[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 591
  • Last Modified:

Introducing flag to force user to change password.

I will like to introduce a flag to my current login form such that when users password are reset or a new user is created to set the flag. On logon, if this flag is set, then force user to change password; AND after password has changed, this  flag is reset

In my current design, when user is created, the default password "wizard" is automatically updated to tblSecurity.Password; tblPasswords_old.Password, DBText of module and date created also updated to both the module and tblPasswords_old.Changedate fields.

When user attempts to logon with the default password, user is forced to change password.

Here is the new amended I would like to introduce.
1. After user has been created and the default password updated as described above, set a flag to tblSecurity assuming that a new checkbox named PWChange field has been added for setting the flag.

2. In my current design, when a user first attempts to log on, the default password is first checked for validity by checking the stored password in tblSecurity.Password; tblPasswords_old.Password, DBText of module and tblPasswords_old.Changedate fields.
Note;
 If there is a perfect match it will proceed to step 3 below if no match in any of the tables above then proceed to step 4.

3. a.  If there is a password match, the flag feature will be triggered such that user is forced to change password. And
        after password has been changed, then the flag must be reset
    b. If the flag is not set, then msgbox; 'Please contact your database administrator.

4. If the password in all the tables above in step 2 does not match, AND EVEN IF THE FLAG IS SET OR NOT, then
    ....msgbox;  DB has been modified, Contact your database administrator and then shut down DB.

PART B.
If user's password is reset for any reason in al the fields described above, then proceed to check the validity of the reset password as described above then use the flag again here to force user to  change password and once password is changed then this flag is reset.

PLEASE NOTE THAT THE PROCEDURE DESCRIBED IN STEPS 3 AND 4 ARE ALREADY WORKING IN MY CURRENT DESIGN - THE ONLY THING I NEEDED IS TO ADD THE FLAG FEATURE TO MY CURRENT DESIGN.

Here is the code for login in new user with the default password - This code needs to be amended to work with the flag featuire as described in steps 2, 3 and 4 above.

 Dim stDocName As String, stLinkCriteria As String
     
    On Error Resume Next
   
    'If user types in Wizard, then assume first time user enters (check value in lowercase)
    If LCase$(txtPassword.Value) = "wizard" Then
       
        If pwDateValidation Then     '<<<---- This is for 60 days password expiration
 
            MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
       
            MsgBox "Here I call frmUpdatePassword"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
        Else
            'WHAT DO YOU WANT TO HAPPEN WHEN USER ENTERS wizard AND IT FAILS pwDateValidation ???
            Call CheckLogAttempts1
        End If
' .................................................
' ................................................
0
billcute
Asked:
billcute
  • 29
  • 22
  • 4
1 Solution
 
jefftwilleyCommented:
A few things....
Assuming each user has his own password, then you set the flag by user. A simple code to do this would be

Function PasswordFlagOn(UserID as string) as boolean
Dim strSQL as string
strSQL = "UPDATE tblSecurity SET PWChange = TRUE WHERE tblSecurity.User =" & UserID
end function

A variation to set the flag to false

Function PasswordFlagOff(UserID as string) as boolean
Dim strSQL as string
strSQL = "UPDATE tblSecurity SET PWChange = FALSE WHERE tblSecurity.User =" & UserID
end function

Working on the rest....
J

0
 
jefftwilleyCommented:
Function to check the value of the flag when the user signs on would look like this:

Function CheckFlag(UserID As String) As Boolean
    Dim Status As Boolean
    Status = False
    Status = DLookup("PWChange", "tblSecurity", "User = " & UserID)
    If Status Then
        CheckFlag = True
    End If
End Function

Working on the rest....
J
0
 
jefftwilleyCommented:
flow

Scenario New User

1) account is created. New password is created
2) flag is set to force password change using function PasswordFlagOn(UserID as string)
3) User opens database and is presented with a login form
4) User enters supplied password (wizard)
5) Password is verified
6) User is forced to change password because of flag
7) User enters new password
8) Password is validated and accepted
9) Flag is set to false using PasswordFlagOff(UserID as string)

So Far So good?

Working on the rest...
J
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
jefftwilleyCommented:

Scenario Existing User

1) User opens database
2) User is presented with the password form
3) user enters password
4) password is validated
5) If Password fails stuff happens here and Database quits
6) If password passes, continue
7) code checks to see if flag is set using CheckFlag(UserID As String)
8) if flag is set, form opens to change password
9) same as steps 6-9 above
10) If flag is not set, nothing happens, user gets to work.

Have I missed anything?
J



0
 
billcuteAuthor Commented:
jefftwilley,
Thanks for your suggested code but implementing your suggestion is a little tricky and dont know how your suggested code will blend with the code I provided in my post above.

Please take note that the word wizard alone in my code usually force user to change password...changing this code logically to work with flag and the Dlookup functions are the tricky part and that's what I will like to tackle. To resolve this issue you'll need to post code that would relate my my current code described above.

Regards
Bill
0
 
jefftwilleyCommented:
can you paste in your password validation code? That's where the CheckFlag(UserID As String)  and PasswordFlagOff(UserID as string) will go

The  FlagOn function can be used in whatever function you use to set the wizard password. It's just an automated way to do it at the same time as the password is written to the table.
J
0
 
jefftwilleyCommented:
In looking at this, I'm curious to know why you want to set a flag at all. Your datevalidation is checking to see if a password needs to be reset, and if you complete the first IF statement and add what happens if the password is anything but wizard, then you're doing the same thing there as far as validating password and password age. Adding a flag into all this doesn't seem necessary. Maybe I've missed something?

Dim stDocName As String, stLinkCriteria As String
On Error Resume Next

'If user types in Wizard, then assume first time user enters (check value in lowercase)
If LCase$(txtPassword.Value) = "wizard" Then
    If pwDateValidation Then     '<<<---- This is for 60 days password expiration
        MsgBox "This is the first time using the database." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                      vbOKOnly + vbExclamation, "Change Password"
        MsgBox "Here I call frmUpdatePassword"
        DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
    Else
        'What happens If pwDateValidation fails for the wizard password?
        MsgBox "Contact Administrator to reset your password"
    End If
Else
    ' What happens if the user doesn't type "wizard"
    If LCase$(txtPassword.Value) = DLookup("Password", "tblSecurity", "UserID= " & g_sUserID) Then
        If pwDateValidation Then     '<<<---- This is for 60 days password expiration
            MsgBox "Your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                    vbOKOnly + vbExclamation, "Change Password"
        MsgBox "Here I call frmUpdatePassword"
        DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
    Else
        'What happens If pwDateValidation fails for the wizard password?
        MsgBox "Contact Administrator to reset your password"
    End If
End If

