Jump to content
Sign in to follow this  
dluton

Performing custom search based on user

Recommended Posts

Please help, I'm completely stuck with this!!

I have a custom web front-end running on our intranet, which accesses numerous databases. Each of the records in the the database will be assigned to an individual; what I need to do is, when a user accesses the database via the web front-end, a FIND is performed based on their access password, and displays ONLY records that have been assigned to that user.

I can do this easily with a script, but this only works when accessing the database through Filemaker itself. I have tried calling the script via an HTML link without success.

Anyone got any ideas?

TIA,

Dan

Share this post


Link to post
Share on other sites

Clearly your solution is for multi-user. Be advised that ScriptMaker is a single-threaded engine which handles one event at a time and which does not queue near-simultaneous requests. Additionally, cdml does not recognize when a ScriptMaker event is not performed by the db, so it advises the client that the transaction was successful.

There are probably other ways to design your solution than with ScriptMaker.

Myself, I handle the situation you describe in a browser using ScriptMaker. Visit my site if you are interested. I handle ScriptMaker scripts successfully while serving them vis-a-vis the browser through FMPro 4.0.v3 on the back-side. It is a complex solution.

Share this post


Link to post
Share on other sites

Script will not work because you cannot identify user and post that info into script.

But the same problem is without scripts as well.

You need to identify visitor and assign the value to Token variable.

That is best achieved via some king of login system -- database.

HTH

Share this post


Link to post
Share on other sites

How do I add the username automatically to the search though? I don't want to allow users to search for any records that are not assigned to them, you see - if they have to manually select a name then they can just choose anyone's name...

I'm still stumped.

Share this post


Link to post
Share on other sites

"Script will not work because you cannot identify user and post that info into script."

If you are using Web Security you can capture [fmp-clientusername] and [fmp-clientpassword].

If you don't like Web Security's stylish password window, you can design your own security protocols for tracking clients and passwords and determining access levels.

In both instances and depending on your design creativity, you can certainly use that data such that it is included into a protected script/sub-script scenario. And protected scripts can use/share data with db's which are not set for web sharing, including added security through the capacity for complete removal of data from db's which are set for web sharing.

Many complex ScriptMaker scripts, when handled properly, can be a powerful tool in web solutions, just as they can be in peer-to-peer solutions. Looping ScriptMaker scripts are to be avoided in browser solutions under the current single-thread engine of ScriptMaker.

ScriptMaker scripts can be a useful tool for the creative designer. There are many other tools also available. Solutions are a matter of design.

Share this post


Link to post
Share on other sites

RE: "Script will not work because you cannot identify user and post that info into script."

If you are using Web Security you can capture [fmp-clientusername] and [fmp-clientpassword].

-------------------------------------------

I've said:

Script will not work because you cannot identify user and post that info into script.

But the same problem is without scripts as well.

You are implying that administrator should separately enter all users into Web Security databases!!!!!

I do not want to do that with more than 100 users.

Better is to provide login system and carry the user ID in Token. You can also carry that ID from IP, but then users cannot use different machine. It will also not work if users are behind firewall and all of them are getting the same IP.

Share this post


Link to post
Share on other sites

Yes Anatoli, I understood what you wrote. And I especially understood this part of it, "...post that info into script." I'm sorry if you misunderstood my post.

The fact is, I agree with you. I did add just one thing, really. "...you can certainly use that data (the client name and password) such that it is included into a protected script/sub-script scenario." Here the key word is "scenario". Perhaps I should have said "schema". This includes not only the database solution, but the browser solution as well. In the database solution it may include creating a record which is deleted with the running of a script, once data from that record is moved or otherwise handled. It may also invlove calculation fields, relationships, portals, etc. On the browser side it may include links, forms, meta redirects which change action tags from the initiating action (e.g. -new to -find or -edit), inlineactions, and those good old fmp-if conditionals controling the text/display. Since one can "carry the user ID in Token", as you suggest, one can insert that token into a db field.

Sometimes a design of intricate complexity weaves a tapestry of elegance for its illusory simplicity.

"You are implying that administrator should separately enter all users into Web Security databases!!!!!"

Perhaps that is what you have inferred. I offered that if one so desired one could use the stylish Web Security protocol (as described in the pdf to which Garry referred), or one can develop one's own tracking protocol.

If one chooses the latter, then the Web Security db would be set for "all users". Yes, that alone leaves one's db's vulnerable to the -format=-raw problem as discussed in the security thread. But as also discussed there, those problems exist within the older versions of FMP even for a db which uses the WS password protocol. I cannot speak directly to 5.5 or 6.0 security. However, as the security thread pointed out, there are other ways to handle security. I believe that you even developed a security protocol for this.

