that. I don't know how to write this. I can't necessarily copy the password validation process as it is asking to see if the password entered matches the password associated with the username entered (email address). How do I tell it to find the division and set that TempVars?
Thank you,

EDIT:

Shoot! Why is it when I type it out and ask for help, I then see the answer? 🤦‍♀️I think this is it here:
Code:
    TempVars("UserType") = rs!UserAccess_ID.Value

So I would use
Code:
 TempVars("UserDivision")=rs!StaffDivision.Division

Gonna go try it out.
 
Last edited:

NauticalGent

CopyPaster of the First Order
Local time
Today, 10:31
Joined
Apr 27, 2015
Messages
4,502
Enjoying the conversation with yourself??

So which one on you is going to report back the results?
 

Minty

AWF VIP
Local time
Today, 15:31
Joined
Jul 26, 2013
Messages
9,068
If you brought the division in with the employee detail in the login form in the combo (hidden if necessary) it would be readily available from that, without needing to look it up anywhere?
 

isladogs

CID VIP
Local time
Today, 15:31
Joined
Jan 14, 2017
Messages
15,675
Whilst you're having fun testing your idea, one very important side issue to consider .

Storing user passwords in a database is risky. If these are accessed by anyone, you will be in breach of GDPR.
Not even the network admin should know users passwords.
If you really MUST do this, then make sure the saved passwords are strongly encrypted.
Better still, use Active Directory to check credentials.
 

mistyinca1970

Member
Local time
Today, 07:31
Joined
Mar 17, 2021
Messages
117
Enjoying the conversation with yourself??

So which one on you is going to report back the results?
I apologize. :oops: I often end up typing it all out, and then figure it out before I ever post the thread, in which case then I don't ever post it. In this case, I had already let the cat out of the bag. I'll see if I am able to delete the thread.
 

mistyinca1970

Member
Local time
Today, 07:31
Joined
Mar 17, 2021
Messages
117
Whilst you're having fun testing your idea, one very important side issue to consider .

Storing user passwords in a database is risky. If these are accessed by anyone, you will be in breach of GDPR.
Not even the network admin should know users passwords.
If you really MUST do this, then make sure the saved passwords are strongly encrypted.
Better still, use Active Directory to check credentials.
Right now it is a concatenated algorithmic password; not something the user chooses himself. Once I am done testing all this, I will move to something the user is able to reset. Baby steps. (This is a learn as I go project!)
 

mistyinca1970

Member
Local time
Today, 07:31
Joined
Mar 17, 2021
Messages
117
If you brought the division in with the employee detail in the login form in the combo (hidden if necessary) it would be readily available from that, without needing to look it up anywhere?
The previous scenario was setting the tempvars from the combo, but I want to restrict the access to the division associated with the user. I don't want the user to select a division and then have access to that division's records if that's not the division they wanted. This also gives me the option to allow certain users a "*" division that will give access to all records.
 

mistyinca1970

Member
Local time
Today, 07:31
Joined
Mar 17, 2021
Messages
117
Hi. Have you tried using DLookup()?
I have not. Don't know how that one works. However, I am happy to report that I did successfully add the line of code I needed to accomplish this! I was wrong in my first post. I ended up adding:
Code:
TempVars ("UserDivision") = rs!Division.Value
Works as intended!

Thanks!
 

isladogs

CID VIP
Local time
Today, 15:31
Joined
Jan 14, 2017
Messages
15,675
@mistyinca1970
1. You should never delete a thread which has answers.
2. I'm not sure exactly what you mean by a 'concatenated, algorithmic password. However, whether its that or one that users set/reset themselves isn't relevant to the point I was making.
NEVER save passwords in a format that is readable by humans. Encrypt them using 128-bit encryption (or better).
 

theDBguy

I’m here to help
Staff member
Local time
Today, 07:31
Joined
Oct 29, 2018
Messages
17,601
I have not. Don't know how that one works. However, I am happy to report that I did successfully add the line of code I needed to accomplish this! I was wrong in my first post. I ended up adding:
Code:
TempVars ("UserDivision") = rs!Division.Value
Works as intended!

Thanks!
Congratulations! Glad to hear you got it sorted out. Cheers!
 

Users who are viewing this thread

Top Bottom