patentinv
asked on
Can I force .mdb file to refer to a runtime loader to startup my db if not don't startup
Hi Expoerts,
I was warned, that if you have access installed on your computer and you have an access runtime application, you will be able to get to all the rearend objects, sure enough you can.
I was wondering if I could force my .mdb file to refer to the runtime loader the same way it does when you run it from a shortcut with the /runtime switch.
I've noticed the sagekey scripts simply copies my db (.mbd) to a specified directory and then creates a shortcut to it with /runtime switch, If a user that has access installed finds this .mdb file they are capable of doing any thing they wish with it, One good thing if they don't have access installed they will still be able to use the db but not get to design view, to change or modify it.
I'm trying to think of a way a user with access installed will not be able to open my .mdb file so I can keep it safe-guarded?
Any ideas?
Thanks--Patentinv
I was warned, that if you have access installed on your computer and you have an access runtime application, you will be able to get to all the rearend objects, sure enough you can.
I was wondering if I could force my .mdb file to refer to the runtime loader the same way it does when you run it from a shortcut with the /runtime switch.
I've noticed the sagekey scripts simply copies my db (.mbd) to a specified directory and then creates a shortcut to it with /runtime switch, If a user that has access installed finds this .mdb file they are capable of doing any thing they wish with it, One good thing if they don't have access installed they will still be able to use the db but not get to design view, to change or modify it.
I'm trying to think of a way a user with access installed will not be able to open my .mdb file so I can keep it safe-guarded?
Any ideas?
Thanks--Patentinv
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Pete,
I read the first link you sent me, It appears in My case it's different, I think?
My customers will be down loading my self executing file and it will install access as a runtime version, it puts the .mdb in a folder that they can get to.
So if they can get to the .mdb file I can't see any use in worrying about workgroup security, but please tell me if I'm missing something.
If I could set a password on the .mdb file it self so it would ask for a password before opening, if this is possible, but would that work if they opened through open inside of access?
i can't get around them having a copy of .mdb file,
Look what I found.... on your second link
28. How do I prevent a run-time application from being opened in full retail Microsoft Access?
You’ll need to create a function that uses SysCmd() to check to see whether the database is currently opened under the run-time version:
Function KillIt() As Integer
If Syscmd(SYSCMD_RUNTIME) = 0 Then
' use the following intrinsic constant for Microsoft Access 95 or 97
' If Syscmd(acSysCmdRuntime) = 0 Then
Application.Quit
End If
End Function
Call this function from your Startup form or AutoExec macro as the very first action. This is the first line of defense. Unfortunately, anyone who knows to hold down the SHIFT key will not be kept out by this function, so you will also want to disable holding down the shift key, as shown in the previous section. You may also want to put additional calls to KillIt() in your database—for example, in the Open events of your forms, or as calculated columns in queries. You may not be able to keep people out, but you can certainly make it inconvenient for them to be in.
Microsoft Access 95, Microsoft Access 97, and Microsoft Access 2000: You can set the AllowBypassKey property as discussed in Section 27, "How do I prevent users from holding down the SHIFT key to bypass the AutoExec macro?". This will cause the AutoExec macro to always run, so you wouldn't need to place your kill function in all your major forms or queries.
Looks like this might do the trick, What do you think? It refers to use the following; intrinsic constant for Microsoft Access 95 or 97
I'm using Access 2003, Think it will still work?
Thanks--Pete
Patentinv
I read the first link you sent me, It appears in My case it's different, I think?
My customers will be down loading my self executing file and it will install access as a runtime version, it puts the .mdb in a folder that they can get to.
So if they can get to the .mdb file I can't see any use in worrying about workgroup security, but please tell me if I'm missing something.
If I could set a password on the .mdb file it self so it would ask for a password before opening, if this is possible, but would that work if they opened through open inside of access?
i can't get around them having a copy of .mdb file,
Look what I found.... on your second link
28. How do I prevent a run-time application from being opened in full retail Microsoft Access?
You’ll need to create a function that uses SysCmd() to check to see whether the database is currently opened under the run-time version:
Function KillIt() As Integer
If Syscmd(SYSCMD_RUNTIME) = 0 Then
' use the following intrinsic constant for Microsoft Access 95 or 97
' If Syscmd(acSysCmdRuntime) = 0 Then
Application.Quit
End If
End Function
Call this function from your Startup form or AutoExec macro as the very first action. This is the first line of defense. Unfortunately, anyone who knows to hold down the SHIFT key will not be kept out by this function, so you will also want to disable holding down the shift key, as shown in the previous section. You may also want to put additional calls to KillIt() in your database—for example, in the Open events of your forms, or as calculated columns in queries. You may not be able to keep people out, but you can certainly make it inconvenient for them to be in.
Microsoft Access 95, Microsoft Access 97, and Microsoft Access 2000: You can set the AllowBypassKey property as discussed in Section 27, "How do I prevent users from holding down the SHIFT key to bypass the AutoExec macro?". This will cause the AutoExec macro to always run, so you wouldn't need to place your kill function in all your major forms or queries.
Looks like this might do the trick, What do you think? It refers to use the following; intrinsic constant for Microsoft Access 95 or 97
I'm using Access 2003, Think it will still work?
