password forms/tables issues

[Rick B]

I guess I would wonder why you are bothering with passwords if the users can
get around them? Couldn't they just open the tables?

Not sure why anyone would be "instructed not to use Access2000's security
features". Sounds like you have spent more time figuring out how to do this
method than it would have taken to just do it right.


Rick B

 

[Rob Oldfield]

Agreed. Can I guess that you, or someone, said "I need to read this
document about security, but we can give you a bit of security without
bothering with it"?

On your actual question... DLookup("Password", "tblPW", "[Department] = 1")
<> Me.OldPass is coming out as true? If that's the case then drop a
breakpoint in and look to see what DLookup("Password", "tblPW",
"[Department] = 1") is evaluating as, and also me.oldpass.

I guess I would wonder why you are bothering with passwords if the users can
get around them? Couldn't they just open the tables?

Not sure why anyone would be "instructed not to use Access2000's security
features". Sounds like you have spent more time figuring out how to do this
method than it would have taken to just do it right.


Rick B

Okay, I relaize that the following is not a secure way to do things, but
I've been instructed not to use Access 2000's security features, but rather
just make forms for users to enter/change paswords. Everyone knows this is
not a secure app, and they're completely fine with that.

So, I maks a password table (tblPW) that has 2 fields:

Department
Password

The form where users enter a password to proceed works fine. However, I
also wanted to make a form for users to CHANGE the password if they felt
like it. I have an update query that changes the password and should

run

if
the original password is correct and if the new password and new password
confirmation (typical deal, you know, with "enter new password" and "re-type
password") match.

The problem is that if ANYTHING or even if nothing is entered in OldPass,
the password is changed. It's as if the code doesn't care whether the old
password matches what is entered as the old password in the form or not. The
following is the code I have behind the "change password" button:

If DLookup("Password", "tblPW", "[Department] = 1") <> Me.OldPass Then
MsgBox "You have not entered the correct ORIGINAL password",
vbOKOnly, "Wrong Original Password"
Me.OldPass = ""
Me.OldPass.SetFocus
Exit Sub
ElseIf Me.PassChange <> Me.PassChange2 Then
MsgBox "New Password and New Password Confirmation do not match!",
vbOKOnly, "Confirmation Error"
Me.PassChange = ""
Me.PassChange2 = ""
Me.PassChange.SetFocus
Exit Sub
Else
DoCmd.SetWarnings False
DoCmd.OpenQuery "qryPChange" 'this runs the update query which
enters the value in the form's PasChange field in that department's password
field
DoCmd.SetWarnings True
MsgBox "Your password has been changed. Be sure to memorize it",
vbOKOnly, "Password Changed"
DoCmd.Close
End If

I've tried changing the OldPass reference in the Dlookup line to
me.OldPass.text and me.oldpass.value, all with the same result. I can
change the password regardless of what I put (or don't put) in the OldPass
field on the form.

Can someone tell me why this is?

Any help is greatly appreciated, and thanks for reading.

 

[rgrantz]

Okay, I relaize that the following is not a secure way to do things, but
I've been instructed not to use Access 2000's security features, but rather
just make forms for users to enter/change paswords. Everyone knows this is
not a secure app, and they're completely fine with that.

So, I maks a password table (tblPW) that has 2 fields:

Department
Password

The form where users enter a password to proceed works fine. However, I
also wanted to make a form for users to CHANGE the password if they felt
like it. I have an update query that changes the password and should run if
the original password is correct and if the new password and new password
confirmation (typical deal, you know, with "enter new password" and "re-type
password") match.

The problem is that if ANYTHING or even if nothing is entered in OldPass,
the password is changed. It's as if the code doesn't care whether the old
password matches what is entered as the old password in the form or not. The
following is the code I have behind the "change password" button:

If DLookup("Password", "tblPW", "[Department] = 1") <> Me.OldPass Then
MsgBox "You have not entered the correct ORIGINAL password",
vbOKOnly, "Wrong Original Password"
Me.OldPass = ""
Me.OldPass.SetFocus
Exit Sub
ElseIf Me.PassChange <> Me.PassChange2 Then
MsgBox "New Password and New Password Confirmation do not match!",
vbOKOnly, "Confirmation Error"
Me.PassChange = ""
Me.PassChange2 = ""
Me.PassChange.SetFocus
Exit Sub
Else
DoCmd.SetWarnings False
DoCmd.OpenQuery "qryPChange" 'this runs the update query which
enters the value in the form's PasChange field in that department's password
field
DoCmd.SetWarnings True
MsgBox "Your password has been changed. Be sure to memorize it",
vbOKOnly, "Password Changed"
DoCmd.Close
End If

I've tried changing the OldPass reference in the Dlookup line to
me.OldPass.text and me.oldpass.value, all with the same result. I can
change the password regardless of what I put (or don't put) in the OldPass
field on the form.

Can someone tell me why this is?

Any help is greatly appreciated, and thanks for reading.