Android Question SQLite Admin User Login

V

vinzpogi

Member
Hello forums

I only started b4a this last week. I wanted to create a login where when your usertype is admin it will go to the admin interface while when your usertype is user it will go to the user interface. I already know how to create the login but i don't know the code to define if it's admin or user. I've been searching the forums for some time now but couldn't see any solution to my problem. Hope someone can help me here. Thanks
 
Sort by date Sort by votes
V

vinzpogi

Member
Yes my database is stored locally. I actually do have a column with usertype in it. My column is like this:

ID | username | password | usertype
1 admin admin Admin
2 user user User

My problem is that i can't find a code where when i click the submit button, it can define if it is an Admin or a User. If it's an Admin, it will move to the Admin Layout. Same with the User. Here's a sample of the code i saw online
 

Attachments

  • a.PNG
    22.1 KB · Views: 598
Upvote 0
M

Mahares

Expert
Licensed User
Longtime User
B4X: 
if Cursor1.rowcount<> 0 then
     msgbox("success","success")
     cursor1.position =0
     Dim MyUser as string =cursor1.getstring("usertype")
      if MyUser ="Admin" then
         Activity.loadlayout("AdminLayout")
      else
         Activity.loadlayout "UserLayout")
      .
      .
      'continue with the rest of your code
 
Upvote 0

mc73

Well-Known Member
Licensed User
Longtime User
No mean to hijack the thread, but by watching your query, I have to warn you to be more careful and try to handle possible sql injections.
In the query you post, if you place, for example:

username text: ' or not('1'<>'1

password text: ') or '1'='1

, your query will then be:

select * from adminclient where username='' or not('1'<>'1' and password='') or '1'='1'

This will always return the complete list of users, thus getting someone to login without knowing any user name or password.

B4A has the query2 method, which is more safe.
 
Upvote 0
V

vinzpogi

Member
Hello Sir. I tried what you posted and IT DID logged in ! Can you help me revise my code there. I'm just new here sorry and thanks for the tip !
 
Upvote 0

fixit30

Active Member
Licensed User
Longtime User
You should use ExecQuery2

B4X: 
cursor1 = sql1.ExecQuery2("SELECT * FROM adminclient WHERE username = ? AND password = ?", Array as  String(username.Text, password.Text))
 
Upvote 0
You must log in or register to reply here.

Similar Threads

  • Question
Android Question Use Wordpress User details as login
Replies
0
Views
718
james_sgp
K
  • Question
Android Question Http Server User Login Question
Replies
6
Views
1K
Erel
A
  • Question
Android Question Web View Login
Replies
2
Views
3K
alon
A
P
  • Question
Android Question How do i make a login with sql
Replies
2
Views
2K
pascalbianca
P
B
  • Question
Android Question Help! SQLite Login
Replies
2
Views
1K
ivan.tellez
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…