Alpha Software Mobile Development Tools:   Alpha Anywhere    |   Alpha TransForm subscribe to our YouTube Channel  Follow Us on LinkedIn  Follow Us on Twitter  Follow Us on Facebook
Devcon 2020 Goes Virtual! LEARN MORE >

Announcement

Collapse

The Alpha Software Forum Participation Guidelines

The Alpha Software Forum is a free forum created for Alpha Software Developer Community to ask for help, exchange ideas, and share solutions. Alpha Software strives to create an environment where all members of the community can feel safe to participate. In order to ensure the Alpha Software Forum is a place where all feel welcome, forum participants are expected to behave as follows:
  • Be professional in your conduct
  • Be kind to others
  • Be constructive when giving feedback
  • Be open to new ideas and suggestions
  • Stay on topic


Be sure all comments and threads you post are respectful. Posts that contain any of the following content will be considered a violation of your agreement as a member of the Alpha Software Forum Community and will be moderated:
  • Spam.
  • Vulgar language.
  • Quotes from private conversations without permission, including pricing and other sales related discussions.
  • Personal attacks, insults, or subtle put-downs.
  • Harassment, bullying, threatening, mocking, shaming, or deriding anyone.
  • Sexist, racist, homophobic, transphobic, ableist, or otherwise discriminatory jokes and language.
  • Sexually explicit or violent material, links, or language.
  • Pirated, hacked, or copyright-infringing material.
  • Encouraging of others to engage in the above behaviors.


If a thread or post is found to contain any of the content outlined above, a moderator may choose to take one of the following actions:
  • Remove the Post or Thread - the content is removed from the forum.
  • Place the User in Moderation - all posts and new threads must be approved by a moderator before they are posted.
  • Temporarily Ban the User - user is banned from forum for a period of time.
  • Permanently Ban the User - user is permanently banned from the forum.


Moderators may also rename posts and threads if they are too generic or do not property reflect the content.

Moderators may move threads if they have been posted in the incorrect forum.

Threads/Posts questioning specific moderator decisions or actions (such as "why was a user banned?") are not allowed and will be removed.

The owners of Alpha Software Corporation (Forum Owner) reserve the right to remove, edit, move, or close any thread for any reason; or ban any forum member without notice, reason, or explanation.

Community members are encouraged to click the "Report Post" icon in the lower left of a given post if they feel the post is in violation of the rules. This will alert the Moderators to take a look.

Alpha Software Corporation may amend the guidelines from time to time and may also vary the procedures it sets out where appropriate in a particular case. Your agreement to comply with the guidelines will be deemed agreement to any changes to it.



Bonus TIPS for Successful Posting

Try a Search First
It is highly recommended that a Search be done on your topic before posting, as many questions have been answered in prior posts. As with any search engine, the shorter the search term, the more "hits" will be returned, but the more specific the search term is, the greater the relevance of those "hits". Searching for "table" might well return every message on the board while "tablesum" would greatly restrict the number of messages returned.

When you do post
First, make sure you are posting your question in the correct forum. For example, if you post an issue regarding Desktop applications on the Mobile & Browser Applications board , not only will your question not be seen by the appropriate audience, it may also be removed or relocated.

The more detail you provide about your problem or question, the more likely someone is to understand your request and be able to help. A sample database with a minimum of records (and its support files, zipped together) will make it much easier to diagnose issues with your application. Screen shots of error messages are especially helpful.

When explaining how to reproduce your problem, please be as detailed as possible. Describe every step, click-by-click and keypress-by-keypress. Otherwise when others try to duplicate your problem, they may do something slightly different and end up with different results.

A note about attachments
You may only attach one file to each message. Attachment file size is limited to 2MB. If you need to include several files, you may do so by zipping them into a single archive.

If you forgot to attach your files to your post, please do NOT create a new thread. Instead, reply to your original message and attach the file there.

When attaching screen shots, it is best to attach an image file (.BMP, .JPG, .GIF, .PNG, etc.) or a zip file of several images, as opposed to a Word document containing the screen shots. Because Word documents are prone to viruses, many message board users will not open your Word file, therefore limiting their ability to help you.

Similarly, if you are uploading a zipped archive, you should simply create a .ZIP file and not a self-extracting .EXE as many users will not run your EXE file.
See more
See less

Adding Security Restrictions

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Adding Security Restrictions

    Attached are some partial screen shots of a database application based on Access that our office uses. In case of copyright issues, I have deleted the provider's details and modified the name on the button that allows them access without restriction.

