Building a Server Application for an Internet Cafe

Now that we know what the database and its table looks like, let's take a look at user authentication. This application is the gateway to the server. If you are successfully authenticated, you will be redirected to the server application; otherwise you will be asked to re-enter your details.

It is also important to realize that this part of the server application was not created for security purposes; instead it was implemented for employee management, so to speak. So if you want to add security code to this application, please do; the application itself is general enough for you to do so. Below is a screen shot of what the login application looks like when you start up the server application:

And here is the message that appears if your login name or password is incorrect:

The login application has only one form, the one in the image above, and it is the only UI that you will see for as long as you are not authenticated. It is also the only form that has database components in the entire setup. So, to build it is very easy -- simply add a TADOQuery, a data source component, two buttons and two edits to the form and resize it so that it resembles the one in the image above. Below is the code outline for the entire application:

Listing 1: Login

unit Logon;

interface

uses

Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,

Dialogs, DB, ADODB, StdCtrls, Buttons, ExtCtrls;

type

TForm3 = class(TForm)

uname: TEdit;

upass: TEdit;

StaticText1: TStaticText;

StaticText2: TStaticText;

logon: TBitBtn;

q: TADOQuery;

ds: TDataSource;

BitBtn1: TBitBtn;

procedure logonClick(Sender: TObject);

procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean);

procedure BitBtn1Click(Sender: TObject);

private

{ Private declarations }

public

{ Public declarations }

isLogon:boolean;

end;

var

Form3: TForm3;

implementation

uses server;

{$R *.dfm}

{Provider=Microsoft.Jet.OLEDB.4.0;Data Source=D:InterTimeriCafe.mdb;Persist Security Info=False}

procedure TForm3.logonClick(Sender: TObject);

var

aname:string;

i:integer;

begin

if (uname.text = '') OR (upass.Text='') then begin

MessageDlg('Please make sure that you fill in both the Username and Password fields.', mtInformation,

[mbOk], 0);

exit;

end;

q.close;

q.SQL.Text:='SELECT * from users WHERE username=:uname AND password=:upass';

q.Parameters.ParamByName('uname').Value:=uname.Text;

q.Parameters.ParamByName('upass').Value:=upass.Text;

q.Open;

if q.RecordCount > 0 then begin

//set name to uppercase

{

for i := 1 to Length(q.fieldbyname('username').Text) do

if i mod 1 = 0 then q.fieldbyname('username').Text[i] := UpCase(q.fieldbyname('username').Text[i]);

aname:= q.fieldbyname('username').Text;

}

//****end

form1.caption:='iCafeStation 1.0 - Current user: '+q.fieldbyname('username').Text;

form1.level:=q.fieldbyname('Alevel').Text;

form1.uid:=q.fieldbyname('iud').AsInteger;

if form1.level = 'Normal' then begin

form1.Settings1.Enabled:=false;

form1.newOp.Enabled:=false;

end;

form3.Visible:=false;

form1.show;

uname.Clear;

upass.Clear;

isLogon:=true;

end

else

begin

if q.recordcount < 1 then begin

MessageDlg('Your Username or password is not found, please try again.', mtInformation,

[mbOk], 0);

uname.Clear;

upass.Clear;

end;

end;

end;

procedure TForm3.FormCloseQuery(Sender: TObject; var CanClose: Boolean);

begin

uname.Clear;

upass.Clear;

form3.Visible:=false;

end;

procedure TForm3.BitBtn1Click(Sender: TObject);

begin

close;

end;

end.