By ODBC connection, do you mean an ODBC DSN (which you can set up in Control Panel)?
If so you don't really need one, as you can put all of the details within your program (it's much safer that way, as it can't be 'accidentally' deleted/changed).
Next up, what do you mean by "doesn't work"?
Depending on what the answer to that is, the problem may be due to permissions on the database file/folder. See this FAQ thread for how to set them up properly.
By ODBC connection, do you mean an ODBC DSN (which you can set up in Control Panel)?
yes this is the type of my connection
[QUOTE=If so you don't really need one, as you can put all of the details within your program (it's much safer that way, as it can't be 'accidentally' deleted/changed).
[/QUOTE]
how can i do that?
[QUOTE=Next up, what do you mean by "doesn't work"?
[/QUOTE]
when i try to start my application in a user account with limited privilages
i take the message : you dont have enter the right password for connection with database.
if i start my application with right clik run as.... administrator and i give the password program starts five.
details for what i want to protect :
my application is in c:/program files/ connected with a password protected mdb database. as all we know mdb databases password crack verry easy with some progs, limited users cannot install those (bad ) progs...
an other problem is replacing the database of the program with backup database from another day (before today or the same day but earlier time) and "cheat" records....!!
for example if some user copy database and put it in folder backup1, make some records , print receipt from program, take the money from customer and then replace database with database from backup1 folder....
so i put my appz to c:/program files/ to protect it from users, because limited users canot replace any file i n c:/program files/
The absolute best thing you can do is to switch from ODBC to DSN-Less connection in your code and not have to worry about such things. Look in my signature for Connection strings for more help.
..basically wherever you have a connection string (or the DSN name) at the moment, change it to a connection string like this (or one in the link that randem and I both have in our signatures).
Originally Posted by Chrisad
so i put my appz to c:/program files/ to protect it from users, because limited users canot replace any file i n c:/program files/
Well that's the problem then.. in order to be able to modify data in an Access database at all, they need the ability to modify the file (and create/modify files in that folder) as described in the link I provided before.
The absolute best thing you can do is to switch from ODBC to DSN-Less connection in your code and not have to worry about such things. Look in my signature for Connection strings for more help.
Quite simply, don't use Access.. as it deals with Files, not true databases - and in order to modify a file at all, you need permission to modify the file however you like.
In order to have that kind of protection you need proper database software, such as SQL Server 2005 Express (see the thread at the top of the DB forum for a link to the Free download), which uses an 'engine' to do the actual work with the database file(s).
Not being able to replace a database with a backed-up database would be a serious FLAW!!! What you might want to incorporate is that each day you enter an encrypted code in the database and the registry so that if a backup database is used your software would know it and could perform warnings and alerts that this is happening and would need special permissions to do so.
Yes but the problem is that the actual file itself could be changed, hence losing the data of the previous day (or hour, ...).
Without having some kind of automatic backup & restore system (which would also be prone to issues), Access is not a valid option given the requirements.
To get per user access in MS Access you'll have to do "gymnastics" (also involves registry settings), and you'll have to pass first the admin log so consider instead using another DB such as SQL Server which has better support for user access.
There should be very few changes needed to the code (usually just the connection string, and wildcards for Like queries).
It is possible to do "run as" via code, but I cannot recommend (or even condone) that, as the login details need to be stored in your program - even when it is compiled, they can be read by anyone who opens it in NotePad.
; Declare all variables used
Dim $Username, $Password
; Initialization of the variables
$Username = "test"
$Password = "test"
; Set the RunAs parameters to use local adminstrator account
RunAsSet($Username, @Computername, $Password)
Runwait(@ProgramFilesDir & '\company\prog\prog.exe')
so appz users can run appz from this exe with admin privilages
[QUOTE=It is possible to do "run as" via code, but I cannot recommend (or even condone) that, as the login details need to be stored in your program - even when it is compiled, they can be read by anyone who opens it in NotePad.[/QUOTE]
i compile the script and open the executive file with notepad and search for user or password... i didnt find anything
I had a quick visual scan in Notepad and didn't spot it (you need to be aware it is in unicode, so a Find wont get it).. but it doesn't matter anyway - AutoIt provide a decompiler, so you can see the original script.
Sounds like a deployment nightmare to me. Why put the database in a place where it is hard to get to then go thru these procedures to give access to it anyway?
thats why...
an other problem is replacing the database of the program with backup database from another day (before today or the same day but earlier time) and "cheat" records....!!
for example if some user copy database and put it in folder backup1, make some records , print receipt from program, take the money from customer and then replace database with database from backup1 folder....
so i put my appz to c:/program files/ to protect it from users, because limited users canot replace any file i n c:/program files/
please before post read first, you dont help if you take us back...
and we give permisions to any users we want to read & write our database..
i test it and looks fine!!!
what is your opinion about?
That's what the FAQ thread that I linked in my first reply talks about.
If you are certain that everything works without ticking "Modify" (and the permissions for the folder itself), then it should be safe.
What randem and I are both confused about tho, is why go to this much effort (in which at some point you may make a mistake, or accidentally leave a loophole) when using a 'proper' DBMS would instantly solve issues like this?
What randem and I are both confused about tho, is why go to this much effort (in which at some point you may make a mistake, or accidentally leave a loophole) when using a 'proper' DBMS would instantly solve issues like this?
@si_the_geek
you have right to be comfused about, but i dont have much time to change
appz to work with more secure and better connection string as sql.
propably next version priority is sql database.....
but now i cant do that because i havent much expirience about this type of connections and i thing tha it take me much of my time.
my prog allready works for my costumer and everything works fine but as administrator account...
i must find a solution to run my appz from limited user account (to close the big hole of replacing database) and then i find the time to fix my next version more carefully and much more secure.
In our opinions (and I would assume that of many other professionals), it will be significantly easier to move to a different database system than to create dubious fixes as you are attempting to do.
The problem occurred because you didn't investigate enough.. and are trying to fix it by adding dodgy (unreliable/unsafe) hacks to the system, rather than simply spending a little while learning how to use safer software - which you say you are going to do anyway. Why spend the extra time trying to find dubious solutions?
Getting something like SQL Server Express is very easy, installing it is easy too. The changes to your program will be minimal (probably just one line - the connection string). The only awkward part is copying your database/data from Access to a real database system.
ODBC problem!
Reply With Quote
Originally Posted by si_the_geek
) progs...