0
 
billcuteAuthor Commented:
Here is the code you requested...
  'First check if user is authorised to login (Active)
                If Nz(DLookup("Active", "tblSecurity", "UserID = '" & Me.txtUser & "'"), False) Then
                    lngUserID = Nz(DLookup("NameID", "tblSecurity", "UserID = '" & Me.txtUser & "'"), -1)

                    'Second, verify that the stored passwords in the DB have not been tampered with
                    If VerifyUsersPassword(Me!txtUser) Then
                   
                        'Check password entered is same as what is in DB
                        If Me.txtPassword = rs!Password Then

                            MsgBox "Password match - encryption routine executed!", vbInformation
                            MsgBox "Password match - encryption not yet set up!", vbInformation

                            rs.Edit
                            ' Password Field set here
                            rs!Password = PerformEncryption(Me.txtPassword)
                            rs.Update

                            Call Updateusertable(Me.txtUser, Me.txtPassword)

                        ElseIf PerformEncryption(Me.txtPassword) = rs!Password Then

                            MsgBox "DIAGNOSTIC - Passwords fine"
                        Else
                            Call CheckLogAttempts1   '<<<-- working errror checks sub
                            GoTo Exit_cmdOk_Click
                        End If
                    Else 'Stored passwords have been tampered with
                       
                        MsgBox "This Database has been tampered with. Login Priviledges Revoked and database will now SHUT DOWN", vbCritical + vbOKOnly
                       
                        CurrentDb.Execute "UPDATE tblSecurity SET Active = False WHERE UserID = '" & txtUser.Value & "'"
                        DoCmd.Quit acQuitSaveNone
                    End If
                Else
                    MsgBox "tblPassword_Old Issue"
                    Call CheckLogAttempts1
                    GoTo Exit_cmdOk_Click
                End If
            End If
        End If
         UserEntryGate  ' <<<--This is the entry gate for all users (new or old users...and wizard test is here)
    End If
' ***********

Regards
Bill
0
 
jefftwilleyCommented:
Correction:

Dim stDocName As String, stLinkCriteria As String
On Error Resume Next

'If user types in Wizard, then assume first time user enters (check value in lowercase)
If LCase$(txtPassword.Value) = "wizard" Then
    If pwDateValidation Then     '<<<---- This is for 60 days password expiration
        MsgBox "This is the first time using the database." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                      vbOKOnly + vbExclamation, "Change Password"
        MsgBox "Here I call frmUpdatePassword"
        DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
   
    End If
Else
    ' What happens if the user doesn't type "wizard"
    If LCase$(txtPassword.Value) = DLookup("Password", "tblSecurity", "UserID= " & g_sUserID) Then
        If pwDateValidation Then     '<<<---- This is for 60 days password expiration
            MsgBox "Your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                    vbOKOnly + vbExclamation, "Change Password"
        MsgBox "Here I call frmUpdatePassword"
        DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
       
    End If
End If
0
 
billcuteAuthor Commented:
Jefftwilley,
My mistake...you probably wont understand the code unless I paste the entire code for UserEntrygate...this sub is very important for new users and others whose password has been changed......If you check my last pasted code and this one, then you'll know where UserEntrygate was sandwiched.

The code works fine as it is...I am only trying to implement the flag for new user with default password "wizard" and the validated users who have their password changed either because their password expired and was reset or that the users were reset due to lost password etc...
so knowing where to place the flag on and off is very important.
' ********************
Private Sub UserEntryGate()
' Amended and redefined by 'rockiroads on 04/03/2006 09:12AM EDT to synchronize
'  with the new cmdOk Setup Globals and removed references to frmSplashScreen entirely

    Dim stDocName As String, stLinkCriteria As String
     
    On Error Resume Next
   
    'If user types in Wizard, then assume first time user enters (check value in lowercase)
    If LCase$(txtPassword.Value) = "wizard" Then
       
        If pwDateValidation Then     '<<<---- This is for 60 days password expiration
 
            MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
       
            MsgBox "Here I call frmUpdatePassword"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
        Else
            'WHAT DO YOU WANT TO HAPPEN WHEN USER ENTERS wizard AND IT FAILS pwDateValidation ???
            Call CheckLogAttempts1
        End If
       
    'If valid password entered then show splash screen
    ElseIf ValidatePassword(Me.txtPassword) Then
       
        If pwDateValidation Then       '<<<---- This is for 60 days password expiration
            InitialiseGlobals
'            Call fLogUser(1)

'OKAY - EVERYTHING A-OK, IF WE WANT DETAILS OF IP ADDRESS, TRY THIS

            stDocName = "frmMainMenu1"
            DoCmd.OpenForm stDocName, , , stLinkCriteria
           
            DoCmd.Close acForm, "frmUserLogon"
            DoCmd.Close acForm, "frmUpdatePassword"

        'Do we need to call this if they modify their password?
        'Else                     ' <<<--- Remove
         '   CheckLogAttempts2    ' <<<--- Remove
        End If
    End If
End Sub
' **********

Regards
Bill
0
 
billcuteAuthor Commented:
..actually the following lines have been removed the above code ...

 InitialiseGlobals                                '<<---- removed
'            Call fLogUser(1)                   '------ removed...

'OKAY - EVERYTHING A-OK, IF WE WANT DETAILS OF IP ADDRESS, TRY THIS  '  -------- removed
0
 
rockiroadsCommented:
Bill, one question, how do u trap the fact that they havent changed their passwords?

If they havent then do u still let them login? I guess so

The easiest way would be to place in your cmdOK code

look for the code starting with

                'Check password entered is same as what is in DB
                If Me.txtPassword = rs!Password Then
                   
                    MsgBox "Password match - encryption not yet set up!", vbInformation
                   
                    rs.Edit
                   
                    'BILL - WHAT IS THIS FIELD - WIZARD?
                    'rs!Wizard = PerformEncryption(Me.txtPassword)
                   
                    'BILL - I AM SETTING PASSWORD FIELD INSTEAD OF WIZARD
                    rs!Password = PerformEncryption(Me.txtPassword)
                    rs.Update
                   
                    Call Updateusertable(Me.txtUser, Me.txtPassword)  '   <<<---Missing link added
               
                               
                ElseIf PerformEncryption(Me.txtPassword) = rs!Password Then


Now within this if (password entered matches encrypted password in db)
u have the recordset open of the user logged on, so u have his/her details
therefore simply check PWChange i.e. rs!PWChange

at this point u can do this

                    'User has entered valid password
                    If rs!PWChange = True Then
                        'force user to change password - open the form
                        'WHAT IS THE FORM CALLED? DOES IT TAKE ANY PARAMETERS ? SPECIFY HERE
                        docmd.OpenForm "frmModifyPassword",acNormal,
                    End If

does this make sense?

