This library will carry the management of an users database for login verification, and all the normal operations that you will need. All the information is stored in an encrypted file.
I'm sorry that there are a couple of members in the library whose names are in Spanish. Well, I'm Spanish and I cannot avoid writing things in Spanish while I'm programing, although I try to make everything in the libraries that I'm planing to export in English. For your information, Nombre means Name, and Apellidos means Last Name (or Surname). If you find anything else in Spanish, tell me.
To use the library, among other things you will have to provide a password to encrypt all the information that is stored there. DON'T LOOSE THAT PASSWORD. This library doesn't have a master password or anything, so if you cannot access the information stored in the file, me neither.
If you have any questions, doubts, comments or bugs, please contact me.
History:
Version 1.01 14.03.98:
Added the 'ChangeRights' function.
Corrected a couple of minor bugs.
Added the possibility of opening the database even when it is damaged (a wrong password is being used or someone has being modifying the database externally).
Added the 'DamagedDB' property.
Version 1.02 26.03.98: Now the encryption support is compiled into the library. The AREncrypt.dll file is not in the ZIP anymore. Also the DEP file has changed to reflect this. Improved performance.
Version 1.10: Added properties to force the use of strong passwords (MinPasswordLength, MustHaveAlpha, MustHaveNumbers, MustHaveOnlyNumbers and MustHaveBothCases); added the ForceChangePassword method, so an administrator can change the password for an user without needing the old password.
Version 1.20 14.07.98: Removed the protection system to the library. From now on the code is not necessary anymore, and the library is freeware.
INSTALLATION
In the ZIP file you will find the following files:
ARUsersDB.dll
ARUsersDB.txt
ARUsersDB.DEP
ARRandomPwdGen.exe
Put all those files together wherever you want. The .DEP file has the dependency information, that you will need if you want to create the installation of a program that uses my library.
ARRandomPwdGen.exe is a program that will generate random passwords of any length. You can use it to generate random passwords for the library. Of course, it also needs the Visual Basic 5 SP3 run-time libraries.
PROPERTIES AND METHODS
Properties:
Code. The code was necessary for the library to work before version 1.20. It's still there for compatibility reasons.
DamagedDB. This property will be true if a wrong password is being used to open the database, or someone has being modifying the database file externally. The database has checksums that are encrypted as well, so the program can control the state of the file. In version 1.0, the library wouldn't let you open a damaged file, but this behavior is not correct when we are talking about critical information, so I have changed it and added this property for you to check it after opening the database with the 'File' property, and know if everything is right.
DatabaseOpen. If true, that means that the library is ready to start working with the database.
File. Full path of the file where you want to store the information. If the path provided doesn't exist, the library will create it.
LastError. If in any operation an error happens, here the library will store a description of the error.
ListUsers (key). Key is a number or an ID for the user. The property will return a class with the following members: Admin (true or false, indicates if this user has administrator rights), Apellidos (String, last name), Level (1 to 4, indicates the level of rights that this user has), Nombre (String, first name) and UserID (String, ID of the user).
MinPasswordLength. You can set here the minimum length that a password must have to be valid. Default is 0, although anyways the library will not accept empty strings as passwords.
MustHaveAlpha. When set to True, to be valid a password will have to have characters from a to z or from A to Z (at least one).
MustHaveBothCases. When set to True, passwords will have to be composed by some character from a to z and some character from A-Z to be valid.
MustHaveNumbers. When set to True, a passwords will have to contain numbers to be valid (at lease one).
MustHaveOnlyNumbers. When set to true, password will have to be composed only by numbers to be valid.
Password. You will have to provide a password for the database to be encrypted with. I recommend that the password is between 25 and 40 characters long. You have to provide the password before setting the 'File' property.
UnLocked. True or false, depending on if you have introduced the right code to unlock the library or not. Since version 1.20, always True.
UsersCount. Will return a long integer, with the number of users that the database contains.
Methods:
AddUser (UserID As String, Password As String, Level As Rights, [Name As String], [LastName As String], [Admin As Boolean = Falso]) As Boolean.
UserID as string. The ID that the user will have in the system. It must be unique, so two users cannot have the same ID. The maximum length is 15 characters.
Password. The password that the user will have. The maximum length is 15 characters.
Level. 1 to 4, indicating the level of rights that the user has.
Name (optional). User's first name. The maximum length is 15 characters.
LastName (optional). User's last name. The maximum length is 35 characters.
Admin (optional). True or false, depending on if this user has Administrator rights or not. Default is false.
This function will return True if successful or false if it fails for some reason. Look at the 'LastError' property to get a description of the error.
ChangeRights (UserID As String, Right As Rights, [Admin As Boolean = Falso]) As Boolean. Use this property to change the rights of an existing user. It will return 'True' if succesful or 'False' if the function fails.
ChangePassword (UserID As String, OldPassword As String, NewPassword As String) As Boolean. Using this function you will be able to change the password for an user. You will have to provide the user's ID, the old password and the new one that the user wants to have. This function will return True if successful or false if it fails for some reason. Look at the 'LastError' property to get a description of the error.
DeleteUser (UserID As String) As Boolean. Deletes an user from the database. True if successful or False if it fails. You just have to provide the UserID.
ForceChangePassword (UserID As String, NewPassword As String) As Boolean. Administrators can use this function to force the change of a password for an user without needing the old password. Use this if someone has forgotten the password, instead of having to erase and add the user again.
VrfyUser (UserID As String, Password As String) As Boolean. When the user is trying to logon, you just have to use this function to quickly verify the identification that the user is providing. The function will return True if the identification is correct or False if it is not.
EXAMPLES
This is an example on how to use the library:
Dim UsDB As New ARUsersDB
UsDB.Password = Password
UsDB.File = App.Path & "\Users.dat"
If UsDB.LastError <> "" Then
MsgBox UsDB.LastError
End If
Dim bRes As Boolean
bRes = UsDB.AddUser(UserID, UserPassword, Level1, "Alvaro", "Redondo", True)
If Not bRes Then MsgBox "There has been an error when trying to add this user to the database: " & UsDB.LastError
Dim bRes As Boolean
bRes = UsDB.DeleteUser(UserID)
If Not bRes Then MsgBox "There has been an error when trying to delete this user from the database: " & UsDB.LastError
Dim bRes As Boolean
bRes = UsDB.VrfyUser(UserID, Password)
If Not bRes Then
MsgBox "The identification is incorrect."
Else
MsgBox "Access granted."
End If
Print UsDB.ListUsers (UserID).Nombre
TIP: If you want to add an user with an empty password, so the user will have to add his / her password in the next logon, use some string and identify it as an empty string. For example, the empty string could be something like: "emptyemptyempty". When you add an user without a password, put that string as the password. Whenever an user introduces his / her identification without password, verify the account using that string. Also, make sure you don't allow that string to be used as a normal password. The library will not accept blank passwords for security reasons.
© Alvaro Redondo, 1998. All Rights Reserved.
http://www.sevillaonline.com/ActiveX/