Manualshelf

Developer’s Guide

ManualsBrandsClaris FileMaker ManualsApplicationsFileMaker Developer 5
919293949596979899100
Table Of Contents
6-20
Developer’s Guide
Protecting specific records in a database
The ExactSearch, ExactUpdate, and ExactDelete field restrictions
provide record-level security for your databases on the Web. You
can limit web user access to specific records in your databases by
creating a special field value for those records that only authorized
users know, and applying the ExactSearch, ExactUpdate, or
ExactDelete field restrictions to the field. Web users are required to
enter the correct value in a search and only those records containing
the value are displayed. By adding the Don’t Show field restriction
to the field, unauthorized web users will not be able to see the value
when the records are displayed.
Note When using the ExactSearch restriction for any field, a
-findall request cannot be used with that database.
The ExactSearch, ExactUpdate, and ExactDelete field restrictions
can also be applied to related fields by adding the relationship name
and a double colon to the field name. Web users must enter a non-
blank value for the related field when searching the database. The
value cannot contain any FileMaker Pro wildcard or range search
characters (*, @, !, =, //, “..”, or “...”).
To protect specific records in a database:
1. In FileMaker Pro, define a field in the database to contain the
special field value.
YourSecretCode:
2. Enter the special field value for the field in each specific record
you want to protect.
YourSecretCode: ch5rries
3. In a text editor or HTML authoring program, create an HTML text
field in your search web page using the same name as the field you
defined in the database.
<P><FONT SIZE=“+2”><B><TT>Enter your secret code here</TT></
B></FONT><BR><INPUT TYPE=“text” NAME=“YourSecretCode”
VALUE=“” SIZE=“35”></P>
4. Include the equals operator in the search string.
<INPUT TYPE=“hidden” NAME=“-Op” VALUE=“eq”>
5. In the Web Security.fp5 database, type the name of the field in the
Field Name field, and select the DontShow and ExactSearch field
restrictions.
If you’re setting restrictions for a related field, type the relationship
name, a double colon, and then the field name in the Field Name field.
relationship::YourSecretCode
Now, in order to retrieve the protected records, web users must type
the special field value in the HTML text field on the search page.
ExactUpdate Edit only those records containing a value that exactly
matches the value specified by the user for this field in a
search.
A record cannot be updated unless an exact match is made
with the field’s value in the database. Web users cannot
edit this field.
Note This option does not work with FileMaker Pro
Instant Web Publishing and should not be selected in that
case.
ExactDelete Delete only those records containing a value that exactly
matches the value specified by the user for this field in a
search.
A record cannot be deleted unless an exact match is made
with the field’s value in the database. Web users cannot
edit this field.
Note This option does not work with FileMaker Pro
Instant Web Publishing and should not be selected in that
case.
When this field
restriction is
selected Web users can do the following