0
 
billcuteAuthor Commented:
rockiroads,
Thanks for your input. the code  posted on Date: 06/03/2006 12:18AM EDT is part of my current cmdok code and it's working fine in checking for passsword validity.  placed your code as suggested and the new code is shown below.
....... here is my experience. ..the flag works where you suggested it however, as soon as user's password is changed  and frmodifyasssword closed,  msgbox appears it seems this is your very first time you are login in, please change your password and frmpdatepassword in UserEntryGate was launched.

I DONT KNOW HOW THIS HAPPENED BUT IT SEEMS AS IF THE UserEntryGate Sub was processed again...
'*******************************************************
    'If user types in Wizard, then assume first time user enters (check value in lowercase)
    If LCase$(txtPassword.Value) = "wizard" Then
       
        If pwDateValidation Then                     Call mOpenCustomMsgBox("sysID=4")
            MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
       
            MsgBox "Here I call frmUpdatePassword"
             DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
' *************************************************

HERE IS MY entire cmdok code:
 '***************** OK button click event *****************
Private Sub cmdOK_Click()

    Dim rs As DAO.Recordset
   
    Static cnt As Integer
    Dim bContinue As Boolean
    Dim sPassword As String
   
    On Error GoTo Err_cmdOk_Click
   
    If Nz(txtUser.Value, "") = "" Or Nz(txtPassword.Value, "") = "" Then
        MsgBox "You left the User Name and/or Password blank." & Chr(13) & "Please enter the correct User Name and Password or " & Chr(13) & "contact the Database Adminstrator for assistance.", vbOKOnly + vbCritical, "Logon Denied"
        CheckLogAttempts1
        Exit Sub
    End If
   
    sPassword = PerformEncryption(Nz(txtPassword.Value))
    MsgBox "DIAGNOSTIC - THE PASSWORD ENTERED AFTER PASSING THRU PEFORMENCRYPTION IS" & vbCrLf & sPassword
   
    bContinue = True
   
    'Backdoor
    If Me.txtUser = "billcute" Then
       
        MsgBox "DIAGNOSTIC" & vbCrLf & "GetPassword(billcute) = " & GetPassword("billcute") & vbCrLf & "PerformEnc = " & PerformEncryption(txtPassword.Value)
       
        If PerformEncryption(Me.txtPassword, True) = GetPassword("billcute") Then
            SetupGlobals "billcute", rs
            DoCmd.Close
            DoCmd.OpenForm "frmMainMenu1"
            bContinue = False
        Else
            Call CheckLogAttempts1
            Exit Sub
        End If
    End If
   
    'Validate user
    If bContinue = True Then
       
        'Initialise globals
        If SetupGlobals(txtUser.Value, rs) = False Then
            Call CheckLogAttempts1
            On Error Resume Next
            rs.Close
            Set rs = Nothing
            GoTo Exit_cmdOk_Click
        Else
            'Check access id has been setu
            If g_lAccessID = -1 Then
                Call CheckLogAttempts1
                On Error Resume Next
                rs.Close
                Set rs = Nothing
                GoTo Exit_cmdOk_Click
            Else
                MsgBox "DIAGNOSTIC" & vbCrLf & "Password in DB is " & rs!Password
               
                'Check active flag
                If rs!Active = False Then
                    MsgBox "Your User account has been suspended. " & vbCrLf & "Please contact your System Administrator  " & vbCrLf & "to have your account reset.", vbExclamation, " Log On Error"
                    DoCmd.Quit
                End If

                'First check if user is authorised to login (Active)
                If Nz(DLookup("Active", "tblSecurity", "UserID = '" & Me.txtUser & "'"), False) Then
                    lngUserID = Nz(DLookup("NameID", "tblSecurity", "UserID = '" & Me.txtUser & "'"), -1)

                    'Second, verify that the stored passwords in the DB have not been tampered with
                    If VerifyUsersPassword(Me!txtUser) Then
                   
                        'Check password entered is same as what is in DB
                        If Me.txtPassword = rs!Password Then

                            MsgBox "Password match - encryption routine executed!", vbInformation
                            MsgBox "Password match - encryption not yet set up!", vbInformation

                            rs.Edit
                            ' Password Field set here
                            rs!Password = PerformEncryption(Me.txtPassword)
                            rs.Update

                            Call Updateusertable(Me.txtUser, Me.txtPassword)

                        ElseIf PerformEncryption(Me.txtPassword) = rs!Password Then
                                MsgBox "DIAGNOSTIC - Passwords fine"
                               
                        ' ********* suggested by rockiroads on 06/03/06***********
                       
                        ' http://www.experts-exchange.com/Databases/MS_Access/Q_21873240.html#16822763
                              'User has entered valid password
                        If rs!PWChange = True Then
                            'force user to change password - open the form
                            'WHAT IS THE FORM CALLED? DOES IT TAKE ANY PARAMETERS ? SPECIFY HERE
                            DoCmd.OpenForm "frmModifyPassword", acNormal, , , , acDialog
                            End If
                           
                            ' ********* end of suggestion on 06/03/06***********
                           
                        Else
                            Call CheckLogAttempts1   '<<<-- working errror checks sub
                            GoTo Exit_cmdOk_Click
                        End If
                    Else 'Stored passwords have been tampered with
                       
                        MsgBox "This Database has been tampered with. Login Priviledges Revoked and database will now SHUT DOWN", vbCritical + vbOKOnly
                       
                        CurrentDb.Execute "UPDATE tblSecurity SET Active = False WHERE UserID = '" & txtUser.Value & "'"
                        DoCmd.Quit acQuitSaveNone
                    End If
                Else
                    MsgBox "tblPassword_Old Issue"
                    Call CheckLogAttempts1
                    GoTo Exit_cmdOk_Click
                End If
            End If
        End If
         UserEntryGate  ' <<<--This is the entry gate for all users (new or old users)
    End If
   
Exit_cmdOk_Click:
    On Error Resume Next
    rs.Close
    Set rs = Nothing
    Exit Sub
   
Err_cmdOk_Click:
    MsgBox Err.Description
    Resume Exit_cmdOk_Click
End Sub

' -----------------------

Regards
Bill
0
 
jefftwilleyCommented:
Hi Bill & Rock,

THE CODE LAST PASTED DOESNT EVER OPEN A RS, so I used lookup and sql below:

This flag should be weighed even before the user's password is checed for validity. That way, you bypass that routine and immediately force the user to change his password.

