Android Question SQLite Admin User Login

V

vinzpogi

Member
Hello forums

I only started b4a this last week. I wanted to create a login where when your usertype is admin it will go to the admin interface while when your usertype is user it will go to the user interface. I already know how to create the login but i don't know the code to define if it's admin or user. I've been searching the forums for some time now but couldn't see any solution to my problem. Hope someone can help me here. Thanks
 
Sort by date Sort by votes
V

vinzpogi

Member
Yes my database is stored locally. I actually do have a column with usertype in it. My column is like this:

ID | username | password | usertype
1 admin admin Admin
2 user user User

My problem is that i can't find a code where when i click the submit button, it can define if it is an Admin or a User. If it's an Admin, it will move to the Admin Layout. Same with the User. Here's a sample of the code i saw online
 

Attachments

  • a.PNG
    a.PNG
    22.1 KB · Views: 503
Upvote 0
M

Mahares

Expert
Licensed User
Longtime User
B4X: 
if Cursor1.rowcount<> 0 then
     msgbox("success","success")
     cursor1.position =0
     Dim MyUser as string =cursor1.getstring("usertype")
      if MyUser ="Admin" then
         Activity.loadlayout("AdminLayout")
      else
         Activity.loadlayout "UserLayout")
      .
      .
      'continue with the rest of your code
 
Upvote 0
mc73

mc73

Well-Known Member
Licensed User
Longtime User
No mean to hijack the thread, but by watching your query, I have to warn you to be more careful and try to handle possible sql injections.
In the query you post, if you place, for example:

username text: ' or not('1'<>'1

password text: ') or '1'='1

, your query will then be:

select * from adminclient where username='' or not('1'<>'1' and password='') or '1'='1'

This will always return the complete list of users, thus getting someone to login without knowing any user name or password.

B4A has the query2 method, which is more safe.
 
Upvote 0
V

vinzpogi

Member
Hello Sir. I tried what you posted and IT DID logged in ! Can you help me revise my code there. I'm just new here sorry and thanks for the tip !
 
Upvote 0
fixit30

fixit30

Active Member
Licensed User
Longtime User
You should use ExecQuery2

B4X: 
cursor1 = sql1.ExecQuery2("SELECT * FROM adminclient WHERE username = ? AND password = ?", Array as  String(username.Text, password.Text))
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Zizi
  • Solved
Android Question Offline login
Replies
7
Views
1K
aeric
aeric
jahswant
  • Article
Share My Creation [B4X]FOOD HUNTER V3 (4 IN 1) [ADMIN APP,CLIENT APP,DELIVERY BOY APP,SERVER APP]
2 3 4
Replies
61
Views
9K
JOTHA
JOTHA
H
  • Question
Android Question B4A Login Form
Replies
8
Views
2K
aeric
aeric
josejad
  • Article
Android Example [B4XPages] jRDC2 + MySql CRUD + Login
2
Replies
39
Views
9K
Timm
T
aeric
  • Article
Share My Creation [B4X] User Login App + [B4J] MySQL API Server (Key + Token)
2 3
Replies
42
Views
18K
pixet
pixet
Top