ADawn
asked on
Add User / Password to ADO Connection String
Hello,
VB6(sp5) ADO
How do I add a User and Password to an ADO conncetion string to open a MS Access databse? Any pitfalls I should be aware of?
Also, is there a way for a person to see this password when the application is comipled into an .exe file?
Thanks,
ADawn
VB6(sp5) ADO
How do I add a User and Password to an ADO conncetion string to open a MS Access databse? Any pitfalls I should be aware of?
Also, is there a way for a person to see this password when the application is comipled into an .exe file?
Thanks,
ADawn
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
'connection to secure database
Dim Cnn As ADODB.Connection
Dim Rst As ADODB.Recordset
'In the place where you want to establish your connection, such
'as the Initialize event of a class module, enter the following:
Dim strConnect As String
Set Cnn = New ADODB.Connection
'Substitute your own User IDs, Password, Data Source, and System
'database in the connection string below
strConnect = "Provider=Microsoft.Jet.OL
"Password=MyPassword;User ID=Administrator;" & _
"Data Source=C:\AccessDBs\DB1.md
"Persist Security Info=True;" & _
"Jet OLEDB:System database=C:\AccessDBs\syst
With Cnn
.CursorLocation = adUseClient
.Open strConnect
End With
Set Rst = New ADODB.Recordset
Rst.ActiveConnection = Cnn
Dim Cnn As ADODB.Connection
Dim Rst As ADODB.Recordset
'In the place where you want to establish your connection, such
'as the Initialize event of a class module, enter the following:
Dim strConnect As String
Set Cnn = New ADODB.Connection
'Substitute your own User IDs, Password, Data Source, and System
'database in the connection string below
strConnect = "Provider=Microsoft.Jet.OL
"Password=MyPassword;User ID=Administrator;" & _
"Data Source=C:\AccessDBs\DB1.md
"Persist Security Info=True;" & _
"Jet OLEDB:System database=C:\AccessDBs\syst
With Cnn
.CursorLocation = adUseClient
.Open strConnect
End With
Set Rst = New ADODB.Recordset
Rst.ActiveConnection = Cnn
try out this code,but you should first have a table with the password and username fileds in your database.The username or password you enter should be the one in the database.
Private Sub Login_Click()
Dim found As Boolean
On Error GoTo errhandler
found = False
If (Username <> "") And (Password <> "") Then
Set DB = OpenDatabase("Yuor database.mdb")
Set RS = DB.OpenRecordset("Your table")
End If
Do While (RS!Password <> "") And (Not found)
If (RS!Username = Username.Text) And (RS!Password = Password.Text) Then
found = True
Else
RS.MoveNext
End If
Loop
If found Then
Login.Visible = False
Here load the form you are logging in
Load YourForm
YourForm.Show
End If
Set RS = Nothing
Exit Sub
errhandler:
'if password or username not in db then error message is displayed
If Err = 3021 Then
MsgBox "Incorrect Username or Password,Try one's the system recognises..." & "Consult system administrator if having problem logging on...", vbExclamation
Else
Exit Sub
End If
End Sub
Private Sub Login_Click()
Dim found As Boolean
On Error GoTo errhandler
found = False
If (Username <> "") And (Password <> "") Then
Set DB = OpenDatabase("Yuor database.mdb")
Set RS = DB.OpenRecordset("Your table")
End If
Do While (RS!Password <> "") And (Not found)
If (RS!Username = Username.Text) And (RS!Password = Password.Text) Then
found = True
Else
RS.MoveNext
End If
Loop
If found Then
Login.Visible = False
Here load the form you are logging in
Load YourForm
YourForm.Show
End If
Set RS = Nothing
Exit Sub
errhandler:
'if password or username not in db then error message is displayed
If Err = 3021 Then
MsgBox "Incorrect Username or Password,Try one's the system recognises..." & "Consult system administrator if having problem logging on...", vbExclamation
Else
Exit Sub
End If
End Sub
8 open questions, all of which need your attention. ADMINISTRATION WILL BE CONTACTING YOU SHORTLY. Moderators Computer101, Netminder or Mindphaser will return to finalize these if they are still open in 7 days. Experts, please post closing recommendations before that time.
Below are your open questions as of today. Questions which have been inactive for 21 days or longer are considered to be abandoned and for those, your options are:
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you, but may help others. You must tell the participants why you wish to do this, and allow for Expert response. This choice will include a refund to you, and will move this question to our PAQ (Previously Asked Question) database. If you found information outside this question thread, please add it.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question (if it has no potential value for others).
--> Post comments for expert of your intention to delete and why
--> YOU CANNOT DELETE A QUESTION with comments; special handling by a Moderator is required.
For special handling needs, please post a zero point question in the link below and include the URL (question QID/link) that it regards with details.
https://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
Please click this link for Help Desk, Guidelines/Member Agreement and the Question/Answer process. https://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp
Click you Member Profile to view your question history and please keep them updated. If you are a KnowledgePro user, use the Power Search option to find them.