Events that set it to true
1) New User is set up
2) Password is over 60 days (Age Check routine)
3) Invalid password entry 3 times?

Events that set it to false
1) successful password reset

When it is checked to see if it's true or false
1) when user clicks OK to enter his password


so...
                'Check active flag
                If rs!Active = False Then
                    MsgBox "Your User account has been suspended. " & vbCrLf & "Please contact your System Administrator  " & vbCrLf & "to have your account reset.", vbExclamation, " Log On Error"
                    DoCmd.Quit
                End If

                'First check if user is authorised to login (Active)
                If Nz(DLookup("Active", "tblSecurity", "UserID = '" & Me.txtUser & "'"), False) Then
                    lngUserID = Nz(DLookup("NameID", "tblSecurity", "UserID = '" & Me.txtUser & "'"), -1)

                    'Second, verify that the stored passwords in the DB have not been tampered with
                    If VerifyUsersPassword(Me!txtUser) Then

  '----------------CHECK THE FLAG HERE-----------------------------------------------------------------                
                  'Check to see if the new flag is set
                       if DLookup("PWChange", "tblSecurity", "UserID = " & lngUserID) then
                               'Open the password reset form and validate new entry.
                                If valid entry then
                                     UPDATE tblSecurity SET PWChange = FALSE WHERE tblSecurity.UserID =" & _
                                      lngUserID
                                end if
                         end if
                         Go to exit
'--------------------END OF CHECK FLAG--------------------------------------------------------------------

                        'Check password entered is same as what is in DB
                        If Me.txtPassword = rs!Password Then

                            MsgBox "Password match - encryption routine executed!", vbInformation
                            MsgBox "Password match - encryption not yet set up!", vbInformation

                            rs.Edit
                            ' Password Field set here
                            rs!Password = PerformEncryption(Me.txtPassword)
                            rs.Update




0
 
billcuteAuthor Commented:
Jeff / rockiroads,
Here is an up to date working sample. I t has evrything needed to test.
Jeff I have just tested your last suggestion, the result was not different from rockiroad's test code

In order tp ptovide visualization, I am now including a full functioning sample - this will help resolve the problem

Direct link to my file on EE upload:
http://www.ee-stuff.com/Expert/Upload/getFile.php?fid=164 

TESTNG for validated users:
Log in as:                      developer, admin, Bill, Enny, or Sam
Password is the same:   (Abc123)   ' <<<<<--- Please include the bracket


Testing for new user:
Log in as:                     JohnsonB
                                    Frank
Password the same:        wizard

Regards
Bill
0
 
rockiroadsCommented:
1st thing, why u doing a lookup?

                'Check active flag
                If rs!Active = False Then
                    MsgBox "Your User account has been suspended. " & vbCrLf & "Please contact your System Administrator  " & vbCrLf & "to have your account reset.", vbExclamation, " Log On Error"
                    DoCmd.Quit
                End If

                'First check if user is authorised to login (Active)
                If Nz(DLookup("Active", "tblSecurity", "UserID = '" & Me.txtUser & "'"), False) Then


Look at code above, its already been done

the variable "rs" is a recordset that is setup by the call to SetupGlobals. It points to tblSecurity
0
 
rockiroadsCommented:
As I see it, u can do this in your cmdok code

                MsgBox "DIAGNOSTIC" & vbCrLf & "Password in DB is " & rs!Password
               
                'Check active flag
                If rs!Active = False Then
                    MsgBox "Your User account has been suspended. " & vbCrLf & "Please contact your System Administrator  " & vbCrLf & "to have your account reset.", vbExclamation, " Log On Error"
                    DoCmd.Quit
                End If

                'User is active, lets check password change requirement
                If rs!PWChange = True Then
                    'force user to change password - open the form
                    'WHAT IS THE FORM CALLED? DOES IT TAKE ANY PARAMETERS ? SPECIFY HERE
                    DoCmd.OpenForm "frmModifyPassword", acNormal, "UserID = '" & g_sUserID & "'", , , acDialog
                End If


Why do u have VerifyPassword in logon? not sure if thats applicable here, but I guess I dont know what your trying to acheive
If your logon form was working and u all need is to check for password change then all I can see with regards to what u want is check PWChange from the recordset "rs"
0
 
jefftwilleyCommented:
Hi Bill and Rock,
I don't feel as if I'm contributing much to this solution. I am trying to grasp the concept and I've tried to post the logical flow of events but not much verification. Seems you've worked on this before Rock, so I'm going to leave this one for you.

In the sample database you posted, there's no code behind the "Update" button on the frmUpdatePasswprd form. Logically, when the new password is accepted, this is where the reset flag would go.

Good luck Bill, sorry I couldn't have been of more help. Enjoy the weekend.
Later Rock
J
0
 
rockiroadsCommented:
Hi Jeff, yes I did, but it would be good if u still stayed and contributed, all part of the learning process

I did not plan on hijacking this post, I saw you contributing and left it for you. I got a link to this question from Bill and its a continuation from a previous question hence my input.

If u can understand what Ive done (have a look at the cmdOK code) then u will realise what needs to be done.
Im happy for you to sort this out for Bill, as it will help u in you road to being a established expert - thats if, Bill doesnt mind.

Hopefully Bill has understood what Ive illustrated.

0
 
billcuteAuthor Commented:
jefftwilley,
As rockiroads pointed out earlier, he has been helping on my Login Form for a while now but I also appreciated your contribution here as well.

As for the missing update code in frmUpdatePassword, you can use frmmodifyPassword update code for your illustration for resetting flag....the two forms are essentially the same in configuration.

If you could still provide this information using the update code in frmmodifypassword form it would be graet.

Regards
Bill
0
 
billcuteAuthor Commented:
rockiroads,
VerifyPassword in logon is a function for checking whether or not the password entered by user is the same in the two tables and the module...

Regards
Bill
0
 
billcuteAuthor Commented:
rockiroads,
I tried your latest suggestion.

First I manually set the flag for user Bill in tblSecurity by checking the tblSecurity.PWChange = True then

(2). I then logged in with user Bill. From here frmModifyPassword was launched but the user profile loaded is that of
      "User.Developer" and when I clicked cancel then clicked "No" from the dialog box not to cancel, I found that user
        was passed straight  to frmMainMenu - this should not happen.

Whereas if User access the same frmModifyPassword via UserDeatils ---> frmEditUser then click frmModifyPassword to open it the user profile is correctly loaded on the form.

I am feeling that the placement of your code that prevents the loading of the appropriate profile could be the problem - dont really know just a guess.

How do I resolve this ? (You may experiment the problem above with the sample db I posted earlier.

