Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setting the CurrentUser

Status
Not open for further replies.
neillovell

neillovell

Programmer
Aug 27, 2002
560
0
0
GB
Hi,
I have a timesheet database which, as a front end, has a form which references a query which in turn references a table. The query filters all records from the table whose LogOnName field matches that of the CurrentUser() (I'm using the security features of Access to have people log on).

My company wants the form to be a webpage, so I created a data access page (based on the form) but had problems accessing the data by double clicking on the .htm file. I've found that this is because since I am outside of Access there is no value returned from CurrentUser() when called from my query (users get a log in prompt when accessing the .htm file by double clicking, but this is a standard windows one).

So...

can I set the CurrentUser() to return the logged in user, the name that appears in the log in box when users double click on the .htm file?
If you need me to be clearer please say!
 
Sort by date Sort by votes
Come on Neil - you should know better than multi-post time wasting.

thread701-382357 G LS
accessaceNOJUNK@valleyalley.co.uk
Remove the NOJUNK to use.

Please remember to give helpful posts the stars they deserve!
This makes the post more visible to others in need! :-D

 
Upvote 0 Downvote
I figure not everyone reads every forum, so this way I reach the most people.

The query forum isn't visited as much as the Other Topics forum, so I guess I'll just post there from now on (defeating the point).
 
Upvote 0 Downvote
No. (shortest answer?)

MichaelRed
m.red@att.net

There is never time to do it right but there is always time to do it over
 
Upvote 0 Downvote
What about using vba? The problem is while the database is being accessed MS access isn't really running.

What if I put some vba in to the open.form event? could that work?
 
Upvote 0 Downvote
What if
1) remove the security settings from Access
2) Password protect the actual .mdb file on the network
3) when the form is accessed (as a .htm file) users have to type in their name + password on a space on the form. That information is checked using VBA (or referencing a table?) then the SQL returns the rows that corralte to that name.

Would that be acceptable do you think?
 
Upvote 0 Downvote
Acceptable, like beauty, lies in hte eye of hte beholder. If you need the security, going w/ kludges is a risk. The degree of risk only varies with the degree of security vs. the intensity of the hack. You CAN, for a quite modest price, purchase complete "password code breaker" software package specifically for MS ACCESS, so even the supplied system is far from totally safe. There are some who do a home brew version, where they store the user id information in a table and provide a custom "logon" form for each instantiation. These hardy individuals claim their security is 'good enough' and also say they are able to set permissions and limit use of objects in the database based on hteir 'simplified' security. So your question is one which only you can really answer.

How good is good enough?

How much effort will it be for you to code the level of protection you are comfortable with?

What liabilities (the LEGAL aspects) are exposed if/when the information is exposed through security loop-holes?

More questions ... not any answers.

MichaelRed
m.red@att.net

There is never time to do it right but there is always time to do it over
 
Upvote 0 Downvote
well I think any member of staff could if they really wanted go out and hack in to the database. Even now I could access the scripts on our server and cause havoc, there doesn't seem to be much security, so I think the company would look at it as a "bonus".

All I need is to complete this one step and the application is almost complete! I just need the database query to recognise the login name and password the user enters on the .htm page. If I set the WHERE clause to be WHERE (Table.Name = 'neil-lovell') it works fine, 100% perfectly. But because it says WHERE(Table.Name = CurrentUser()) it fails!!!

I am desperately trying to work round this one final problem!
 
Upvote 0 Downvote
Just include a login (name pw) on the Home. Get this and use it as the "CurrentUser" in the lookup aginst your private table. It is generally acceptable to also require the pw and to encrypt that item.

MichaelRed
m.red@att.net

There is never time to do it right but there is always time to do it over
 
Upvote 0 Downvote
I'm a bit lost on that suggestion Michael. You're saying I should have a name and password prompt on the intranet homepage, then use that information and pass it through to Access to be used as "CurrentUser". How can I get the information from Internet Explorer through to Access?
 
Upvote 0 Downvote
Not really the [CurrentUser()], as that cannot (AFAIK] be done, as this is R.O., but perhaps [MyUser] as a local var. Passage of info from Web2program varries a bit, but many use cgi 'scrips'. Options abound, so your situatiuon WILL vary. And, this is not part of my comfort zone, so my advice would be -at best- tortured.

Once the info is passed to Ms. A., you can just query your userId table to confirm the user and provide specific info as return.

MichaelRed
m.red@att.net

There is never time to do it right but there is always time to do it over
 
Upvote 0 Downvote
Hi Neil,

Have you tried this:

CRNTUSR = CurrentUser()
"...WHERE Table.Name = '" & [CRNTUSR] & "'")

I had problems getting the recordset to recognize the
value of the variable until I tried that.


It might work for you,

Trystan
 
Upvote 0 Downvote
Neil,

Are you after the NT loggin ID of the User - or really after the Database Login Id - Which can be different.

If I log in to the network i can then allow someone else to log into any database that I have access to.
I'm still loged in as far as the Network is concerned - but THEY are logged into the database.


Point 2
If you are using WHERE(Table.Name = CurrentUser()) then I'm not surprised that it doesn't work.
You need
Code: 
" .. .. WHERE (Table.Name = '" & CurrentUser() & "')"



'ope-that-'elps.

G LS
accessaceNOJUNK@valleyalley.co.uk
Remove the NOJUNK to use.

Please remember to give helpful posts the stars they deserve!
This makes the post more visible to others in need! :-D

 
Upvote 0 Downvote
trystanhuwwilliams :
I assume the code snippets go in to the VBA code for the query and not the SQL view, please let me know if I am wrong there.

LittleSmudge:
I am not sure exactly what I am after, all I know is that the problem is that MS Access uses CurrentUser() to determine what records to pull from the table, and when you type in your Access user ID and password via the webpage it claims CurrentUser() is undefined.


I will have a fiddle with both your suggestions though. Thank you.
 
Upvote 0 Downvote
LittleSmudge:
I used your code snippet
" .. .. WHERE (Table.Name = '" & CurrentUser() & "')"

but I don't get any information, just a blank form. What is your code saying exactly?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Moss100
  • Locked
  • Question
Upgrading from Access 2013 - whats the best option
Replies
2
Views
141
Moss100
Moss100
atadbitslow
  • Locked
  • Question
how to search data and display matches that include the user's input, but not necessarily match
Replies
5
Views
119
atadbitslow
atadbitslow
LondonJohn
  • Locked
  • Question
Problem using Access 2003 and 2007 for the same database
Replies
4
Views
148
LondonJohn
LondonJohn
Moss100
  • Locked
  • Question
Create a Report from a query and then personalise the report for each client - possible?
Replies
2
Views
54
dhookom
dhookom
Trob70
  • Locked
  • Question
There is no object in this control 1
Replies
9
Views
173
Trob70
Trob70

Part and Inventory Search

Sponsor

Back
Top