How To Set User Rights From Access - From Scratch

[Ashfaque]

Thanks Isladogs,



Great....I will update RC4 accordingly.

And thanks again for considering my request for stdusers category.

With kind regards,

[Ashfaque]

I updated the code accordingly (just added -1) to first line as per code included here

Code:

 For X = 0 To Len(Expression) - 1        Y = (Y + 1) Mod 256
        Z = (Z + rb(Y)) Mod 256
        temp = rb(Y)
        rb(Y) = rb(Z)
        rb(Z) = temp
        ByteArray(X) = ByteArray(X) Xor (rb((rb(Y) + rb(Z)) Mod 256))
    Next X
    
    RC4 = StrConv(ByteArray, vbUnicode)
    
End Function

Unfortunately, It did not work. In fact it is not recognizing user pwd and msg of wrong pwd attem (first, second and third warning appears and application closes.).

Therefore, I removed again -1 from first line and turned below line into remark.

'ByteArray(X) = ByteArray(X) Xor (rb((rb(Y) + rb(Z)) Mod 256))

Any other ideas?

[isladogs]

Unfortunately, It did not work. In fact it is not recognizing user pwd and msg of wrong pwd pattern (first, second and third warning appears and application closes.).

Sorry I don't understand your point.
The purpose of the password login app is to allow users three chances to enter a correct username / password combination.
If they do so, the app opens, If they fail to do so, the app will close after the third incorrect attempt

Also I'm not planning to make any further changes to the app in the near future. However, you are welcome to make changes for stdUsers category yourself

[Ashfaque]

Also I'm not planning to make any further changes to the app in the near future. However, you are welcome to make changes for stdUsers category yourself

Thats OK for me I will update according to my requirement. But if place -1 in the advised code line, it producing error on :

ByteArray(X) = ByteArray(X) Xor (rb((rb(Y) + rb(Z)) Mod 256))

But If I don't place -1 and set this line as remark ('ByteArray(X) = ByteArray(X) Xor (rb((rb(Y) + rb(Z)) Mod 256)))
It is working fine with me.

Anyway, thanks for the db.

[isladogs]

I'm not a mind reader and I can't see your screen.
So saying you get an error doesn't help at all. Exactly what error occurs?

If you comment out that line, the encryption code is incomplete and won't work properly as the RC4 uses the ByteArray in the encrypted output.
Suggest you copy the entire RC4 code in full from my website in case you made a mistake when altering it

[Ashfaque]

See I have attached the error.

When I placed -1 to the code line as instructed and removed apostrophe from ByteArray(X) = ByteArray(X) Xor (rb((rb(Y) + rb(Z)) Mod 256)) and compiled. No errors found

When I debug the attached error found. My password is correctly entered. In tblUser password field name PWD but in attached strPassword is getting some ascii symbols you may see.



And hence it is not recognizing password.

Hopefully I clarified clearly....

[isladogs]

You have attached a screenshot showing a section of code which you have modified from the original code I supplied
That isn't telling me the error you get

However the problem is indeed on that line
This is the original code

Code:

Private Sub txtOldPWD_AfterUpdate()

On Error GoTo Err_Handler


'Check if existing password matches
    If Me.TxtOldPWD <> strPassword Then
        Attempts = Attempts + 1
        
        Select Case Attempts

   ....

For some reason you have changed it to something like
Attempts = strPassword="encrypted string here"

If strPassword matches that string that resolves to Attempts= True...otherwise to Attempts = False both of which are meaningless here.
As Attempts is actually an integer variable those may resolve to -1 and 0 respectively which is still incorrect.

Change the line back to what it was originally and it will work

[Ashfaque]

I did not changed anything. I used your table tblUsers with some addtional fields but nothing changed in previous field.

See the code snapshot

[Ashfaque]

Another pic.



Expression variable also have the correct password collected

[isladogs]

I'm sorry but continuing to show various screenshots really isn't helping.
You said you got an error but have still never stated exactly which error that is.
To be honest, I'm absolutely lost as to what your issue is as it seems to keep changing with every post you make

The original application that I published works.
Something you've done seems to have stopped it working OR you are using an older version of the utility with bugs I've since fixed.
Go through and carefully check ALL changes you've made
For example, you say you added extra fields to tblUsers. Perhaps that means that cboUser.Column(2) is no longer the encrypted version of the password

One thing I can see from a screenshot is that "RC4_Key" is in quote marks which means its using that string value rather than whatever constant you assigned.
Whilst that works (if used throughout the code), it was an oversight that I fixed in version 5.4 (attached)
The line should read

Code:

strPassword = RC4(Me.CboUser.Column(2), RC4_Key)

Similarly with all other instances of "RC4_Key" in the code

There were something like 8 changes made compared to v5.3. I suggest you start again with v5.4 and try & sort this out yourself one step at a time

If, after doing that, you really can't solve it, upload your version & I'll look at it BUT only if absolutely necessary

[Ashfaque]

Code:

    If dtePwdDate <> 0 Then        'v5.3 17/02/2020 - corrected date code to fix error
        CurrentDb.Execute "INSERT INTO tblUsers ( UserName, Active, PWD, ChangePWD, ExpireDays, AccessLevel, PWDDate)" & _
            " SELECT '" & strUserName & "' AS UserName, True AS Active, '" & SetDefaultPwd() & "' AS PWD," & _
                " " & blnChangePWD & " AS ChangePWD, " & intPasswordExpireDays & " AS ExpireDays," & _
                " " & intAccessLevel & " AS AccessLevel, #" & Format(dtePwdDate, "mm/dd/yyyy") & "# AS PWDDate;", dbSeeChanges


    Else 'omit PWDDate
         CurrentDb.Execute "INSERT INTO tblUsers ( UserName, Active, PWD, ChangePWD, ExpireDays, AccessLevel)" & _
            " SELECT '" & strUserName & "' AS UserName, True AS Active, '" & SetDefaultPwd() & "' AS PWD," & _
                " " & blnChangePWD & " AS ChangePWD, " & intPasswordExpireDays & " AS ExpireDays," & _
                " " & intAccessLevel & " AS AccessLevel;", dbSeeChanges ', dbOpenDynaset, dbSeeChanges

now rest of the actions are ok except the new user is not being saved.

I have already set one additional Primary Key on tblUser called UserID. When adding user, it gives me info that user has been added but in fact it is not added. I tried even adding "dbOpenDynaset, dbSeeChanges at the end of code but still not success.

[Ashfaque]

Code:

There were something like 8 changes made compared to v5.3. I suggest you start again with v5.4 and try & sort this out yourself one step at a time

OK I will try it again from beginning with your newer version and let you know.

[isladogs]

Sorry but I won't be able to do that. You need to remove that cellphone number from your post for your own security.

[Ashfaque]

Hi Isladogs,

Please see my post # 26.

[isladogs]

Thank you for posting code rather than a screenshot this time. It would save me time if you told me which procedure it was. After searching the forms, I believe its from cmdAdd_Click in frmNewUser

I'm not sure why you added a UserID field as a composite PK. The UserName field needs to be unique so why make the change?
It works in the original demo so it suggests your modification is the issue.

I have no problem with you altering my app but the responsibility for making those changes work must be yours...not mine!

If you really want an autonumber UserID as PK, then I suggest UserName is indexed with no duplicates allowed but not a primary key.

You shouldn't need dbOenDynaset or dbSeeChanges unless your tblUsers is in SQLServer