Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Tracking User Activity in an Application

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Tracking User Activity in an Application

    I have a web project that writes/reads from a SQL server DB. The web project uses the Alpha5 security pieces to authenticate users.

    My question is:

    The grid components when changed write to the SQL server db, I would like to record the SQL statements that are used any time a insert/update/delete takes place and who made the change.

    Basically a history of the activity on the application. The application is going to be used for an internal business process and I need to track the activity to ensure the process is being followed by all employees.

    Has anyone done this? I may be "barking up the wrong tree" with my methodology, I've tossed around recording the activity on a per record basis, but the tables then would have a whole lot more management tracking data in them. I've also thought about creating a table called "history" and recording the exact expressions (this would allow me to reconstitute the db at a later time if needed), but I don't know how to retrieve these expressions from Xbasic and the Alpha5 application.

    Any help would be appreciated. Thank you in advance.

    #2
    Re: Tracking User Activity in an Application

    Hi Hope that this may be of help
    <%a5
    '****************************************************
    'Log File
    dim time as T
    dim url as c
    dim ip as c
    time = now()
    ip = Request.Remote_Addr
    url = Request.Request_URI+crlf()
    file.append("c:\sitelog.txt", time+" * "+loginid+" * "+ip+" * "+url)
    '****************************************************
    %>

    I have this code on all my web pages basically to see who go'es where. As you can see it just logs the Time - User Login ID - Their IP address - Page URL to a text file called sitelog.txt. Now I have not tested it but there is no reason why you could not put the code in the Events of the Grid Dialog - CanUpdateRecord -CanDeleteRecord - CanInsertRecord, and add another field to file.append
    '************
    dim message as c
    message = "Update" 'or Delete or Insert depending on event
    file.append("c:\sitelog.txt", time+" * "+loginid+" * "+ip+" * "+ur+" * "+message)
    '************

    Let me know if it works I may use it myself

    Toby

    Comment


      #3
      Re: Tracking User Activity in an Application

      Here is how I ended up doing it, I didn't need to know where the user was coming from, just who was logged in when the change was made, and what that change was. I stored this in the Validate Event action.

      So if a user were to add an item to a table the vars might look like this

      sql_change = "insert into temp (field1,field2) values ('"+currentform.controls.control1+"','"+currentform.controls.control2+"')"

      sql_log = "insert into templog (field1,field2,field3) values ('[email protected]',getdate(),'The user did this " + currentform.controls.control1 + currentform.controls.control2 +"')"

      Your method would work also, just it logs to the filesystem and that can be hard to query against. If you log into sql, the database gets bigger but you can search it so much easier. I use an AlphaDAO connection to a MS SQL 2005 database.
      __________________________________
      dim conn as SQL::Connection
      conn.open("::Name::<saved connection>")

      <validate form data here>

      if CurrentForm.Has_Error = .F. then
      dim sql_change as C
      sql_change = "SQL Insert statement that is the actual change being made"
      conn.execute(sql_change)

      dim sql_log as C
      sql_log = "insert into <logtablename> (<fields>) values (<values>)"
      conn.Execute(sql_log)
      end if
      conn.close()

      Comment


        #4
        Re: Tracking User Activity in an Application

        Hi Wesley

        I'm having issues with a SQL statement in the candeleterecord event which is similar to yours. Any idea where I could be going wrong:

        Code:
        if result.cancel = .f. THEN
        dim conn as SQL::Connection
        conn.open("::Name::Connection2")
        dim sql_log as C
        sql_log = "INSERT INTO CaseAudit (ID,Disease,DeletedBy,DeleteDate,PersonID) values ('DataSubmitted.ID','DataSubmitted.Disease',session.__protected__userid,+now()-60+,'DataSubmitted.PersonID')"
        conn.Execute(sql_log)
        end if
        conn.close()
        I've tried a few different things with the syntax etc, but to no avail

        Cheers

        Jason

        Comment


          #5
          Re: Tracking User Activity in an Application

          Originally posted by ChristJC View Post
          Hi Wesley

          I'm having issues with a SQL statement in the candeleterecord event which is similar to yours. Any idea where I could be going wrong:

          Code:
          if result.cancel = .f. THEN
          dim conn as SQL::Connection
          conn.open("::Name::Connection2")
          dim sql_log as C
          sql_log = "INSERT INTO CaseAudit (ID,Disease,DeletedBy,DeleteDate,PersonID) values ('DataSubmitted.ID','DataSubmitted.Disease',session.__protected__userid,+now()-60+,'DataSubmitted.PersonID')"
          conn.Execute(sql_log)
          end if
          conn.close()
          I've tried a few different things with the syntax etc, but to no avail

          Cheers

          Jason
          When you are using variable strings you have to make sure you append them correctly.

          sql_log = "INSERT INTO CaseAudit (ID,Disease,DeletedBy,DeleteDate,PersonID) values ('"+DataSubmitted.ID+"','"+DataSubmitted.Disease+"','"+session.__protected__userid+"','"+dtoc(now()-60)+"','"+DataSubmitted.PersonID+"')"

          Also remember the "now()" function returns a date type, so you'll have to convert that to character with the dtoc() function.

