0

I have a DBGrid where I am using following query to get the data:

Select * from table1 where <condition>

One of the fields in Password coming from database, which I want to display as ***. But keep it editable for the Grid itself.

Can you please suggest what can be done for this. Sample code will be much appreciated

user2809635
  • 139
  • 1
  • 3
  • 12
  • 1
    First of all. Never store passwords as raw texts nor fetch them back to clients. They should be hashed. And well, if you want to show something to users in fields containing passwords, show something neutral, e.g. text ``. The field can be editable, but post a hashed string entered by the user and display that neutral text again. – TLama Dec 03 '13 at 13:51
  • Can you give an example as I am new to delphi. And the I also understand your advice regarding the password storage but its my requirement. – user2809635 Dec 03 '13 at 13:57
  • Please explain why you retrieve a password from a database and display as asterisks. Why display anything at all if it can't be read? – Marcus Adams Dec 03 '13 at 14:03
  • 1
    It is a task that I have to put an editable password field in the grid, its not so secure but just a requirement as I already told. Just a requirement. – user2809635 Dec 03 '13 at 14:12
  • So, you want to display asterisks until they start to edit a particular password, then reveal it? Please explain the UI you're after. – Marcus Adams Dec 03 '13 at 14:14
  • 3
    Search for examples `OnGetText` of TField – Sertac Akyuz Dec 03 '13 at 14:18
  • @MarcusAdams, typical shoulder surfing countermeasure, weak but does the job. – Free Consulting Dec 03 '13 at 14:33
  • @FreeConsulting, I agree, but user still hasn't described the UI they're after. We're guessing here. – Marcus Adams Dec 03 '13 at 14:34
  • 1
    @user2809635 - If you want to just edit the password, why retrieve it from the database in the first place? – Leonardo Herrera Dec 03 '13 at 14:35

1 Answers1

1

You can do this by dropping a TEdit on your form and set the password char property to be '*'. Then you need to add code into the OnDrawColumnCell event of the TDBGrid like this :-

procedure TForm1.DBGrid1DrawColumnCell(Sender: TObject; const Rect: TRect;
  DataCol: Integer; Column: TColumn; State: TGridDrawState);
var
  grid : TDBGrid;
  maskValue : String;
  aRect : TRect;
begin
  maskValue := '**';
  aRect := Rect;
  grid := sender as TDBGrid;


if column.FieldName = 'password' then
    if gdfocused in State then
    begin
      Edit1.Left := Rect.Left + grid.Left + 1;
      Edit1.Top  := rect.Top + grid.Top + 1;
      Edit1.Width := Rect.Right - Rect.Left + 2;
      Edit1.Height := Rect.Bottom - Rect.Top + 2;
      Edit1.Clear;
      Edit1.Visible := True;
    end
    else
    begin
      grid.Canvas.FillRect(Rect);
      DrawText(grid.Canvas.Handle, PChar(maskValue), Length(maskValue), aRect,
        DT_SINGLELINE or DT_LEFT or DT_VCENTER);
    end
    else
      grid.DefaultDrawColumnCell(Rect, DataCol, Column, state);
end;



procedure TForm1.DBGrid1ColExit(Sender: TObject);
begin
  Edit1.Visible := False;
end;



procedure TForm1.DBGrid1KeyPress(Sender: TObject; var Key: Char);
begin
  if Key = Chr(9) then Exit;



if (Sender as TDBGrid).SelectedField.FieldName = 'password' then
  begin
    Edit1.SetFocus;
    SendMessage(Edit1.Handle, WM_CHAR, word(Key), 0);
  end;
end;



procedure TForm1.Edit1Change(Sender: TObject);
begin
  if DBGrid1.DataSource.State in [dsEdit, dsInsert] then
    DBGrid1.DataSource.DataSet.FieldByName('password').AsString := Edit1.Text;
end;



procedure TForm1.Edit1Enter(Sender: TObject);
begin
  DBGrid1.DataSource.Edit;
end;

This should get you going, but as has been mentioned it's not ideal to be editing passwords in this way.

Andy_D
  • 2,340
  • 16
  • 21
  • Thanks its working but, I need the edit functionality too, I mean after I enter the new text in TEdit, I dont get Save button enable in DBNavigator used above is there any way I can edit the password? – user2809635 Dec 04 '13 at 05:24