Questions which are LOCKED with a Proposed Answer but do not help you, should be rejected with comments added. When you grade the question less than an A, please comment as to why. This helps all involved, as well as others who may access this item in the future. PLEASE DO NOT AWARD POINTS TO ME.
To view your open questions, please click the following link(s) and keep them all current with updates.
https://www.experts-exchange.com/questions/Q.20140167.html
https://www.experts-exchange.com/questions/Q.20141981.html
https://www.experts-exchange.com/questions/Q.20253108.html
https://www.experts-exchange.com/questions/Q.20256316.html
https://www.experts-exchange.com/questions/Q.20277938.html
https://www.experts-exchange.com/questions/Q.20283655.html
https://www.experts-exchange.com/questions/Q.20301283.html
To view your locked questions, please click the following link(s) and evaluate the proposed answer.
https://www.experts-exchange.com/questions/Q.20217848.html
***** E X P E R T S P L E A S E ****** Leave your closing recommendations.
If you are interested in the cleanup effort, please click this link
https://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=commspt&qid=20274643
POINTS FOR EXPERTS awaiting comments are listed in the link below
https://www.experts-exchange.com/commspt/Q.20277028.html
Moderators will finalize this question if in @7 days Asker has not responded. This will be moved to the PAQ (Previously Asked Questions) at zero points, deleted or awarded.
Thanks everyone.
Moondancer
Moderator @ Experts Exchange
Below are your open questions as of today. Questions which have been inactive for 21 days or longer are considered to be abandoned and for those, your options are:
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you, but may help others. You must tell the participants why you wish to do this, and allow for Expert response. This choice will include a refund to you, and will move this question to our PAQ (Previously Asked Question) database. If you found information outside this question thread, please add it.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question (if it has no potential value for others).
--> Post comments for expert of your intention to delete and why
--> YOU CANNOT DELETE A QUESTION with comments; special handling by a Moderator is required.
For special handling needs, please post a zero point question in the link below and include the URL (question QID/link) that it regards with details.
https://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
Please click this link for Help Desk, Guidelines/Member Agreement and the Question/Answer process. https://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp
Click you Member Profile to view your question history and please keep them updated. If you are a KnowledgePro user, use the Power Search option to find them.
Questions which are LOCKED with a Proposed Answer but do not help you, should be rejected with comments added. When you grade the question less than an A, please comment as to why. This helps all involved, as well as others who may access this item in the future. PLEASE DO NOT AWARD POINTS TO ME.
To view your open questions, please click the following link(s) and keep them all current with updates.
https://www.experts-exchange.com/questions/Q.20140167.html
https://www.experts-exchange.com/questions/Q.20141981.html
https://www.experts-exchange.com/questions/Q.20253108.html
https://www.experts-exchange.com/questions/Q.20256316.html
https://www.experts-exchange.com/questions/Q.20277938.html
https://www.experts-exchange.com/questions/Q.20283655.html
https://www.experts-exchange.com/questions/Q.20301283.html
To view your locked questions, please click the following link(s) and evaluate the proposed answer.
https://www.experts-exchange.com/questions/Q.20217848.html
***** E X P E R T S P L E A S E ****** Leave your closing recommendations.
If you are interested in the cleanup effort, please click this link
https://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=commspt&qid=20274643
POINTS FOR EXPERTS awaiting comments are listed in the link below
https://www.experts-exchange.com/commspt/Q.20277028.html
Moderators will finalize this question if in @7 days Asker has not responded. This will be moved to the PAQ (Previously Asked Questions) at zero points, deleted or awarded.
Thanks everyone.
Moondancer
Moderator @ Experts Exchange
ASKER
I'll try this...
If it's the database password, then simply try putting
;Password=xyz;
in your connect string.
You are correct in being concerned about someone being able to possibly browse the password in the EXE. Most String literals are kept in a particular spot in the EXE and anyone can browse the EXE in a hex editor and read many of the string literals.
One technique I use is to lightly encrypt the string literal and then de-encrypt it when I actually go to use it. So, your code might look like:
Const CONN_STRING = "!@%$#ft^....."
CN.ConnectString = DeEncrypt(CONN_STRING)
The way that I lightly encrypt/de-encrypt strings is to have a routine that converts each letter of the string into it's ASCII value, and then it subtracts some constant number, like 8 or 9 from the ascii value, then converts the result back to a character. To de-Encrypt something, you simply do the same thing, but add the same constant number to the ASCII value.
So, I usually have a procedure called Encrypt that takes a boolean flag for whether you're trying to encrypt or de-encrypt, and depending on the flag, you either subtract or add the constant number respectively.
I said that this lightly encrypts the text. That means that if any casual user was browsing the EXE they wouldn't be able to read any recognizable text. If someone was pretty knowledgeable about cryptography, they might be able to find the string associated with your connect string, and then one of the first things they would try is this simple ascii manipulation. So, if you're guarding important secrets this isn't the best approach. But, if you want to foil 99.8 percent of your users out there, I think this works fine.