In relation to your concerns for the administrator, the point of developing one's own tracking protocol is that one can then allow the user to determine their own password. And depending on what is desired, a designer could design (with fmp-if conditionals) such that those with special authorities can use a key which will unlock access to certain format files not available to the general public. This, of course, helps provide for the design of a very broad browser solution.

That solution designers have all these tool options I find exciting. The point of my post was the final sentence, "Solutions are a matter of design.".

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Similar Content

    • By AlesD
      Hi I can not fiddle out how to make it work. I have tried several browsers with same result. We are using FM 12 server. I tried this file paths
      file:///C:/file.jpg
      C:/file.jpg
      file://localhost/C:/file.jpg
      and few others
       
      I'm using this code in the Web Viewer which is working fine in FM client but not in browser
      "data:text/html, <html> <head> <style type=text/css> " & table::style & " </style> </head> <body> <div class='thumb'> <span class='helper'></span><img class='thumb' src='" & table::ThumbnailPath & "'> </div> </body> </html>"  
      If it's caused by fact image is not present in web site folder as stated in document then my question is if it possible use unc network path in filename like file://///other_than_fmserver/networkpath/file.jpg. I wasn't successful either. 
      Any help appreciated
       
      Thank you
    • By KevinArevalo
      Good morning! I need some help getting something working.
       
      We have a company website, and we are trying to create a instant web publishing portal for our customers to login and view their open invoices. Pretty simple. We have all of our information on a FileMaker solution that is hosted with FileMaker Server 12. The problem is we can't get it to work the way we want it to. 
       
      This is our idea and how we kind of want it to work. We want the have our customers create their accounts/passwords on our actual website. We will store their account information on our web server. We will authenticate their login on our web server. Then, after they log into our website, we want to take their username, bypass the filemaker instant web publishing login page, and then set their username (which they used to log into our website, not filemaker) to a global variable or a field or something, we just need it in filemaker so we can do searches on it. We have the instant web publishing layouts built and we can get all that part working fine, we have the login authentication working on our site, that part is fine. It's just bridging the two together. 
      We are using WordPress to build the website, and our site is hosted on GoDaddy. Our problem is that we can't find a way to auto-login and bypass the login web publishing page. We currently have one account called "WebLogin" which we have been trying to use as a general login (since the actual customer login is authenticated on our website, not FileMaker) but we can't seem to bypass the page. I found this page through google searching: http://lnx.acidsoft.net/problemsolved/bypass-filemaker-iwp-login-via-url.html
      and tried to do it the way that he describes, but it is not working. It gives me an error saying:
      Bad Request
      The server could not process your request due to a missing command: ""
       
      And I get another dialog box that says: 
      Bad Request
      The server could not process your request because your session has timed out, been closed, or communication with the server has been lost.
      Please reselect the database to begin a new session. If you cannot open the database, please contact your database administrator.
       
      That is one of the problems, how can I resolve this?
       
      My other problems is we are trying to pass through the username that the customer uses to login to our website as a variable in filemaker or even set it to a field. I am not sure how to do this. Is this even possible?
      Thank you so much!
    • By djlane
      I have an application that was using IWP under FM Server 12, to allow my friends and friends of friends to upload their golf scores, and my system would calculate their USGA handicaps.
       
      After upgrading to FM Server 13, IWP not longer exists, and WebDirect does not support mobile devices.
       
      So, I set up an alternative server using FM12.
       
      A lot of guys that I don't have contact details for, used that IWP based system to upload golf scores. So I don't have a way to tell them all the new URL.
       
      Using the old IWP URL, you are presented with a screen that says "The requested page is not found. Check the URL you are using to access FileMaker WebDirect."
       
      I want to edit that page to add some additional information telling them the new URL etc. But I can't find any document with that content in any FM Server folder or sub folder. 
       
      Anyone know where I can find it ?
       
      thanks
    • By cchaski
      Hi, I have a databse hosted in IWP that uses Supercontainer for people to upload documents. The process works fine when I use FMPA 12 to access the hosted database, but when I go through the web browser (the IWP approach), the process does not work. A button "Upload Doc" calls a script that goes to the upload layout, generates the SC id code for the record, shows the webviewer with upload and delete buttons. This works fine when I am using FMP to access the database, but this does not work when I use IWP. When I click the button in IWP, nothing happens. Any ideas?? Thanks in advance!
    • By cchaski
      Hi, I have a databse hosted in IWP that uses Supercontainer for people to upload documents. The process works fine when I use FMPA 12 to access the hosted database, but when I go through the web browser (the IWP approach), the process does not work. A button "Upload Doc" calls a script that goes to the upload layout, generates the SC id code for the record, shows the webviewer with upload and delete buttons. This works fine when I am using FMP to access the database, but this does not work when I use IWP. When I click the button in IWP, nothing happens. Any ideas?? Thanks in advance.
  • Who Viewed the Topic

    1 member has viewed this topic:
    muzz 
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.