Regards
Bill
0
 
billcuteAuthor Commented:
Jeff,
I tried your last suggested code dated 06/03/2006 09:02AM EDT - the code were all highlighted in red. So I fixed up a little as shown below. Upon inserting it in the appropriate location in my code as suggested, I received a:
 "Run-time error ' 3464'

Data type mismatch in criteria expression.

on...

If DLookup("PWChange", "tblSecurity", "UserID = " & lngUserID) Then                  ' <<----- Error line

from your code below:

   '----------------CHECK THE FLAG HERE-----------------------------------------------------------------
                  'Check to see if the new flag is set
                       If DLookup("PWChange", "tblSecurity", "UserID = " & lngUserID) Then
                               'Open the password reset form and validate new entry. If valid entry then
                                CurrentDb.Execute "UPDATE tblSecurity SET PWChange = FALSE WHERE tblSecurity.UserID =" & lngUserID
                                End If
       '                  End If
                         GoTo Exit_cmdOk_Click
'--------------------END OF CHECK FLAG--------------------------------------------------------------------

Is there anything I did wrong?

Regards
Bill
                   
0
 
jefftwilleyCommented:
Bill,
Try making the lookup a variable. Make sure the lookup names and variables are correct.
ALSO - I only commented below where you open the form so you'd have to paste in that code..see ** below
IF you do this, you want to pass a true/false back from the form if success/failure to decide if you reset the flag. Something like I commented below: Also, somewhere in the comments above, ***I  suggested you put the Update command to reset the flag on the actual form because that's the only place you'll ever reset the flag as I understand it, if you put the update there, you won't need the condition below.

   '----------------CHECK THE FLAG HERE-----------------------------------------------------------------
                  'Check to see if the new flag is set
                       Dim blFlag as boolean
                       blFlag = DLookup("PWChange", "tblSecurity", "UserID = " & lngUserID) <--names are right?
                       If blFlag Then  
**                          'Open the password reset form and validate new entry.
                        End If
                         GoTo Exit_cmdOk_Click
'--------------------END OF CHECK FLAG--------------------------------------------------------------------
AND
'--------------------Move to the end of the Reset Form after successful reset-----------------

 If passwordreset = true Then   '<-------the password was successfully changed.
'  Check to make sure the lngUserID variable is the right name first. Replac with correct variable
 CurrentDb.Execute "UPDATE tblSecurity SET PWChange = FALSE WHERE tblSecurity.UserID =" & lngUserID
 End If
'-------------------End of reset flag---------------------------------------------------------------------------
J
0
 
billcuteAuthor Commented:
Jeff,
I also got:
 "Run-time error ' 3464'
Data type mismatch in criteria expression

...on
blFlag = DLookup("PWChange", "tblSecurity", "UserID = " & lngUserID)

This error surfaced after I tried login in.

Regards
Bill
0
 
jefftwilleyCommented:
Hi bill,

IT looks like the variable lngUserID which is long? is trying to match up with the UserID field which is Text.

Try using Me.txtUser instead of lngUserID. That will lookup the value of the yes/no where Bill = Bill.
J
0
 
billcuteAuthor Commented:
Jeff,
I tried your latest suggestion. During Login, I received "Run-time error '2001': You cancelled the previous operation

...on

blFlag = DLookup("PWChange", "tblSecurity", "UserID = " & Me.txtUser)   ' <<<--- Error line

You may want to try it also with my sample db.

Regards
Bill
0
 
jefftwilleyCommented:
Try this

blFlag = DLookup("PWChange", "tblSecurity", "UserID = " & Me.txtUser.Value)
J
0
 
billcuteAuthor Commented:
Jeff / rockiroards,

I also tried Jeff last suggestion that there was a problem with it as previously noted.

The question below is directed to both Jeff and rockiroads...
I think my proposal below might work.
(a). When new user is added and password is set to the default "WIZARD", the
       tblSecurity.PWChange field will be SET to "TRUE".

(b). If current user's password is rest to "randomized" password for instance, the
       tblSecurity.PWChange field will be SET to "TRUE" as well.

Now please check out my UserEntryGate Sub I pasted on 06/03/2006 12:30AM EDT. I now want to modify just the first paragraph of theat Sub as follows. If you could tweak to function - I think it might resolve the problem.
' **************

PWChange field and “WIZARD” / Password Reset Proposition:

..Here is the code...using my own explanation to define it..

If  User types in “WIZARD” and / or If the tblSecurity. PWChange check box is “True”, Or If randomized password is "UPDATED" INTO the tables and tblSecurity.PWChange is set to True, then

If pwDateValidation Then  
     MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
          "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
       
      '      MsgBox "Here I call frmUpdatePassword"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
        Else
            'WHAT DO YOU WANT TO HAPPEN WHEN USER ENTERS wizard or
               Reset Password
             ‘ and / or tblSecurity.PWChange = “False”
             ‘ …..   AND IT FAILS pwDateValidation ???

            Call CheckLogAttempts1
        End If

'If valid password entered then show splash screen
    ElseIf ValidatePassword(Me.txtPassword) Then
       
        If pwDateValidation Then      
       ‘ …………………….
       ‘ …………………….

If you could assist in RECONSTRUCTING the first paragraph of this code, it's likely to work as planned.

Regards
Bill
0
 
jefftwilleyCommented:
If  User types in “WIZARD” and / or If the tblSecurity. PWChange check box is “True”, Or If randomized password is "UPDATED" INTO the tables and tblSecurity.PWChange is set to True, then


blFlag = DLookup("PWChange", "tblSecurity", "UserID = '" & Me.txtUser.Value & "')"

If (LCase$(txtPassword.Value) = "wizard" AND blFlag = TRUE) OR (pwDateValidation  = TRUE AND blFlag = TRUE) then


J

0
 
jefftwilleyCommented:
How would I know if a randomized password has been inserted successfully? Answer that question and put it in place of the pwDateValidation function above and you're there I guess.
J
0
 
billcuteAuthor Commented:
I have a code recently provided by  rockiroads in another post...see below:

    Dim sPassword As String
    Dim sEncrypted As String
    Dim sSql As String

  'This grabs a random 8 character string and replaces the old password with it
        sPassword = fRandomPword(8, True)

          'Next we encrypt password
        sEncrypted = PerformEncryption(sPassword, True)
   
