Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Find and Use Current Logged In User Data?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Find and Use Current Logged In User Data?

    A5v10 Web Application

    I need the initial value of a form element to contain the logged in user's userid.

    Following whatever I could find, I now have this as the initial value of that field:

    <%A5 ?session.__protected__userid%>

    Of course, this does not work. It displays nothing, or else it just displays the code, depending on how I use it.

    Similarly, I have tested this in a random place on an .a5w page: "ME <%A5 ?session.__protected__userid%>" which also produces nothing. ("ME: ")

    I have been also trying to use the following:

    1) Login redirects to logincheck.a5w
    2) logincheck.a5w contains only the following:
    <%A5
    DIM pUser as p
    a5ws_logged_in_user_values(pUser,request,session)
    if eval_valid("pUser.userid") = .T. then
    session.__protected__userid = pUser.userid
    response.redirect("AfterLoginPage.a5w")
    end if
    %>

    With that setup, I was successfully redirected to the correct page, but I can't seem to grab that session variable anywhere, and trying to simply print it on that same logincheck.a5w page produces nothing, just as the other attempts did.

    Here are my questions:

    1) In which file can I find and modify the post-login stuff? By that I mean whatever A5 normally does with its standard login process ... where is the file that defines the AfterValidate and whatnot? Can I modify it? Searching my hard drive turns up no files that contain "AfterValidate", and neither does A5's internal search process.

    2) What is the everyday procedure used by A5 afficianados to grab the logged in user info and use it? It must happen every day, in almost every web app, right? Where can I lay my hands on this information?

    Thank you for your help.
    Last edited by Stupidscript; 09-27-2010, 05:52 PM. Reason: typo

    #2
    Re: Find and Use Current Logged In User Data?

    Here's the answer, including the details I couldn't find anywhere:

    1) login.a5w -> logincheck.a5w

    2) logincheck.a5w =

    Code:
    <%A5
    'dimension the pUser array
    DIM pUser as p
    'set the array values to the logged in user values
    a5ws_logged_in_user_values(pUser,request,session)
    'check for the existence of a userid (valid login) in the array
    if eval_valid("pUser.userid") = .T. then
    'if found, set the session variable
    session.__protected__userid = pUser.userid
    'then redirect the user to the main page
    response.redirect("AfterLoginPage.a5w")
    end if
    %>
    3) AfterLoginPage.a5w is a LAYOUT with numerous GRIDS. Placing your code to grab the session variable on this page does nothing for the grids, which are each individually rendered containers.

    4) After finding WHICH GRIDS need the variable, edit THOSE GRIDS' FIELD settings for the field you want to populate:

    Code:
    Initial value: session.__protected__userid
    Note the ABSENCE of any A5 script tags in the "Initial value:". Just call the variable and A5 magically assumes it to be a variable name!! Wow and ew ... not good.

    5) If you need to use that variable inline with HTML or directly on an A5W page, you MUST use the A5 script tags and operators:

    Code:
    Here's the userid: <%A5 ?session.__protected__userid%>
    That equals:
    "echo (?) the value of the __protected__userid SESSION variable"

    And results in:
    "Here's the userid: stanley" (or whatever the userid is)

    To sum up, for people new to A5:

    1) Set your Web Security Settings so that the page users go to following login is your a5w page that checks for and saves the userid. I made and used a page called "logincheck.a5w" for this example.

    2) Then use your code on that checking page to redirect the user to the real first page of your application AFTER it sets the session variable. (If they mess up the login, it won't get to the checking page, anyway. It will return to the login page with the login error.)

    3) Once the session variable has been set, use it in subsequent GRIDS either by direct reference (session.__protected__userid) or by echo (<%A5 ?session.__protected__userid%>), depending on whether you are populating a form field (direct) or printing it on a page (echo).

    See here for a teensy bit more about __protected__ variables.

    Comment


      #3
      Re: Find and Use Current Logged In User Data?

      Oops. Spoke too soon.

      It works ... for awhile ... and then, after awhile, it stops displaying the session variable and just displays the string 'session.__protected__userid' instead.

      The login session is still active, or at least there is no need for the user to log in, again to access the pages.

      I'll keep plugging away. If anyone has a solution that doesn't stop working halfway through the day, I'd love to hear it. But, with this session expiration issue, or whatever, this solution is not "the" solution.

