I'm trying to get a user by email or username from the database, imagine functionality that a user can login either with unique alias or email address, I thought the following would work but it doesn't,
User user =
coll.findOne(DBQuery.is("email", emailOrUsername).or(DBQuery.is("username", emailOrUsername)));
anything i'm missing?
Ok, So apparently the way to create the above query is this:
coll.findOne(DBQuery.or(DBQuery.is("email", emailOrUsername),DBQuery.is("username", emailOrUsername)));
I still don't know what the first query in the original question supposed to do.
Related
I am new to programming...
I know this probably is the best way to do an Offline login page
but
MYSQL users db (consists of usernames, passwords, id) is 'downloaded' from a php script to iOS device.That part works, and the users print to the console.
What I am struggling with is, checking the textfield where the user enters their username to the 'usersArray' to see if it exists at index[0]
Any help is appreciated.
I'm not entirely sure what you are trying to do here but I think you are trying to take the value of a text field and see if that value appears in your usersArray. Provided this is the case try:
let exists = usersArray.contains(usernameTextField.text)
This will give you a Bool that indicates if the username exists in your array.
Side Note:
Hopefully you are only doing some general testing at the moment but in case you aren't… Please don't send passwords in plain text and absolutely don't download all usernames and passwords even in an encrypted format to a device! Aside from potentially taking up a large amount of space on the user's device you would be making it very easy for unscrupulous people to crack every user password in your database!
I have a local Silverstripe instance but I cannot login and the owners are battling to find their login details. I have the DB so how can I find the Users table and edit it, or make myself an admin account? Thanks
Despite having solved your problem, you did not answer your own question :-). For Google's sake I will try...
The user table is called "Member". It has got the email address and the password in it. You can not manually change the password here, as it is hashed. What you can do is change the email address and use the "forgot password" functionality (in case the client can't do that himself), change the password for the client through the application backend (cms) and change the email address back to its original value. If you are wondering what the MemberPassword table does: AFAIK it only stores a copy of all used passwords by a user (password history)
When you want to make an account administrator, you should first take a look at the Group table and look for "administrators" in the "Code" Column. Take that ID (normally, this would be 2). After that, take a look in the Member table, and look for the user you want to make an admin. Take the ID here as well.
Next, open the Group_Member table and insert a new row (or change the existing if you want) and specify the group id under GroupID and the member id under MemberID.
Adding Security::setDefaultAdmin('admin','admin'); to the _config.php also works, but don't forget to remove it afterwards, just as any phpmyadmin or equivalent that you installed :-)
Just found this add Security::setDefaultAdmin('username', 'password'); to mysite/_config.php. Worked like a bomb!
Create a file _ss_environment.php in the webroot (or the folder above it) if it doesn't already exist. Add these two lines to the bottom:
define('SS_DEFAULT_ADMIN_USERNAME','admin');
define('SS_DEFAULT_ADMIN_PASSWORD','password');
So Im new to databases and Im trying to learn the ropes. I have a DB2 database that Im getting familiar with. I was assigned a task where I need to write a method that does a search on the database. The search will take in two parameters, a username and a user id number. If the user and the user id number does not match or if one or the other turns out null then It needs to throw a error. If its valid then it will continue with spitting out information about the user.
I was told to use the findall() function or something similar to it. I was looking online and what I have found is examples that deal with like or ilike and im not sure how something like that will work in my situation. What would be a decent example of how I would start to go about this?
any help is appreciated. Ill post back if I make any progress.
note: Im using groovy/grails. Domain,Controller,View setup.
Is this some homework assignment from school?
findall() is usually a method in regular expressions which I don't think is relevant in here. If you have a SQL database, that means you have a RDBMS which uses SQL as query language. You need to learn about the SELECT command which can look daunting when you look the first the time to the manual but it's actually simple for your case. You need something like:
SELECT userfield1, userfield2,..
FROM myusertable
WHERE myusertable.username = 'uname' AND myusertable.userid = userid
uname and userid are your search parameters. Please note that this SQL query should be done with a PREPARED statement for security reasons.
When you run this query using your database library you get back an array of results which you have to analyze. If it is empty, no user found.
Edit: updated to take into account the use of hibernate
Hibernate uses HQL which is like SQL and has indeed a findAll method. See http://grails.org/doc/latest/ref/Domain%20Classes/findAll.html
I have been tasked with coming up with a solution where I am not sure if there is a solid answer:
How can I match username records from an application's database to users in our Active Directory?
I have two applications this needs to be done for - 1st application I only have firstname and lastname information. Second application i have the application's username, which is similar to activeD's but not a definate match. I also have firstname lastname info.
Now, simply put I can just write a script that matches all the records in ActiveD that match the firstname lastname in the application DB, but that is fraught with errors.
Having no unique identifier to begin with might make this an impossible task, but before I start to task someone else with manually comparing the data after running the script, I thought I would ask the delightful StackOverflow crew to chew on it. There are always methods I don't think of, after all.
So any brilliant ideas out there to accomplish this task?
Thanks guys
Once you get them matched up automatically and the exceptions by hand, make a custom attribute in Active directory where you can store the information to keep them matched up in the future.
You could store the Active Directory object GUID against the database record.
Well, the one thing that will be indeed unique in AD is the sAMAccountName for each user. If you find a way to associate your users in your two databases with a SAM Account Name, you should have no big trouble anymore to do an automatic sync check with AD.
That property is already available in AD, you don't need to add any additional artificial IDs, and it's much easier to read than a GUID.
Marc
I have a stored procedure which has to get a password from my Users table.
I am using a Username as a parameter. What is the best way to get the row where the Username field's contents match the Username parameter, and then the password (as this is the Username/password pair for one user).
Cursors are one way to iterate over a rowset but these aren't desirable.
I am on Sql Server 2005.
It sounds like you just need a standard SELECT query:
SELECT username_column, password_column
FROM your_table
WHERE username_column = #usernameparam
(Or am I misunderstanding the question?)
get a password from my Users table
This is your first problem: NEVER store real passwords in a database. Look into the HashBytes() function and use that for password matching. If you think you need to keep a real password around, perhaps to allow users to recover lost passwords, go talk to the folks over at reddit.
way to iterate over a rowset
This is your second problem. You're thinking in terms of iterating over the rows yourself. This is called imperative programming. While imperative code works great for your normal client code, it's backwards when you're working with a database. Instead, you want to start using declarative programming and think in terms a sets: you write some code that declares to the database the set of records you need returned:
SELECT [password] /*shudder*/ FROM [table] WHERE [username] = #username
SELECT
password
FROM
table
WHERE
username = #username
Assuming that your users table has the columns UserName and Password then a SELECT will work just fine.
SELECT username, password FROM Users WHERE username = #username
However, storing passwords in this manner might not be the best idea security wise.