    What they have arranged is, along with the usual words "File" through to "Help" for the application to have a word called "User Defaults" next to "Help".

    Clicking on User Defaults brings up the screen giving access to passwords. I have ringed two buttons. The upper one called Passwords only allows for the local system administrator (Me!) or anyone I authorised to access them and allocate three letter user names and passwords (second screen shot). With each user that is set up a table is displayed giving areas and tasks the user is authorised to enter / modify / delete / view. There are also some pre-set templates such as accounts which will fill the appropriate boxes. Entry into the program is password protected (third screen shot) and will restrict that user's access to that set by the administrator.

    The most useful button is the one I have called "CFF Use". I (or someone I have authorised) access the User Defaults page once logged on. The provider can then use the CFF Use button which brings up a box showing a two-part security code. Once they have entered this, they then have unrestricted access to the whole of the application.

    I am aware of the problems of hiding the design side of Alpha5 - it might not be easily recoverable unless prepared beforehand. The above seems a neat way of shielding users from messing with the guts of the design.

    My question is that doing something this with security is well beyond my capabilities, but what do other members do (and are there simpler ways) to make their applications secure?
    Tags: None
    #2
    Re: Adding Security Restrictions

    Well, my friend, have you considered restrictions in runtime module?
    At the end it is the safest way to make two directories. In the first one you have files for developing, and when you think it's done you copy everything in the second dir. Make restrictions there in dir2,make install and that's it. You still have dir1 for continue of developing...
    I hope this helps you.
    www.zeljkobobic.com

    Comment

      #3
      Re: Adding Security Restrictions

      I know different people do this different, but here is my method.

      I have a table of slspeople.dbf that is set up with a user name, password and permission field. the higher the permission, the mor they can do. It also checks for dates and numbers in some files on disk to see if it can run.

      [QUOTE]

      if file.exists(cpath+"\a_rbitrate.dll") then
      fileis = FILE.open(cpath+ "\a_rbitrate.dll",FILE_RO_SHARED)
      numuse = trim(fileis.read_line())
      numuser = str(numuse,2,0)
      numberusernow = val(numuser)
      else
      UI_MSG_BOX("Bad Start","You are mssing a required file(s) to run UpsLog. Call 352-302-2015",UI_OK)
      sleep(5)
      a5.Close()
      end if
      if file.exists("C:\WINWIN.DLL")
      thisis = FILE.OPEN("C:\WINWIN.DLL",FILE_RW_EXCLUSIVE)
      DIM SHARED getDATE AS c
      getDATE = thisis.READ_LINE()
      dim shared thedate as d
      thedate = ctod(getdate)
      select
      case thedate-date()=10
      UI_MSG_BOX("Time is up for demo","Your time for evaluation expires in 10 days. Call 352-302-2015",UI_OK)
      case thedate-date()=1
      UI_MSG_BOX("Time is up for demo","Your time for evaluation expires in 1 day. Call 352-302-2015",UI_OK)
      case DATE()>=thedate
      UI_MSG_BOX("Time is up for demo","Your time for evaluation has expired! UpsLog will terminate in 20 seconds Call 352-302-2015",UI_OK)
      sleep(20)
      a5.close()
      end select
      else
      UI_MSG_BOX("You may have a bad install!","Call 352-302-2015 for help",UI_OK)
      sleep(5)
      a5.close()
      end if
      :a5.minimize()
      Dim prmpt_title as c
      dim prmpt_prompt as c
      dim prmpt_default as c
      Dim prmpt_title2 as c
      dim prmpt_prompt2 as c
      dim prmpt_default2 as c
      dim global pword as c
      dim global perm as c
      dim global password as c
      if totalusers > numberusernow then
      UI_MSG_BOX("User Count","Your User count has been exceeded! UpsLog will terminate in 5 seconds Call 352-302-2015",UI_OK)
      sleep(5)
      a5.close()
      end if
      prmpt_title = "User Code"
      prmpt_prompt = "Enter your user code or test if this is a new install"
      prmpt_default = ""
      scode = ui_get_text(prmpt_title,prmpt_prompt,prmpt_default)
      prmpt_title2 = "Your Password"
      prmpt_prompt2 = "Enter your Password or test if this is a new install"
      prmpt_default2 = ""
      pword = ui_get_password(prmpt_title2,prmpt_prompt2,prmpt_default2)
      t=table.open("slspeeps",file_ro_shared)
      query.filter="username="+quote(trim(scode))
      query.order=""
      query.options="T"
      ix=t.query_create()
      if ix.records_get()=0 then
      a5.close()
      end if
      username=t.username
      salesman=t.salesname
      cellphone = t.cellphone
      password = t.password
      usernow = t.usernow
      permissions = t.permissions
      userlot = t.lot
      t.close()
      perm = permissions
      if alltrim(pword)<>alltrim(password) then
      UI_MSG_BOX("User","Your User name or Password is incorrect. UpsLog will now close",UI_OK)
      sleep(3)
      a5.close()
      end if
      varlot = comp->lot
      lot = comp->lot
      group = comp->group
      compbat = comp->bat
      comptire = comp->tire
      comppred = comp->pred
      comptaxrate = comp->taxrate
      complemon = comp->lemon
      comptags = comp->transfer
      comppmtterm = comp->term
      comptermtype = comp->termtype
      compapr = comp->apr
      compnewwheels = comp->newwheels
      compantitheft = comp->antitheft
      compdtaxrate = comp->dtaxrate
      electron = comp->electron
      docrate = comp->docrate
      Dave Mason
      [email protected]
      Skype is dave.mason46

