2. PHPRunner General questions
  3. [SOLVED]  Advanced Permissions
This topic is locked
[SOLVED]

 Advanced Permissions

 		1/24/2014 7:47:07 AM
PHPRunner General questions
T
 TKirchner author

Hello everyone,
i need some help to set up the Advanced Permissions correctly, here is what i did and what i wanna go to do:
I actually set the Advanced Permissions to : Users can see and edit their own data only
Users Table:OwnerID field : Username
Main Table: OwnerID field : Field1
This works fine so far, if im logging myself in with for e.g. the Username 'test' there is only shown all data which have the value 'test' in the 'Field1' field.
The Problem:
It is only possible to link one Field (In my case Field1) with the OwnerID.
I would need to make it happen that there is more than one OwnerID field for the main table, in my opinion that wont be possible so i need a work-around.
The Entry should be shown no matter if the 'Username' is written in Field1 or Field2 but should not be shown to any User who's Username is not into those 2 Fields.
Maybe u guys (and girls) have an idea for a work-around solution.
Best regards,
Tim
Sergey Kornilov admin 1/24/2014

You are correct saying that building Advanced Security based on two separate fields is not possible.
As a workaround you can use Dynamic SQL Query approach described in this article:

http://xlinesoft.com/phprunner/docs/modify_sql_query_on_the_fly.htm

  1. In AfterSuccessfulLogin event save values from the login table in session variables i.e.

$_SESSION["OwnerID1"]=$data["OwnerIDField1"];

$_SESSION["OwnerID2"]=$data["OwnerIDField2"];


2. AfterTableInit event:

$query->addWhere("OwnerID1=".$_SESSION["OwnerID1"]." and OwnerID2=".$_SESSION["OwnerID2"]);


You will need, of course, to make sure that all field names are correct.
T
 		TKirchner author 1/28/2014



You are correct saying that building Advanced Security based on two separate fields is not possible.
As a workaround you can use Dynamic SQL Query approach described in this article:

http://xlinesoft.com/phprunner/docs/modify_sql_query_on_the_fly.htm

  1. In AfterSuccessfulLogin event save values from the login table in session variables i.e.

$_SESSION["OwnerID1"]=$data["OwnerIDField1"];

$_SESSION["OwnerID2"]=$data["OwnerIDField2"];


2. AfterTableInit event:

$query->addWhere("OwnerID1=".$_SESSION["OwnerID1"]." and OwnerID2=".$_SESSION["OwnerID2"]);


You will need, of course, to make sure that all field names are correct.


Thank you for your quick response!
Im going to try getting it work with your code snippets.
Just to verify:
OwnerID1/OwnerID2 would the 'Username' while OwnerIDField1/2 would be the Field that is checked for the 'Username' Value, right?
Sorry for that trouble, im not a programmer at all <img src='https://asprunner.com/forums/file.php?topicimage=1&fieldname=reply&id=73818&image=1&table=forumreplies' class='bbc_emoticon' alt=';)' />
Best regards,
Tim
T
 		TKirchner author 1/28/2014

Okay after playing around with this for a while i found myself in the middle of nowhere, i wont get this done by myself.
Im tryin to explain it a little more in detail:
The 2 Fields that should been checked for a Username into them are named 'Werbetechniker' and 'Monteur'
The Usernames that could be in there are: Vogt, test, test2.
All of the Usernames could be displayed in both of the fields.
It would be very helpful if somebody could edit admin's code snippets with the mentioned values, i cant get it done for some reason...
Thank you very much!
Best regards,
Tim
Sergey Kornilov admin 1/28/2014

Tim,
if you need more help post your application to Demo Account and open a ticket at http://support.xlinesoft.com sending your Demo Account URL. 'Demo Account' button can be found on the last screen in the program.
T
 		TKirchner author 1/29/2014

Hey admin,
i tried that earlier, whenever im trying to upload to Demo Account my PHP-Runner 7.0 Enterprise is going to freeze, uploading nothing.
Thought i could just jump over that issue by posting here <img src='https://asprunner.com/forums/file.php?topicimage=1&fieldname=reply&id=73841&image=1&table=forumreplies' class='bbc_emoticon' alt=';)' />
Best regards,
Tim
T
 		TKirchner author 1/29/2014

double post..deleted
Sergey Kornilov admin 1/29/2014

Contact support directly, we'll find a way to transfer your project to us.