Is the array being assigned to a User scope? If so, as long as you are
passing the Userreference arg throughout all of your apps then you
shouldn't have a problem. My advice is to go through the process on 2
or 3 different computers concurrently looking for a cross-over in user
variables on each section of the app. This should highlight where
you're having trouble - probably a page where you aren't carrying
through with the userreference.
I have noticed that different browsers handle the user variables
differently - some can lose the userreference on the first time that it
isn't used in a link (ie moving between a taf to a static page and then
back to a taf without a userreference arg) while others will maintain
the user args for that sessions for the user even in different frames.
Some version of IE are particularly sensitive to this problem as IE
seems to isolate user variables and cookie sessions between frames and
an link without a userrefence can result in a new uerrefence arg being
created for the user.
What you'll probably find is that there is a userreference arg missing
in one or two sections of your app and this is only affecting certain
users, and also those users will recapture the same user reference when
moving back to a previous page where the original user reference was
engaged.
I have found that the userreference arg to be rock solid reliable as a
method for passing the current user session as long as you ensure that
*every* link or form action in your apps contain it, and this will
ensure that your user variables do not get mixed up or lost.
Personally, I authenticate (when there is no existence of their userid
currently being carried by the server) on username & password then set
a hidden user variable named the userid in as a user variable being
carried by the server, not relying on the user reference as the sole
user session variable. To authenticate the login app checks for
existence of their userid and if not, then the userid cookie (which is
set in each app to keep it current) and authenticates them immediately
and saves the current userreference set by the server with that record,
or if a userid cookie doesn't exist, checks to see if the current
userreference argument being carried by the browser is stored in the
client's details and authenticates them that way (in case the user
session expired but their still on the site but inactive - this is not
recommended for high-security sites), and if neither exists then they
have to (re)login. It sounds complex but really is not much effort -
set a check to see if the user variable userid exists, if not, check
for cookie, if not userreference, if not login page and you simply
create the appropriate login processes for each case. The userid is
carried within the server's memory in user scope & userreference is
carried throughout all of the pages in the links.
The user rarely sees a login screen and the system doesn't confuse user
details.
If you'd like more detail I am happy to send some examples.
cheers
Garth
bbmedia.com.au
p: 0500 527 000
e: [EMAIL PROTECTED]
PO Box 3543 Wamberal NSW 2260
On 15/09/2005, at 1:16 AM, Witango wrote:
We've been experiencing some troublesome errors with our Witango
Applications lately. Most of them are along the lines
of users seeing other users found sets and submitting records with the
incorrect user information.
Our setup is:
- Witango 5.0.1 server on an OS X 10.3.9 box
- FilemakerPro 5.5 server on an OS X 10.4.1 box
When a user logs into any of our Witango apps our Login.taf is called
which queries a Filemaker file containing all our
usernames and passwords. Once the correct username and password is
found Login.taf creates an array containing the
user's login information along with other information about the user
such as their school number and access level (e.g.
school, technician, admin). Login.taf then branches back to the
application that called it.
Each link in our tafs contain the <@userReferenceAgrument> and most
searches and submits are preform with their school
number automatically filled in for them.
Despite this we continue to receive calls every once in a while about a
user logging in as one school but them
submitting their record as if they were at another school. Upon
talking to the other school we find out that both
schools were submitting records at nearly the exact same time. There
have also been times, and I've seen this myself,
where one user will end up with the found set of another user, but when
going back to the home page are still logged in
with the correct school number and can continue on normally.
We are completely stumped with this problem. It's not a consistent
problem which makes trouble shooting difficult.
We're not even sure if this is a Witango issue or a problem
FilemakerPro. One time during a demonstration of our
FilemakerPro interface, with 20 users all logged in a the same time,
users started seeing the found sets of other
users. A month later, however, with the same scenario, no problems
were encountered. The same custom login system is
used for the Filemaker interface minus the Login.taf.
Does anyone have any idea why this is happening?
Thanks in advance,
Matthew.
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