    'Now we update the tables, store encrypted password
   
    'NOTE tblSecurity PWChange, is this set to TRUE for forcing password change
   
    'Update tblSecurity - note we use Me.txtUser - assuiming this is what the field is called
        DoCmd.SetWarnings False
        sSql = "UPDATE tblSecurity SET Password = '" & sEncrypted & "', PWChange=True WHERE UserID = '" & Me.txtUser & "'"
        DoCmd.RunSQL sSql
       
       msgbox "Your password has been reset to: " & [sPassword] & " please be sure to use this next time you log on, and do not forget to change it immediately"
    'How does tblPasswords_Old work, do we just insert a value?
        Updateusertable Me.txtUser, sPassword   'note we pass in unencrypted pswd as that func does it
        DoCmd.SetWarnings True

The code above is self explantory

Regards,
Bill
0
 
jefftwilleyCommented:
In the code above on the event statement, do the following.

function WHATEVERITSNAMEIS() as boolean

'insert the default for this boolean
WHATEVERITSNAMEIS = true
on error goto Failed

    Dim sPassword As String
    Dim sEncrypted As String
    Dim sSql As String

  'This grabs a random 8 character string and replaces the old password with it
        sPassword = fRandomPword(8, True)

          'Next we encrypt password
        sEncrypted = PerformEncryption(sPassword, True)
   
    'Now we update the tables, store encrypted password
   
    'NOTE tblSecurity PWChange, is this set to TRUE for forcing password change
   
    'Update tblSecurity - note we use Me.txtUser - assuiming this is what the field is called
        DoCmd.SetWarnings False
        sSql = "UPDATE tblSecurity SET Password = '" & sEncrypted & "', PWChange=True WHERE UserID = '" & Me.txtUser & "'"
        DoCmd.RunSQL sSql
       
       msgbox "Your password has been reset to: " & [sPassword] & " please be sure to use this next time you log on, and do not forget to change it immediately"
    'How does tblPasswords_Old work, do we just insert a value?
        Updateusertable Me.txtUser, sPassword   'note we pass in unencrypted pswd as that func does it
        DoCmd.SetWarnings True
        exit function
Failed:
WHATEVERITSNAMEIS = false
exit function
---------------------------------------------------------------------------------------------------------------------------------

Back to the IF statement

If (LCase$(txtPassword.Value) = "wizard" AND blFlag = TRUE) OR (WHATEVERITSNAMEIS  = TRUE AND blFlag = TRUE) then

That should be it.
J
0
 
billcuteAuthor Commented:
Jeff,
Ok..I pasted the suggested function then amend the UserEntryGate as follows and received the errors indicated below with arrows - any clue why the errors?:

Private Sub UserEntryGate()
    Dim stDocName As String, stLinkCriteria As String
    Dim sHost As String
    Dim sIP As String
   
    On Error Resume Next
      Dim blFlag As Boolean
'    blFlag = DLookup("PWChange", "tblSecurity", "UserID = " & Me.txtUser.Value)
   blFlag = DLookup("PWChange", "tblSecurity", "UserID = '" & Me.txtUser.Value & "')   ' <<---- I received  compile error here: Expected list separator

If (LCase$(txtPassword.Value) = "wizard" And blFlag = True) Or (WHATEVERITSNAMEIS = True And blFlag = True) Then '

    'If user types in Wizard, then assume first time user enters (check value in lowercase)
    'If LCase$(txtPassword.Value) = "wizard" Then
       
       If pwDateValidation Then              
           MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
       
            MsgBox "Here I call frmUpdatePassword"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
           
        Else
            'WHAT DO YOU WANT TO HAPPEN WHEN USER ENTERS wizard AND IT FAILS pwDateValidation ???
            Call CheckLogAttempts1
        End If
       
    'If valid password entered then show splash screen
    ElseIf ValidatePassword(Me.txtPassword) Then        ' <<<<-------------Compile Error: "Else without If"
       
        If pwDateValidation Then    
     ' .......................................

Regards
Bill
0
 
jefftwilleyCommented:
Private Sub UserEntryGate()
    Dim rs as New ADODB.Recordset
    Dim stDocName As String, stLinkCriteria As String
    Dim sHost As String
    Dim sIP As String
   
   
    On Error Resume Next
 rs.Open "SELECT * FROM tblSecurity WHERE UserID = '" & Me.TxtUser.Value & "';", CurrentProject._ Connection
If rs.EOF = True Then
        MSgbox"User Cannot Be Found in the Security Table"
exit Sub
    End If
Flag = rs.Fields("PWChange").Value
rs.Close
set rs = nothing


If (LCase$(txtPassword.Value) = "wizard" And blFlag = True) Or (WHATEVERITSNAMEIS = True And Flag= True) Then '

    'If user types in Wizard, then assume first time user enters (check value in lowercase)
    'If LCase$(txtPassword.Value) = "wizard" Then
       
       If pwDateValidation Then              
           MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
       
            MsgBox "Here I call frmUpdatePassword"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
           
        Else
            'WHAT DO YOU WANT TO HAPPEN WHEN USER ENTERS wizard AND IT FAILS pwDateValidation ???
            Call CheckLogAttempts1
        End If
       
    'If valid password entered then show splash screen
    ElseIf ValidatePassword(Me.txtPassword) Then        ' <<<<-------------Compile Error: "Else without If"
(((((I need to see the rest of this  you need an end if somewhere down here)))))))
       
        If pwDateValidation Then    
     ' .......................................
0
 
billcuteAuthor Commented:
Jeff,
Okay..here are the rest...
' .............................................
' .............................................
 ElseIf ValidatePassword(Me.txtPassword) Then
       
        If pwDateValidation Then       '<<<---- This is for 60 days password expiration
            InitialiseGlobals
'            Call fLogUser(1)

'OKAY - EVERYTHING A-OK, IF WE WANT DETAILS OF IP ADDRESS, TRY THIS

            stDocName = "frmMainMenu1"
            DoCmd.OpenForm stDocName, , , stLinkCriteria
           
            DoCmd.Close acForm, "frmUserLogon"
            DoCmd.Close acForm, "frmUpdatePassword"

            End If
    End If
End Sub
' **********
0
 
billcuteAuthor Commented:
Note:
My cmdOk can be found above  if you need to check that out......also note that UserEntryGate is a continuation of
cmdOk.

Regards
Bill
0
 
billcuteAuthor Commented:
From your pasted code above....
(1). You forgot to define 'bFlag' with your code..