      Comment


        #4
        Re: Find and Use Current Logged In User Data?

        I think I remember seeing a setting in the server that sets the timeout for the session. Not sure if this is the answer but its worth a shot.

        BTW... thanks for the post. I have been searching posts for several days looking for what you described. I need to digest it but again good info...

        Maybe alpha can have a video or wiki that talks about this???

        Comment


          #5
          Re: Find and Use Current Logged In User Data?

          So after reading your post again it started to look familiar to a blog post about filtering data with the "ulink" that is passed from the log in.

          http://blog.alphasoftware.com/2010/0...d-by-user.html

          Comment


            #6
            Re: Find and Use Current Logged In User Data?

            Sorry
            Chad Brown

            Comment


              #7
              Re: Find and Use Current Logged In User Data?

              Thanks, Tommy.

              Now we've got it set in the Web Application where the session lasts as long as the browser is open or until the user logs out, and on the server so that the session lasts for 12 hours (43200 seconds). I guess that's the best we can do with this. Our people will need to re-login every 12 hours or so to restart their session. Oh well.

              I would be interested to learn why there is a distinction being made between session settings in the Web Application and in the Application Server. I would think that a single setting should do the trick, and keeping a session active for as long as the browser is open or until the user logs out seems sensible, to me. Timing out a session is not desirable for our application and does not fit with the options we chose to use in the Web Security settings.

              IMHO, if an application's Web Security settings define a session's lifetime, that should override the Application Server, which could not possibly anticipate what types of session requirements would be needed by an applicatin running on it. Having a session lifetime setting at the server limits all users of that server to that one setting, regardless of what choices they make while developing their app. I mean, why bother, right? Just let the Application Server define how long your sessions last, because it will override your choices, anyway.

              Not good.

              And you're right ... 'ulink' is another way of capturing and using various variables. We're looking at it as an alternative to this issue. It seems unnecessarily complicated when simply using the Web Application's session settings should do what we need.
              Last edited by Stupidscript; 09-29-2010, 02:46 PM. Reason: typo

              Comment


                #8
                Re: Find and Use Current Logged In User Data?

                Using 'ulink' seems to be holding! I'll report back tomorrow if it's fer sher persistent.

                In the meantime, here are my settings for both the Web Application and the Web Application Server:

                Code:
                ### WEB APPLICATION: WEB SECURITY ###
                
                # WEB SECURITY CONFIGURATION: #
                
                Security Policy:
                - Security Active: check
                - Password Required: check
                - Redirect page - login: login.a5w
                - Redirect page - insufficient permission: login.a5w
                
                Login Options:
                - Login expiration policy: Expires when user closes their browser
                - Redirect page after login: HomePage.a5w
                
                User ID Options:
                - User ID configuration: Value
                
                Customize Options:
                - Enable external user identifier field: check
                - Session variable for identifier field: __protected__userid
                
                # USERS and GROUPS: #
                
                Edit User (for example: NormalUser):
                - User ID: NormalUser
                - Password: ********
                - Confirm Password: *********
                - External User ID Value: NormalUser
                
                # PUBLISH WEB SECURITY FILES! #
                
                ### WEB APPLICATION SERVER: ###
                
                # SETTINGS (tab): #
                
                Session Cookie Name: A5wSessionId
                Session Lifetime: 900 (seconds)
                Enable cookies for session tracking: check
                
                # RESTART SERVER! #
                As noted above, in an HTML/A5W page, reference the session variable with a complete script tag to "echo" the variable's value:

                Code:
                <%A5 ?session.__protected__userid%>
                In a Web Component form field's "Initial value", just use the session variable reference directly ... A5 will recognize it as a variable and display its value:

                Code:
                session.__protected__userid
                Thanks a lot for the help of Jerry Brightbill!

                http://blog.alphasoftware.com/2010/0...d-by-user.html

                Comment


                  #9
                  Re: Find and Use Current Logged In User Data?

                  A NOTE ABOUT 'ulink':

                  The idea of 'ulink' is to hold a SINGLE session variable.

                  By using the 'ulink' mechanism AND by using BROWSER-BASED session cookies (that are ONLY deleted when the browser closes), you create a PERSISTENT container that will regenerate itself even when the Application Server "session lifetime" has ended.

                  For example:

                  If the Application Server is set with a "session lifetime" of 900 seconds;

                  - Normally, all session variables are deleted 900 seconds after the user's last activity, and they need to log in again. (Activity, like clicking a link or reloading, re-starts the "session lifetime".)

