Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×
The Claris Museum: The Vault of FileMaker Antiquities at Claris Engage 2025! ×

user permission on editting records

ankurgoyal
 Share

This topic is 8299 days old. Please don't post here. Open a new topic instead.

Recommended Posts

ankurgoyal Apprentice

ankurgoyal

Posted
Posted

well i have a database working with web-security, i have a set of webpages from which only authanticate users can enter their projects and report information, but the problem is ,after login to the database anyuser can edit anybody's else project report, i don't know how to allow the users permissions on to the complete form(contains many fields).

if anybody knows how to solve this ...please let me know as soon as possible..

thanks,

goyal.

Anatoli Grand Master

Anatoli

Posted
Posted

If you will carry the login name/password trough tokens and include that as valid search criteria no one will be presented with someone else page.

Then you need something like "forced frames" technique to disallow users to get through URL line to area where they do not belong.

Even better is to hide the URL area and disable right-click for PC users.

On the other hand -- FM has left open all security doors wide open and anybody can get usually all records from any FM driven web site.

Not from ours, because we developed the Fabulous FM Security Filter.

ankurgoyal Apprentice

ankurgoyal

Posted
  • Author
Posted

well searching is not really a problem, because everyuser has permission to search into the whole database, problem comes when editing comes into the picture, because i want a user to edit his/her own records not of the others,for this reason i have made two fields in the databse, 1-username(enter by the user),2-currentuser([FMP-ClientUserName] which goes directly to the database) and if these fields are equal then that user has permission to edit that record ,elsenot. i'm checking this condition in the javascript and i've put a [FMP-InlineAction: -db=buglist, -lay=One,-recid={CurrentRecID}, -edit] inside javascript,but it doesn't work?? is there any other way???

Garry Claridge Grand Master

Garry Claridge

Posted
Posted

The [FMP-InlineAction] tag is processed before the Javascript. They are processed before any other CDML tags.

I saw a tech paper on the Filemaker site about record level security. It maybe of value.

All the best.

Garry

Keith M. Davie Mentor

Keith M. Davie

Posted
Posted

"...because i want a user to edit his/her own records not of the others,..."

Custom Web Publishing.

My site does what you desire. I do it using ScriptMaker scripts successfuly and safely in browser solutions. My web security is set for all users, no password. My clients never see a FileMaker generated username/password window. Instead they see my protocol for username/password. FileMaker's protocol lacks elegance. Develop your own.

This topic is 8299 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept