How to use Dlookup for login form (1 Viewer)

ahmedaliazad

Registered User.
Local time
Today, 23:35
Joined
Aug 10, 2018
Messages
29
Hello,

Dear all,
I have a database application with frontend and backend access,

when I use linked table of users in frontend file the program is working well but for security reason I don't need to link the table which include username and password for each users in frontend because anyone can export the table to a new database then find the password and login to the system with administrator, but my backend is password protected.
So I want to write the dlookup to check the username and password for users table in backend file,
please can anyone help me
 

jdraw

Super Moderator
Staff member
Local time
Today, 16:35
Joined
Jan 23, 2006
Messages
15,364
You may get some ideas from this free youtube video by SteveBishop
Managing User Access
Steve has other videos on Login etc.

Good luck
 

ahmedaliazad

Registered User.
Local time
Today, 23:35
Joined
Aug 10, 2018
Messages
29
Dear jdraw,

I already did the same way that steve did at the beginning of creating my application and this is not my problem,

my problem is how use dlookup to check the value of table in backend db while there is no link table in frontend,

can you help me
 

Frothingslosh

Premier Pale Stale Ale
Local time
Today, 16:35
Joined
Oct 17, 2012
Messages
3,276
With all the security issues you seem to be having, I would STRONGLY suggest moving to some sort of SQL Server or Oracle back end.
 

ahmedaliazad

Registered User.
Local time
Today, 23:35
Joined
Aug 10, 2018
Messages
29
I make an access application for sell (market management system),

I need to secure the tables that contain login information by deleting the link of it in front end and make login form reading the username and password from backend table by using dlookup, this is all I need,

To move the backend to SQL Server it will make the pc slow and need more RAM with some other problem but access is very small and not need pc with high performance
 

Frothingslosh

Premier Pale Stale Ale
Local time
Today, 16:35
Joined
Oct 17, 2012
Messages
3,276
In that case, you're going to need to learn to create, use, and clean up either ADODB or DAO Connection objects, how to run queries against them (including parameter queries), etc. It's going to be one HELL of a lot of work, and you will want to document your code thoroughly so that you remember what is going on a year down the road.

You can probably start HERE, but you will have your work cut out for you.
 

Minty

AWF VIP
Local time
Today, 20:35
Joined
Jul 26, 2013
Messages
10,355
You can't use a Dlookup on a table that isn't already linked.

You are using a catch 22 approach here.

Table with Secure Details isn't Linked > Need to check Secure Details From Linked Table > Table with Secure Details isn't Linked

Do you see the issue with this approach.
 

Cronk

Registered User.
Local time
Tomorrow, 07:35
Joined
Jul 4, 2013
Messages
2,770
You can't use a Dlookup on a table that isn't already linked.
True but you can open a recordset of data in an accdb that is not linked.
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 15:35
Joined
Feb 28, 2001
Messages
27,001
ahmedaliazad

You can do this but thinking about your security concerns expressed in your other threads, I wonder if you really want to do it this way. The DLookup "domain" argument (2nd argument) is the source table or query from which you will find your data. You CANNOT supply SQL as the domain argument. It must be an existing named object. (That's a requirement of the Domain Aggregate functions, no variances allowed.)

EDIT: In another thread unrelated to your question, we explored the idea that you could provide SQL statements as the source domain for a domain aggregate and the consensus was "don't bother."

IF you have a stored query that contains a SELECT statement that includes the syntax ArnelGP showed you in your other thread that includes an "IN [database-connect-info; path\file\table..." (or whatever that syntax was) then in theory the DLookup would work. BUT to do that you would have to have a static query that contained your information on how to connect to that table, which means it would be statically listed for hackers to export. I'm betting you don't want that.

Your better bet MIGHT be to dynamically generate your SQL string with that "IN" clause and open a recordset to it, then manually extract the info you need. You could surely write a subroutine to do this and keep the info hidden in the sense that its parts are never available to hackers because you assemble the parts on-the-fly.

I hope that is clear enough as to what you could do and what risks you face with either of those alternatives.
 
Last edited:

Users who are viewing this thread

Top Bottom