                  - By using the 'ulink' mechanism, those session variables still get deleted, but 'ulink' grabs the login data from the browser-based cookie and PERFORMS THE LOGIN FOR YOU, using that cookie data ... restarting the session. You don't even see it happening.

                  This means that as long as the browser stays open, the user effectively stays logged in, and the session variable stays available.

                  In my settings, above, I CHOSE "Session variable for identifier field" to be both "__protected__" and "userid". (I didn't HAVE to make it '__protected__', and I could have called it whatever I wanted instead of 'userid'. Call it something that represents the variable you are storing.)

                  I also CHOSE the "External User ID Value" to match the user's NAME ... I could have picked the user's ID, their Status, their Hair Color ... anything in the user's credentials record, but I wanted the NAME, so that's what I used as the "External User ID Value."

                  IF I wanted to use this persistent variable for selecting records that matched the logged in user, I probably would have used their ID, instead of their NAME.

                  By doing so, I could then use their ID to filter records or even grab their NAME with a quick query ("select NAME from users where ID = session.__protected__userid")(NOT tested!!) ... IF that was the data I entered into the "External User ID Value" field, as Jerry Brightbill did in his example for filtering datasets based on the customer_id.

                  He used customer_id's, like '0000003569'.
                  I used a name, like 'NormalUser'.
                  It depends on what you need.

                  My needs are simple ... I just want the name to print in a couple of places so the user doesn't need to choose it from a drop-down list. That's why I CHOSE to use their name as the value of the 'ulink' variable.

                  Hope that is helpful.
                  Last edited by Stupidscript; 09-30-2010, 05:20 PM. Reason: typo

                  Comment


                    #10
                    Re: Find and Use Current Logged In User Data?

                    Good Stuff

                    Comment


                      #11
                      Re: Find and Use Current Logged In User Data?

                      Typically, in Alpha the easiest way is to store some information and relate it to __protected__ulink. This can be through a linked grid or a large flat table and a single grid. Alphapedia shows how to link a DBF (or sql table) to the web security tables to make this simple. The double underscore is for security reasons. Then either in a Tabbed_UI or A5W page the following syntax (copy and paste forever) is used to create that variable. Here I have the organization ("org") related to the user and this would be used to populate whatever grid field.

                      session.org = table.external_record_content_get("[PathAlias.ADB_Path]\web_org_link","org","","uuid="+quote(session.__protected__ulink))

                      In a grid you need to develop an argument if you wish to filter on the session variable so organization = :org (org = session.org). If you only want it as an initial value then you would type session.org in that field. You would then either hide the field or turn it off with javascript if Organization ="".

                      Hope you find this method easier.

                      Comment


                        #12
                        Re: Find and Use Current Logged In User Data?

                        @koga101

                        I'm not sure if it's "easier" than setting and retrieving a "normal" session variable, but the 'ulink' mechanism is definitely the way to go with A5 for a SINGLE persistent session variable. See my post, two above yours.

                        And, for the record, after over 24 hours with the Application Server set to a 900 second session lifetime, the session variable is DEFINITELY persistent, using the 'ulink' mechanism described, above.

                        Thanks for everybody's help. I'm done with this one.

                        Comment


                          #13
                          Re: Find and Use Current Logged In User Data?

                          I've tried everything in this thread and am still having problems... All I'm trying to do is populate the username in a field of a new record when it pops up. A couple of strange things... during all the things I've tried, it worked once... and never again. The wierd thing is, I've put this code in the main grid:

                          <%A5 ?session.__protected__userid%>

                          and the username does show up... I've tried putting session.__protected__userid in the initial value of the field and that didn't work... I've also tried to do it programatically like this:

                          var today = new Date();
                          currday = zeroPad(today.getDate(),2);
                          currmth = zeroPad(today.getMonth() + 1, 2);
                          curryr = today.getFullYear();
                          currdate = currmth + '/' + currday + '/' + curryr;
                          {grid.Object}.setValue('D','CREATEDDATE',currdate);
                          {grid.Object}.setValue('D','CREATEDBY',session.__protected__userid);

                          in the afterDetailViewNewRecord event... the date populates just fine, but the username just comes up blank. It doesn't make sense to me... is there something I'm missing??

                          Comment

                          Working...
                          X