Building a Server Application for an Internet Cafe - Code explanation continued
(Page 4 of 4 )
Now we need to update form1 and its variables. Form1 is the main server interface where we will allocate sessions for clients. The first update we make is to display the name of the just-logged-in staff member in the form's caption:
form1.caption:='iCafeStation 1.0 - Current user: '+q.fieldbyname('username').Text;
Then we set the access level of the staff member, which will either be admin or normal and we also set the userid:
form1.level:=q.fieldbyname('Alevel').Text;
form1.uid:=q.fieldbyname('iud').AsInteger;
Now, staff with an access level of "normal" will not have access to certain parts of the application, such as the application settings and the ability to add new staff members. These privileges are reserved for staff members with "admin" status. This is where those restrictions are set:
if form1.level = 'Normal' then begin
form1.Settings1.Enabled:=false;
form1.newOp.Enabled:=false;
end;
Then the logon screen is made invisible. We cannot close down the logon screen because if we do, then the entire server application will be terminated and that's not what we want to do at this stage:
form3.Visible:=false;
We then show the main server screen available, by showing form1:
form1.show;
and then clear the entries in the logon screen:
uname.Clear;
upass.Clear;
isLogon:=true;
end
The next part of the authentication process deals with what happens when the staff member enters incorrect logon credentials. First we check to see if the recordcount is less than one:
else
begin
if q.recordcount < 1 then begin
If the recordcount is indeed less than one, then it means that the staff member details could not be found in the database, so the user is informed of this:
MessageDlg('Your Username or password is not found, please try again.', mtInformation,
[mbOk], 0);
Then the username and password fields are cleared:
uname.Clear;
upass.Clear;
end;
end;
end;
Conclusion
That's it for the authentication application. I would like to emphasis that it is not written with security in mind, but rather for staff management. In the next article we will discuss the main server interface and also the user management module.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
