Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Password change - websecurity

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Password change - websecurity

    Hello All

    I have read quite a few threads on this, some suggest you have your own user table, others seem to suggest utilising the built in table inside A5. Putting aside whether the administrator adds new users rather than the user entering the info via a component themselves, is there an automated way of updating a users password when they change it? Within the publish security files page there is an option to publish data tables for user and groups, but I have heard others mention that this can be unwise as it can overwrite existing data that you dont want changed?

    In short, if a user changes their password via the standard login component, what is the easiest way to get that change back to websecurity tables that are sitting under the A5 webroot, so that when the project is next published to the server, the password change sticks rather than reverting back to the original one?

    Cheers

    Jason

  • #2
    Re: Password change - websecurity

    I think you misread the common advice. There is always a built in users table in security framework, you can't avoid using that if you use security, its automatic. The suggestion is to use a local users table IF you need to record any details beyond what is recorded in the security tables, for instance, their first and last name. You cannot change the fields in the built in users table, and that is why you might need your own local tables.

    Maybe I am not reading your question right.

    When a user changes their password online, it DOES end up in the security framework tables. You don't need to do anything to get it there. I think what you mean is how do you synchronize them with your development copy, on your desk, so next time you publish you don't overwrite the online security with your development copy. But that's just it, you DON'T republish security from your development copy to the online location EVER once you have live customers online.

    Ask again, because I think I didn't understand your question fully.
    Steve Wood
    Join the ALPHA DEVELOPERS NETWORK
    There is no Cloud. It's just someone else's computer.
    Web - Mobile - Hosting - Products - Frameworks - Developer Resources
    AlphaToGo | IADN (100% Alpha Anywhere Websites)

    Comment


    • #3
      Re: Password change - websecurity

      Gudday Steve

      Many thanks for your detailed reply. Your first paragraph has clarified a few things for me, thats great

      Re the password change, I must be doing something wrong because my password changes arent registering as you described. For example, yesterday I changed a password via the user login component, and I think from memory A5 recognised that new password for the rest of the day. Last night I shut the PC down (and A5 App server), this morning when I fired everything up and republished, it no longer recognised the new password. I had a glance in the websecurity table and the passent field shows the password was entered 4 Sept, not 30 Sept

      At the moment I am just developing the system and havent gone live with my users, so all the experimenting with passwords etc is happening from my machine, not from an end users pc

      Have I explained that more clearly?

      Cheers

      Jason

      Comment


      • #4
        Re: Password change - websecurity

        fired everything up and republished,
        Well yeah, when you republish you erase what is online with what is in your development copy. Your developent copy is NOT updated when someone changes their password online.
        Steve Wood
        Join the ALPHA DEVELOPERS NETWORK
        There is no Cloud. It's just someone else's computer.
        Web - Mobile - Hosting - Products - Frameworks - Developer Resources
        AlphaToGo | IADN (100% Alpha Anywhere Websites)

        Comment


        • #5
          Re: Password change - websecurity

          OK gotcha. So when someone changes their password online, where is that new password recorded? Is their a development copy of the web
          security table and an online version of the web security table that stores passwords?

          Comment


          • #6
            Re: Password change - websecurity

            Common misconception. In any web app there are at least two copies of the web security files. One in your development copy and one wherever you happen to publish. If you publish to localhost, there is a copy there. If you publish to a remote server, there is a copy there. And if someone changes their password from either the localhost or a remote server, that does not affect the security tables on your development copy.

            Think of it this way, your development copy is on your client computer. It is no way connected to wherever you have your online system. You PUBLISH from your development copy to the published location for live interaction. Even if that published location is the localhost, it is separate and not attached to your development copy of Alpha. Your development copy only has a copy of these web security tables because it needs them in order to develop your system.

            So, if your online system is running for a few weeks and lots of users have changed their login details, and you publish web security files from your development copy to the published location, you completely wipe out all of their changes.
            Steve Wood
            Join the ALPHA DEVELOPERS NETWORK
            There is no Cloud. It's just someone else's computer.
            Web - Mobile - Hosting - Products - Frameworks - Developer Resources
            AlphaToGo | IADN (100% Alpha Anywhere Websites)

            Comment


            • #7
              Re: Password change - websecurity

              Jason,

              Just to add to what Steve said, I can understand your confusion. You said you are working on Localhost, so when you publish, the dbf tables do not move, they stay in the local database.

              However, the web security tables are different. They are located in the directory with the pages and components, not in the dbf directory. So, even in localhost, they do publish!

              To see the tables, look in the publish location, which is probably c:\a5webroot or perhaps a subdirectory of that depending how you set up your profile.

              There is a utility in the security to copy back the published tables so you can synchronize the development tables with the published ones.

              Pat
              Pat Bremkamp
              MindKicks Consulting

              Comment


              • #8
                Re: Password change - websecurity

                Hi Steve and Pat

                Many thanks for your replies, that certainly makes the situation alot clearer. In relation to the utility you mentioned Pat, whereabouts could I locate this setting to get the synchronization I need? Are you referring to web security/utlities/retrieve web user data? If so, once my project is published and up and running, how often would I need to run this process and can it be automated?

                I have found the web security tables under the webroot as you thought would be the case and they show the password changes I made were not recorded.

                Cheers

                Jason

                Comment


                • #9
                  Re: Password change - websecurity

                  Yes that is the correct utility. There is no absolute need to keep your local system in sync with the online system, other than as a backup. I personally take great care to auto-backup my websecurity files and a few choice tables from all applications, every single day. I do this on the server using my favorite free backup software, Cobain Backup 9.
                  Steve Wood
                  Join the ALPHA DEVELOPERS NETWORK
                  There is no Cloud. It's just someone else's computer.
                  Web - Mobile - Hosting - Products - Frameworks - Developer Resources
                  AlphaToGo | IADN (100% Alpha Anywhere Websites)

                  Comment


                  • #10
                    Re: Password change - websecurity

                    thanks very much Steve. Hopefully this will sort my websecurity issues

                    Jason

                    Comment

                    Working...
                    X