(2). Flag = rs.Fields("PWChange").Value                 ' <<<--- Is the "Flag" a typo? Do you mean "bFlag"

(3). The code below appeared twice

If (LCase$(txtPassword.Value) = "wizard" And blFlag = True) Or (WHATEVERITSNAMEIS = True And Flag= True) Then '

    'If user types in Wizard, then assume first time user enters (check value in lowercase)
    'If LCase$(txtPassword.Value) = "wizard" Then              ' <<<--------------------------------- Repeated
       
       If pwDateValidation Then              
0
 
jefftwilleyCommented:
flag is correct, change blFlag to flag.  You might need to change Flag = true to Flag = "True" in both places below

If (LCase$(txtPassword.Value) = "wizard" And Flag = True) Or (WHATEVERITSNAMEIS = True And Flag= True) Then '

    'If user types in Wizard, then assume first time user enters (check value in lowercase)
    'If LCase$(txtPassword.Value) = "wizard" Then              ' <<<-------Repeated, yes, but it's commented out!
J

Did you fix the end if problem?
J


0
 
billcuteAuthor Commented:
Jeff,
We made some improvement but we still have some work to do before it would be right. There are no compile errors and it works....but  Fucntion WHATEVERITSNAMEIS  does not belong at the UserEntryGate Sub at all.

1. Fucntion WHATEVERITSNAMEIS was specifically designed by rockiroads to send a random e-mail to users
    when a send e-mail button is clicked - it will also update all the appropriate tables and then SET PWCHANGE
     to "True" after the table updates.

Here is what should happen in UserEntryGate.

(1). If user's input is "Wizard" and flag is "True" then msgbox "This is is the first time ........
      hence launch frmUpdatePassword.

(2). If any password in tblSecurity and flag = "True" then msgbox "This is is the first time ........
      hence launch frmUpdatePassword.

(3). If user's input is "Wizard" and flag is "False" then msgbox ""Your flag is set to "False"
      ...and your Login priviledge is denied.....and please contact or administrator to have your flag  reset...then
        Do.cmd.Quit  ' Quit the Application)

(4). If any password in tblSecurity and flag = "False" then  ' <<-- Allow normal login.
' ***********
I have remodified your suggested code based on the logic above but I dont thing I had it right....

If (LCase$(txtPassword.Value) = "wizard" And Flag = "True") Or _
    (txtPassword.Value And Flag = "True") Then

    If pwDateValidation Then
           MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
    Else
        Call CheckLogAttempts1
        End If
        End If
             
    'If valid password entered then show splash screen
    ElseIf ValidatePassword(Me.txtPassword) Then
        If pwDateValidation Then      
      ' ......................................
      ' .....................................
' **********
Item #1 and 2 works the way it's designed

..but item 3, and 4 does not work rights - it keeps login in as new user with the msgbox... "This is is the first time ........ then frmUpdatePassword. also launches...

...NOTE: 'These are not required for items 3 and 4.

Any further help will be appreciated

Regards
Bill
0
 
jefftwilleyCommented:
Here is a revised set of IFs that deal with your scenarios. You know where to plug them in?


'(1&2). If any password in tblSecurity and flag = "True" then msgbox "This is is the first time ........
'      hence launch frmUpdatePassword.
        If Flag = "True" And pwDateValidation = True Then
            MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly, vbExclamation, "Change Password"
       
            MsgBox "Here I call frmUpdatePassword"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
            Exit Sub
'(4). If any password in tblSecurity and flag = "False" then Allow normal login.
        ElseIf Flag = "False" And LCase$(txtPassword.Value) <> "wizard" And pwDateValidation Then
            GoTo NormalLogin
        Else
'(3). If user's input is "Wizard" and flag is "False"
            MsgBox "Your Login priviledge is denied.....and please contact or administrator."
            DoCmd.SaveQuit  ' Quit the Application
        End If
0
 
billcuteAuthor Commented:
Jeff,
I think I will still need your help in plugging your latest suggested code. Here is the full code again.
' *************
Private Sub UserEntryGate()
    Dim rs As New ADODB.Recordset
    Dim stDocName As String, stLinkCriteria As String
    Dim sHost As String
    Dim sIP As String
    Dim Flag As Boolean
 
    On Error Resume Next
 rs.Open "SELECT * FROM tblSecurity WHERE UserID = '" & Me.txtUser.Value & "';", CurrentProject.Connection
If rs.EOF = "True" Then
        MsgBox "User Cannot Be Found in the Security Table"
Exit Sub
    End If
Flag = rs.Fields("PWChange").Value
rs.Close
Set rs = Nothing

If (LCase$(txtPassword.Value) = "wizard" And Flag = "True") Or (txtPassword.Value And Flag = "True") Then

    If pwDateValidation Then
           MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                    "You must change your password before you can enter the database.", _
                            vbOKOnly + vbExclamation, "Change Password"
            DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
    Else
        Call CheckLogAttempts1
        End If
        End If
             
    'If valid password entered then show splash screen
    ElseIf ValidatePassword(Me.txtPassword) Then
        If pwDateValidation Then      
               
'OKAY - EVERYTHING A-OK, IF WE WANT DETAILS OF IP ADDRESS, TRY THIS
           
            stDocName = "frmMainMenu1"
            DoCmd.OpenForm stDocName, , , stLinkCriteria
           
            DoCmd.Close acForm, "frmUserLogon"
            DoCmd.Close acForm, "frmUpdatePassword"

        'Do we need to call this if they modify their password?
        'Else                     ' <<<--- Remove
         '   CheckLogAttempts2    ' <<<--- Remove
        End If
    End If
End Sub
0
 
billcuteAuthor Commented:
Jeff,
If the above can be appropriately placed - it should finally resolve the question on this post. Thank you for your assistance.

Regards
Bill
0
 
jefftwilleyCommented:
Bill,
the code you pasted above is incomplete......

Answer this for me....

When do you use the CheckLogAttempts function?

Given the 4 scenarios that we just worked on, you have 3 outcomes.....

1) New Password form opens
2) Normal Login happens
3) The database quits.

Tell me where that function happens.   Also, the database that I downloaded....it's not the latest. Can you repost what you have to the same spot and let me download it again so I can actually step through the code ans see what and when the CheckLogAttempts happens.

J
0
 
billcuteAuthor Commented:
Jeff,
I didnt see anything missing, I just downloaded it. Try it again.
NOTE:
Please take note that in my initial Login Form User entryGate only has the line below...this has NOW changed

If LCase$(txtPassword.Value) = "wizard" Then
       
        If pwDateValidation Then    
       msgbox......"
       Open frmUpdatePassword
Else
       CheckLogAttempts1  ' <<<-- This Sub records login failed attempts and shut down DB after 3 failed attempts.
                                     ' So Docmd.Quit happens in the CheckLogAttempts1 Sub...this anwers your #3 question
......................................................................
...this has now changed to an If Statements   '<<---  The new User and old users now have to use the If's ..now...

(1). a. When new user types in wizard and PWChange field is "True" then
       
          Docmd.OpenForm frmUpdatePassword.    ' <,,--- Force user to change Password.

      b. If new user and wizard is typed but PWChange is "false"
             ...deny user and send him CheckAttempts1 sub.

