Accessing records based upon username login

A place for users and developers of the Xataface to discuss and receive support.

Re: Accessing records based upon username login

Postby sworden » Thu Mar 15, 2012 11:57 am

Thanks so much! Between your help and this link: http://xataface.com/forum/viewtopic.php?t=4062#20406 I got it to work.
sworden
 
Posts: 44
Joined: Thu Feb 16, 2012 9:05 am

Re: Accessing records based upon username login

Postby sworden » Thu Mar 15, 2012 2:52 pm

Everything was working great. I had logged in as both my admin account and a read-only account and everything was loading the way it was supposed to. Then I left the browser window open while I did some unrelated stuff to our main webpage (.css updates). Before I left for the day I went to look through the tables one last time and got the blank screen again on every table that I tried. I checked the error log and got this:

[15-Mar-2012 14:32:43] PHP Warning: ini_set() has been disabled for security reasons in /home/povpc11/public_html/xataface/config.inc.php on line 36
[15-Mar-2012 14:32:43] PHP Warning: ini_set() has been disabled for security reasons in /home/povpc11/public_html/xataface/config.inc.php on line 216
[15-Mar-2012 14:32:43] PHP Warning: require_once(I18Nv2/I18Nv2.php) [<a href='function.require-once'>function.require-once</a>]: failed to open stream: No such file or directory in /home/povpc11/public_html/xataface/config.inc.php on line 246
[15-Mar-2012 14:32:43] PHP Fatal error: require_once() [<a href='function.require'>function.require</a>]: Failed opening required 'I18Nv2/I18Nv2.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/povpc11/public_html/xataface/config.inc.php on line 246

I hadn't changed anything since getting it to work successfully. What happened?

This is the section where line 36 is (the last line):
//Make sure when reading file data,
//PHP doesn't "magically" mangle backslashes!
//set_magic_quotes_runtime(FALSE);
ini_set('magic_quotes_runtimg', false);

This is the section where line 216 is (again, last line):
if ( $curr_dir_first ){
$include_path = ".".PATH_SEPARATOR.$include_path;
}


ini_set('include_path', $include_path );

Line 246 (second to last line):
//$class = str_replace('/','_', $file);
//$class = substr($class, 0, strpos($class,'.'));
if ( !isset($imports[$file]) ){
$imports[$file] = true;
//error_log("importing ".$file);
require_once $file;
}
sworden
 
Posts: 44
Joined: Thu Feb 16, 2012 9:05 am

Re: Accessing records based upon username login

Postby sworden » Mon Mar 19, 2012 9:51 am

I believe I have defined them correctly. I haven't defined table classes for each table because some of them are essentially just lookup tables for other tables. But for each table that does have data for each particular student, I defined for each .php table (in this example "applicants.php") in the first line:

class tables_applicants {

followed by (this is the same for every table):

function init(&$table){
$auth =& Dataface_AuthenticationTool::getInstance();
$user =& $auth->getLoggedInUser();
if ( !$user ) return Dataface_PermissionsTool::NO_ACCESS();
$role = $user->val('ROLE');
switch ($role){
case 'ADMIN':
return Dataface_PermissionsTool::ALL();
default:
$table->setSecurityFilter(array('APPLICANTS_ID'=>$user->val('APPLICANTS_ID')));
}
}

}

The odd thing is, I set all this up using my admin account. Then I logged off and logged back in using a read-only account and every table was showing only the records it was supposed to for that student. When I came back later (I hadn't logged out) and tried to switch to another table, I got the blank screen and those security warnings I in my previous post.
sworden
 
Posts: 44
Joined: Thu Feb 16, 2012 9:05 am

Previous

Return to Xataface Users

Who is online

Users browsing this forum: Google [Bot] and 23 guests

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved