Form.abort behavior

Post any questions you have about using the Verj.io Studio, including client and server-side programming with Javascript or FPL, and integration with databases, web services etc.

Moderators: Jon, Steve, Ian, Dave

Post Reply
Segi
Ebase User
Posts: 649
Joined: Mon Dec 09, 2013 6:37 pm

Form.abort behavior

#1

Postby Segi » Fri Dec 04, 2015 12:34 am

I have a situation where when the user tries to access an application that they are not supposed to be able to access, I call a shared function that inserts a row into a log table to record the failed attempt then aborts the current form.

The code looks like this:

Code: Select all

addIntranetLog("johndoe","John Doe","Access was denied to the application MyApp","Access Denied","192.168.1.123");

form.abort("Access Denied").
According to the help, form.abort will also roll back the previous transaction which in this case causes the insert to roll back which is what I do not want to occur.

If I comment out form.abort the row is correctly inserted into the database.

How can I prevent this behavior or rolling back the last transaction ?

This is the shared function that inserts the log into the database:

Code: Select all

function addIntranetLog(username,realName,logMessage,logType,ipAddress) {
	   var sql="INSERT INTO Logs(Username,RealName,LogDate,LogMessage,LogType,IPAddress) VALUES('" + (username != null ? username : "") + "','" + system.securityManager.getCredential("REALNAME") + "',GETDATE(),'" + logMessage + "','" + logType + "','" + ipAddress + "');";

     var con=system.getDatabaseConnection("MYDBCONNECTION");

     var rs,stmt;

     try {
          stmt=con.prepareStatement(sql);
          rs=stmt.execute();
     } catch (e) {
          // Dump the SQL for debugging purposes
          print("An error occurred reading the database with the query " + sql);
          print(e);

          if(rs) rs.close();
          if(stmt) stmt.close();
          if(con) con.close();

          event.stopExecution();
     } finally {
          if(rs) rs.close();
          if(stmt) stmt.close();
	        if(con) con.close(); 
     }

     return;
}
[/code]
0 x
Jon
Moderator
Moderator
Posts: 1342
Joined: Wed Sep 12, 2007 12:49 pm

#2

Postby Jon » Fri Dec 04, 2015 2:26 pm

You first roll back the user's transaction (assuming you want to do this - it probably doesn't make any difference if they haven't done anything yet), then insert the log record and commit that transaction:

Code: Select all

// rollback user transaction
system.transactionManager.rollbackAndRestartTransaction();

// insert log record and commit it
addIntranetLog("johndoe","John Doe","Access was denied to the application MyApp","Access Denied","192.168.1.123");
system.transactionManager.commitAndRestartTransaction();

// now abort
form.abort("Access Denied").
But..
I would question whether writing log records to a database is a good idea - for the very reason you've identified, but also because of database locking issues. I think it's better to use log4j (used by tomcat and ebase for logging). You can do this just by using:

Code: Select all

log("John Doe - Access was denied to the application MyApp");
Also, see this post http://forum.ebasetech.com/forum/viewtopic.php?t=633 for more sophisticated use of log4j - you could for example set up your own logging files.
0 x
Post Reply

Return to “Application Development”

Who is online

Users browsing this forum: No registered users and 22 guests