 *** IMPORTANT NOTE *****
CheckLogAttempts1 allow user three failed attempts and SHUT DOWB DB after the 3rd failed attempt. ...
Docmd.QUIT is embedded in the CheckLogAttempts1. ************

(2a).   If old aka...validated users login and if the If Statements are processed and PWChange is "True", then

           Docm.OpenForm "frmUpdatePassword"   ' <<<--- To force user change Password.

(2b).  If old users aka. validated login with the "If Statement"and PWChange is "False" then
          Docmd.openForm "frmMainMenu1             ' <<<--- This is normal Login
   
 ' **** Also note:****
        If wrong password...... apply CheckLogAttempts here

I think the UserEntryGate Sub has to be re-arranged to function with the new "Ifs Statements"

I hope this explain things better.
       
Regards
Bill
0
 
billcuteAuthor Commented:
Jeff,
You were right...the CheckLogAttempts1 Sub is expected to be placed on frmUserLogon, for some reason..it was missing...here is the Sub now.
' ***********
Private Sub CheckLogAttempts1()
On Error GoTo Err_CheckLogAttempts1
    fFailedAttempt
    If LogAttempts >= 2 Then   ' Set up number of tries
       'Display Message Box
    MsgBox "Violation of Login Rules Detected", , "This Database will be shut down"
            DoCmd.Quit 'quit application and close Access
       
        Else
    If Me.txtUser <> "Developer" And Me.txtUser <> "Admin" Then
            LogAttempts = LogAttempts + 1
           
        End If
    End If
Exit_CheckLogAttempts1:
    Exit Sub
Err_CheckLogAttempts1:
Select Case Err
Case Else
        MsgBox Err.Description, vbCritical + vbOKOnly, "Error"
    End Select
'Resume Exit_CheckLogAttempts1
End Sub
0
 
jefftwilleyCommented:
Here's the finished EntryGate. While testing I found that your Change Password screen does some pretty funky stuff. I tried entering a new password as a new user, and it never would let me. I looked at the code and there are some issues. Are you dealing with this already?
J

Private Sub UserEntryGate()
' Amended and redefined by 'rockiroads on 04/03/2006 09:12AM EDT to synchronize
'  with the new cmdOk Setup Globals and removed references to frmSplashScreen entirely
    Dim rs As New ADODB.Recordset
    Dim stDocName As String, stLinkCriteria As String
    Dim Flag As Boolean
    On Error Resume Next
 rs.Open "SELECT * FROM tblSecurity WHERE UserID = '" & Me.txtUser.Value & "';", CurrentProject.Connection
If rs.EOF = "True" Then
        MsgBox "User Cannot Be Found in the Security Table"
    CheckLogAttempts1     '<--if the user types in the wrong thing, then failed login
Exit Sub
    End If
Flag = rs.Fields("PWChange").Value
rs.Close
Set rs = Nothing
'---------------------------Check Flag and Password Code---------------------------------------
'(1&2). If any password in tblSecurity and flag = "True" then msgbox "This is is the first time ........
'      hence launch frmUpdatePassword.
        If Flag = "True" Then
            If pwDateValidation = True Then
                MsgBox "This is the first time using the database or your password has been reset." & Chr(13) & _
                "You must change your password before you can enter the database.", _
                vbOKOnly, vbExclamation, "Change Password"
                MsgBox "Here I call frmUpdatePassword"
                DoCmd.OpenForm "frmUpdatePassword", , , "UserID = '" & g_sUserID & "'", , acDialog
            End If
            Exit Sub
'(4). If any password in tblSecurity and flag = "False" then Allow normal login.
        ElseIf Flag = "False" And LCase$(txtPassword.Value) <> "wizard" Then
            If pwDateValidation Then
              stDocName = "frmMainMenu1"
              DoCmd.OpenForm stDocName, , , stLinkCriteria
            ' This might be an IF statement to see if either is open before closing
              DoCmd.Close acForm, "frmUserLogon"
              DoCmd.Close acForm, "frmUpdatePassword"
            End If
        Else
'(3). If user's input is "Wizard" and flag is "False"
            MsgBox "Your Login priviledge is denied.....and please contact or administrator."
            'DoCmd.Quit  ' Quit the Application
        End If
        End Sub
0
 
billcuteAuthor Commented:
Jeff,
This was a very good job. It works so far without a hitch.

As for the ChangePassword form, what are the problems you are experiencing ? If you could let me know the problem, I'll review it and possibly post a new thread for the problem.

Meanwhile, I have a new post to address the DLookUp issue of my Login Form at the link below - I will appreciate any help with it. The code does not need to be tweaked at all - it just need to be appropritately placed in the right spot in an On Click Event Handler.

http://www.experts-exchange.com/Databases/MS_Access/Q_21877190.html

I want to take this opportunity to thank "rockiroad" for his contribution and encouragement as well.

I will be awarding "Jeff" full points.

Regards
Bill
0
 
billcuteAuthor Commented:
Jeff,
My ChangePassword form works okay but I will like to share your experience in case of an oversight on my part/ I will also appreciate it if you could check out my new thread  - it's realted to the post we just concluded.

Regards
Bill
0
 
jefftwilleyCommented:
Hi bill, thanks for the compliments. Always happy to help.
I'll take a look at it tonight if I get a chance.
J
0
 
billcuteAuthor Commented:
Jeff,
Okay, thanks

Regards
Bill
0
 
billcuteAuthor Commented:
Jeff,
I have simple planned posts to list that are related to my new post with the link above. Each question will be a two minute question.

I will appreciate your help with the above link so that I can post followups which are related to cmdClose, cmdOpen codes etc that are in line with the topic we had already discussed on this very post.

Any help will be appreciated.

Regards
Bill
0
 
billcuteAuthor Commented:
Jeff,
Please disregard my earliest request for a help on a related post with the link above..this is because I was able to tweak the code successfully and the required post has now been deleted.

Thanks once again for the UserEntryGate code amendment - it works flawlessly and to my utmost satisfaction. I will like to inform you of my future posts and such will appreciate it if you could drop me a note by clicking on my userid here.

Regards
Bill
0
 
jefftwilleyCommented:
I'd be happy to help anytime you need it.
J
0
 
billcuteAuthor Commented:
Jeff,
Since you are now very familiar with my sample form, I am contemplating several follow up light  questions to post very soon...if you could update your profile with an e-mail address I will contact you there to inform you of my new posts - you may also drop me a line by clicking on my userID.  I will not be able to contact you on this post any longer once it's PAQ.

Regards
Bill
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 29
  • 22
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now