Solved

DATABASE SECURITY

Posted on 2000-03-31
12
207 Views
Last Modified: 2010-04-04
I NEED TO ADD SOME PASSWORD TO A DATABASE TABLE AND CHANGE THE FIELDS RIGHTS USING DELPHI IN CODE, NOT THE DATABASE EXPLORER

 NEED CODE, NOT SOME WEB PAGES LINKS OR BLA BLA
 
        500
0
Comment
Question by:VictorZ
  • 2
  • 2
  • 2
  • +6
12 Comments
 
LVL 3

Expert Comment

by:darinw
ID: 2673761
Monitoring question.

darinw
Customer Service
0
 
LVL 27

Expert Comment

by:kretzschmar
ID: 2673820
also monitoring . . .
0
 

Expert Comment

by:SuperSy
ID: 2673935
Me too.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 13

Expert Comment

by:Epsylon
ID: 2673936
Ok, here we go again   :o)


Don't know how to add password but if your database supports it you can use 'GRANT' and 'REVOKE' to set privileges:


grant <privilege[,privilege,...]>
   on <rel1>[,...<reln>]
   to [public | group <group> | <username>]

privilege is {ALL | SELECT | INSERT | UPDATE | DELETE | RULE }


Example

grant insert
   on mytab
   to public



revoke <privilege[,privilege,...]>
   on <rel1>[,...<reln>]
   from [public | group <group> | <username>]

privilege is {ALL | SELECT | INSERT | UPDATE | DELETE | RULE }


Examples

revoke insert
   on mytab
   from public
0
 

Expert Comment

by:perkley
ID: 2674148
Listening also
0
 
LVL 9

Expert Comment

by:ITugay
ID: 2675697
I'm trying to answer.

Hi Victor,
You ask it again? You miss my answer?

This is working sample how to change Paradox password for table using Delphi in code not Database Explorer.

---------------------
procedure TForm1.SpeedButton1Click(Sender: TObject);
begin
    Session.AddPassword('OLD_PASSWORD');
    Table1.Close;
    Table1.Exclusive:=true;
    Table1.Open;
    AddMasterPassword(Table1,'NEW_PASSWORD');
end;


The code bellow is from Delphi help.
-----------------
procedure AddMasterPassword(Table: TTable; pswd: string);

const
  RESTRUCTURE_TRUE = WordBool(1);
var
  TblDesc: CRTblDesc;
  hDb: hDBIDb;
begin
  { Make sure that the table is opened and is exclusive }
  if not Table.Active or not Table.Exclusive then
    raise EDatabaseError.Create('Table must be opened in exclusive ' +
      'mode to add passwords');
  { Initialize the table descriptor }
  FillChar(TblDesc, SizeOf(CRTblDesc), #0);
  with TblDesc do begin

    { Place the table name in descriptor }
    StrPCopy(szTblName, Table.TableName);
    { Place the table type in descriptor }
    StrCopy(szTblType, szPARADOX);
    { Master Password, Password }
    StrPCopy(szPassword, pswd);
    { Set bProtected to True }
    bProtected := RESTRUCTURE_TRUE;
  end;
  { Get the database handle from the cursor handle }
  Check(DbiGetObjFromObj(hDBIObj(Table.Handle), objDATABASE, hDBIObj(hDb)));
  { Close the table }
  Table.Close;

  { Add the master password to the Paradox table }
  Check(DbiDoRestructure(hDb, 1, @TblDesc, nil, nil, nil, False));
  { Add the new password to the session }
  Session.AddPassword(pswd);
  { Re-Open the table }
  Table.Open;
end;

-------
Igor

PS: what's wrong? why lot of people monitoring this question?

0
 
LVL 1

Expert Comment

by:flooder
ID: 2676405
Monitoring as well.
0
 
LVL 2

Expert Comment

by:mullet_attack
ID: 2685925
me too
0
 
LVL 13

Expert Comment

by:Epsylon
ID: 2713414
I'm getting cold....
0
 
LVL 4

Accepted Solution

by:
Greg Rowland earned 500 total points
ID: 2728947
1) Create a security database with a field for each database or form needing protection and a record for each user or workstation.

2) Define field values that reflect the desired level of protection.

3) When the form or application loads find the user or workstation name in the registry.

4) Match the user/workstation name with the values in the security database.

5) Then set access attributes accordingly.

In my application we use values from 1-99 so future categories can be added.
Presently;

0-25 = no access, form access buttons are grayed out.
26-50= Read Only, some fields may not be visible.
51-75= Read and write some fields.
75-90= Full control accept administrative writes.
91-99= The boss/administrator.

When any form "beginning" with the main form is loaded loop through a multi dimensional array containing a list of components that need protection and their cutoff values, set visibility, read only or other properties based on the value in the security table for that user or workstation.

This method negates the need to have the user enter a password after the system is booted.

I have centralized all of the validation code to one unit for easy of maintenance, and provided a form for the Network admin to add or modify users. New users can be added with default settings depending on where they are in the food chain "Levels 1-5".

May sound like a lot of work, the result is tight as a drum and the boss loves it.


0
 
LVL 4

Expert Comment

by:Greg Rowland
ID: 2728953
If you get past the Bla Bla Bla and need help with aspects of coding this solution let me know.
0
 
LVL 1

Expert Comment

by:flooder
ID: 2729590
Its a lot of work but it looks like a very workable alternative and the advantage is it is db-independant.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Find and Replace Stream with 0s 8 69
how to resize animated Gif image in delphi ? 1 35
PHP preg_replace code convert to Delphi 14 68
DBCtrlGrid, Delphi, Scroll 8 38
Objective: - This article will help user in how to convert their numeric value become words. How to use 1. You can copy this code in your Unit as function 2. than you can perform your function by type this code The Code   (CODE) The Im…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question