          You may also want to add a condition on the conn.execute line to make the routine a bit more "error" friendly:

          if conn.execute(sql_log) = .t. then
          ....
          else
          ....
          end if

          One more thing I found immensely helpful. Create a variable called Output and put a text area control on your form to display the value of this variable.

          When you are building things like SQL statements or bringing multiple condition statements together it helps to trace. When done with the trace just hide the output field and comment out the code that calls it.

          IE:
          dim notes as C
          dim conn as SQL::Connection
          conn.open("::Name::connection1")
          dim query as C
          notes = "this is a test"
          query = "exec sp_log @notes="+notes

          if conn.Execute(query) = .t. then
          Output = "QUERY: " + query + " RESULT: " + result + " ERROR MSG: " + conn.callresult.text
          currentform.controls.output = Output
          else
          currentform.has_error = .t.
          Output = "QUERY: " + query + " RESULT: " + result + " ERROR MSG: " + conn.callresult.text
          currentform.controls.output = Output
          conn.close()

          Comment


            #6
            Re: Tracking User Activity in an Application

            A few years a guy named Andrew posted an "audit" function in the code archive here on the board. Here is the link: https://forum.alphasoftware.com/showthread.php?t=68530
            Andrew had created an aex file that would go to each table and change the field rules so that all of the actions done by a user would be recorded in a table called "audit". I realize that you are using SQL tables, but I have attached a text file that lists each of the field rule events that are affected and what was done. In other words when a record is changed, deleted inserted and how it was recorded.

            I had a customer app that used this and it worked quite well. I thought I would include it here so that you can see the steps/events and how they are handled and perhaps you might glean something useful for your app.

            mike
            Mike Reed
            Phoenix, AZ

            Comment


              #7
              Re: Tracking User Activity in an Application

              Hi Wesley and Mike

              Thanks for taking time out to reply to my question. My SQL is now working! Thanks Wesley for providing a detailed response and the great idea re error handling :) Mike, I will definitely look at the example you have attached, its advantageous to have options apart from say triggers in SQL

              Have a great day

              Jason

              Comment


                #8
                Re: Tracking User Activity in an Application

                Hi Toby,
                I wanted to let you know I used your code on one of our web projects.

                <%a5
                '****************************************************
                'Log File
                dim time as T
                dim url as c
                dim ip as c
                time = now()
                ip = Request.Remote_Addr
                url = Request.Request_URI+crlf()
                file.append("c:\sitelog.txt", time+" * "+loginid+" * "+ip+" * "+url)
                '****************************************************
                %>
                and it worked great! Thank you for posting it, it was just what I needed to create a custom log file.
                Land of the Free, Because of the Brave
                Support our US Military

                Comment


                  #9
                  Re: Tracking User Activity in an Application

                  Here is another approach, that writes the data to a table. By doing that, you can query for any particular data that you want:

                  dim tbl as p
                  tbl=table.open("[pathalias.adb_path]\audit_trail")
                  tbl.enter_begin()
                  tbl.pracid=session.pracid
                  tbl.userid=session.userid
                  tbl.page=request.script_name
                  tbl.date=date()
                  tbl.time=time("0h:0m:0s am")
                  tbl.Ip_address=Request.Remote_Addr
                  tbl.enter_end()
                  tbl.close()
                  Gary S. Traub, Ph.D.

                  Comment


                    #10
                    Re: Tracking User Activity in an Application

                    Thanks Gary! I will try that, it would be even better!
                    Land of the Free, Because of the Brave
                    Support our US Military

                    Comment


                      #11
                      Re: Tracking User Activity in an Application

                      Originally posted by drgarytraub View Post
                      Here is another approach, that writes the data to a table. By doing that, you can query for any particular data that you want:

                      dim tbl as p
                      tbl=table.open("[pathalias.adb_path]\audit_trail")
                      tbl.enter_begin()
                      tbl.pracid=session.pracid
                      tbl.userid=session.userid
                      tbl.page=request.script_name
                      tbl.date=date()
                      tbl.time=time("0h:0m:0s am")
                      tbl.Ip_address=Request.Remote_Addr
                      tbl.enter_end()
                      tbl.close()
                      Garry,

                      How do you use the above method to record what fields were changed/deleted/added? Is it possible?

                      Comment


                        #12
                        Re: Tracking User Activity in an Application

                        Originally posted by djtreble View Post
                        Garry,

                        How do you use the above method to record what fields were changed/deleted/added? Is it possible?
                        Anyone able to advise?

                        Comment

                        Working...
                        X