Login Form

**NeoPa** · Sep 25 '08, 01:21 PM

Let me start by saying that, because you have included a good deal of relevant info in your first post on this subject, helping you along will be MUCH easier than before. We win - You win :)

Let's start by highlighting the first issue I see then (We can move onto others when I find them).

When testing form control values for being empty, simply check IsNull() for the name of the control. The .Value is the default property anyway. Thus, your first batch could be :

Code:

If IsNull(Me.cmbUserName) Then
    MsgBox "Please enter UserName", vbOKOnly, "Required"
    Me.cmbUserName.SetFocus
    Exit Sub
End If

**NeoPa** · Sep 25 '08, 01:35 PM

After line #13 you need to add in :

Code:

intLogonAttempts = 0

Otherwise, it will remember failed attempts, even after a successful logon.

By the way, you don't include the Dimming of intLogonAttempt s. I assume it is module level.

**NeoPa** · Sep 25 '08, 01:40 PM

How you manage access to various objects (forms etc) is really very much dependent on your intentions and design. For instance, where and how are you storing the operator's identity?

The checks should be done whenever attempting to access a resource. This can either be hard-coded into the resource itself (a form's Form_Open() event) or into the calling code that opens the form. An alternative to hard-coding is to dhave a system where your configuration is stored in a table.

**puT3** · Sep 26 '08, 02:54 AM

This the code after few changes,not much...

Code:

Option Compare Database

Private Sub Command6_Click()
    
    Dim intLogonAttempts As Integer

    If IsNull(Me.cmbUserName) Or Me.cmbUserName = "" Then
        MsgBox "Please enter UserName", vbOKOnly, "Required"
        Me.cmbUserName.SetFocus
    Exit Sub
    End If
    
    If IsNull(Me.txtPassword) Or Me.txtPassword = "" Then
        MsgBox "Please enter Password", vbOKOnly, "Required"
        Me.txtPassword.SetFocus
    Exit Sub
    End If
    
    If Me.txtPassword.Value = DLookup("Password", "UserConfig", "[lngID]=" & Me.cmbUserName.Value) Then
        lngID = Me.cmbUserName.Value
        intLogonAttempts = 0
    Else
        MsgBox "Password Invalid. Please Try Again", vbOKOnly, "Invalid Entry"
        Me.txtPassword.SetFocus
    End If
    Exit Sub
    
    intLogonAttempts = intLogonAttempts + 1
    If intLogonAttempts > 3 Then
        MsgBox "You do no have access to this database.", vbCritical, "Restricted Access!"
        Application.Quit
    End If

    End Sub

**puT3** · Sep 26 '08, 03:30 AM

Originally posted by NeoPa

How you manage access to various objects (forms etc) is really very much dependent on your intentions and design. For instance, where and how are you storing the operator's identity?

The checks should be done whenever attempting to access a resource. This can either be hard-coded into the resource itself (a form's Form_Open() event) or into the calling code that opens the form. An alternative to hard-coding is to dhave a system where your configuration is stored in a table.

I store the operator identity in a table as i mention previously...hm m...I dont really understand,can u give some example about this
"An alternative to hard-coding is to dhave a system where your configuration is stored in a table."

I want administrator to have the access to add,update,dele te and search form while user only have the access for the search form...do i need to insert this in the table because there are about many form...

**NeoPa** · Sep 26 '08, 10:24 AM

From your psted code I would make the following comments :

Add the line "Option Explicit" after "Option Compare Database".
Set this as the default (From VBA Editor select Tools / Options / Editor Tab / Require Variable Declaration).
Compile your code (always) before posting it. This avoids confusion as we expect any posted code to be compiled unless otherwise stated.
You are still comparing controls against "". As far as I'm aware this is never a possible value. This is not exactly wrong. It's simply wasting time and makes the code harder to understand easily.
intLogonAttempt s needs to be declared in one of two ways (The way you have it won't work as there is no looping within the procedure itself. Every time it is called intLogonAttempt s will be reset to 0 before the code executes).
1. Declare it as Private in the module OUTSIDE of any procedures (preferably before any of your code).
2. Declare it as Static within the procedure itself. Simply replace Dim intLogonAttempt s As Integer with Static intLogonAttempt s As Integer.
I recommend looking up Private & Static in Access Help.

**NeoPa** · Sep 26 '08, 10:32 AM

Originally posted by puT3

I store the operator identity in a table as i mention previously...hm m...I dont really understand,can u give some example about this

I am referring to something which remembers, not what operators are available, but which operator has already been successfully verified and is now logged on. This is session level information. It would not be a good idea to store this in a table, as otherwise other users would have access to it simply because someone else is already logged on at another PC.

Originally posted by puT3

"An alternative to hard-coding is to have a system where your configuration is stored in a table."

I want administrator to have the access to add,update,dele te and search form while user only have the access for the search form...do i need to insert this in the table because there are about many form...

If you want different forms to have different sets of operators that can access them, then you will either need to check the logged in operator (they shouldn't need to log in again every time they go to a new form) within each different form, or you will need to design a system based on a table which stores which operators are allowed for each form.

Does that make it clearer?

Login Form

Login Form

Comment

Comment

Comment

Comment

Comment

Comment

Comment