      Comment

        #4
        Re: Adding Security Restrictions

        I did not finish the prior post.

        Hope you get something out of it. I had help off this forum in writing it. It is on the init of my main form. There are other checks in autoexec script.

        The permissions lets the people that have the highest permissions go where they need to. It also shuts down if they are out of date or if the record count I set for them is too high(Ihave 20 user, but may limit theirs to 2,5 or).

        Dave
        Dave Mason
        [email protected]
        Skype is dave.mason46

        Comment

          #5
          Re: Adding Security Restrictions

          Hi,Dave. Well,looking on the screenshots and the code,it seems to me that it took you a long time to set this all up. You made a lot of effort to define all this. Personally, I do not have a need for this, because I make app intentionally for the end user which cannot be used(or has to be adopted) by other users. It is important to know that most of the users want programs adjusted to their needs and they don't want general applications. I agree with that,especially in industry where every company has their own way of using software. Long time ago, I tried to link the app to HDD ID but there are simple HDD utilities that you can change ID, so this is not quite reliable. Then hiding some util files in win/system dir, but then there are install monitor programs where you can see what is exactly installed and where etc....I'm not worried about copying of my program because I always embeed BIG logo of company that paid the software, and I show it in every possible window(sometimes bmp,sometimes txt+bmp). I haven't done anything with user's permissions in a meaning of development but for example in one POS app (Point Of Sale) I just forbid the workers to see daily income and administrator can. In user's table I added all possible options with simple logical field-example-'daily_income_rpt'=checkbox field, later if a user is logged on and try to open it, simply check what is selected and allow or not seeing this rpt. Of course only admin can select permissions for users and in my case it is the user No.1. That's it......happy programming....
          www.zeljkobobic.com

          Comment

            #6
            Re: Adding Security Restrictions

            Alpha has a built in user setup with permissions if you turn it on and you can password the database. It is also possible to scramble(encryption) the data so the data cannot be imported by others from the dbf files.

            When you are working in your forms, reports, etc, there is a conditional object that you can put data/fields on that hides/changes according to other conditions.

            The start up I gave you is extensive and is not all of the onint.

            The major for you would be:
            Code:
             
prmpt_title = "User Code" 
prmpt_prompt = "Enter your user code or test if this is a new install" 
prmpt_default = "" 
scode = ui_get_text(prmpt_title,prmpt_prompt,prmpt_default) 
prmpt_title2 = "Your Password" 
prmpt_prompt2 = "Enter your Password or test if this is a new install" 
prmpt_default2 = "" 
pword = ui_get_password(prmpt_title2,prmpt_prompt2,prmpt_default2)
            You can change to match needs.

            Just food for thought.
            Dave Mason
            [email protected]
            Skype is dave.mason46

            Comment

              #7
              Re: Adding Security Restrictions

              Well, I haven't think about it nor came to that point so far. But, indeed what you brought up is very interesting and usefull too!
              I will definately save this thread for a future use...
              BTW do you possibly have any experience with printing to POS printers (like Samsung SRP270) using generic/text win driver through Alpha Five?
              www.zeljkobobic.com

              Comment

                #8
                Re: Adding Security Restrictions

                Sorry, I generally supply epson printers with my main apps. They seem to work best for my clients.
                Dave Mason
                [email protected]
                Skype is dave.mason46

                Comment

                Previous template Next
                Working...
                X