Thanks--Pete
Patentinv
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>So if they can get to the .mdb file I can't see any use in worrying about workgroup security, but please tell me if I'm missing something.
Workgroup security will help keep them out of the mdb.
Function KillIt() As Integer will help secure the BE.
>anyone who knows to hold down the SHIFT key will not be kept out by this function, so you will also want to disable holding down the shift key<
Most people who know about shift bypass, know how to enable it (see my FE#3 above).
Since there are programs to hack user level security, your only true way to secure the BE is create your own BE encryption scheme (BE#5 above). User level security is fairly secure as very few people will go to the trouble and expense to hack it. It is the MINIMUM security level I would use to keep my BE data secure in a published database.
Workgroup security will help keep them out of the mdb.
Function KillIt() As Integer will help secure the BE.
>anyone who knows to hold down the SHIFT key will not be kept out by this function, so you will also want to disable holding down the shift key<
Most people who know about shift bypass, know how to enable it (see my FE#3 above).
Since there are programs to hack user level security, your only true way to secure the BE is create your own BE encryption scheme (BE#5 above). User level security is fairly secure as very few people will go to the trouble and expense to hack it. It is the MINIMUM security level I would use to keep my BE data secure in a published database.
ASKER
Hi thenelson,
Wow you have provided quite a few options, I'll try an implement as many of your ideas as I can, Starting with the easiest first and go from there.
If I can just make opening the.mdb file a real burden, that would take some effort for an average end user to figure out. That will do for me.
It's like the lock on my gate if you really want in all you would have to do is either jump the fence or get some bolt cutters, but it keeps out most of the people.
>So if they can get to the .mdb file I can't see any use in worrying about workgroup security, but please tell me if I'm missing something.
>Workgroup security will help keep them out of the mdb.
So if I make a group account and and give this group account only the minimium rights like read, and enter data into forms and assign it a password and a user name like (estimator) since my program figure estimates.
When any one clicks on the .mdb file it will ask them for a username and password
if they enter estimator and the correct password , then they will be able open the .mdb file, but won't they still be able to go into design view and look around?
Thats whats great about runtime mode, it doesn't provide design view as an option.
Thanks--Patentinv
Wow you have provided quite a few options, I'll try an implement as many of your ideas as I can, Starting with the easiest first and go from there.
If I can just make opening the.mdb file a real burden, that would take some effort for an average end user to figure out. That will do for me.
It's like the lock on my gate if you really want in all you would have to do is either jump the fence or get some bolt cutters, but it keeps out most of the people.
>So if they can get to the .mdb file I can't see any use in worrying about workgroup security, but please tell me if I'm missing something.
>Workgroup security will help keep them out of the mdb.
So if I make a group account and and give this group account only the minimium rights like read, and enter data into forms and assign it a password and a user name like (estimator) since my program figure estimates.
When any one clicks on the .mdb file it will ask them for a username and password
if they enter estimator and the correct password , then they will be able open the .mdb file, but won't they still be able to go into design view and look around?
Thats whats great about runtime mode, it doesn't provide design view as an option.
Thanks--Patentinv
In my opinion, you have to look at the security options and then be very clear about what it is you want to achieve with security.
Be quite clear in your own mind about what precisely you are trying to protect. There is no 'general requirement' for security beyond any legal requirements you might have to meet in specific types of application.
And distinguish between what is necessary for your user/customer and what you are doing for YOUR benefit. They can be quite different. Protecting code is often easily done through the use of mde files but if your app requires any use of form or report modification features then mde is not possible.
But if it is necessary to control user access to specific sets of information then workgroup security is the way to go.
In my own circumstance, i operate a philosophy that I don't apply any more than the minimum security necesssary - ANY security can be a pain in the neck if you're trying to fix a problem over the phone. But that's just me.
Pete
Be quite clear in your own mind about what precisely you are trying to protect. There is no 'general requirement' for security beyond any legal requirements you might have to meet in specific types of application.
And distinguish between what is necessary for your user/customer and what you are doing for YOUR benefit. They can be quite different. Protecting code is often easily done through the use of mde files but if your app requires any use of form or report modification features then mde is not possible.
But if it is necessary to control user access to specific sets of information then workgroup security is the way to go.
In my own circumstance, i operate a philosophy that I don't apply any more than the minimum security necesssary - ANY security can be a pain in the neck if you're trying to fix a problem over the phone. But that's just me.
Pete
Only you can decide what level of security you need for your database.
As far as protecting the design of your forms/reports and your code, converting to an mde is quite secure. It is not easy to hack the design of forms/reports out of an mde and even harder to reverse engineer compiled machine language into readable VBA. Be sure to keep a copy of the mdb because you will have an extremely hard time editing the mde.
Converting to an mde will not protect the data. However, it is quite rare that a published database will be delivered with data that needs to be secure (usually the user will add the data).
As Pete pointed out, often less is more. If you have a desirable product that is overpriced, someone will figure a way around all your security. Look at the startup of the PC. IBM thought they would make a killing because their hardware, firmware, patents and copywrite security was solid. It took the industry about 6 months to reverse engineer the PC (and the first 5 months, the industry was just watching to see how the PC would sell).
As far as protecting the design of your forms/reports and your code, converting to an mde is quite secure. It is not easy to hack the design of forms/reports out of an mde and even harder to reverse engineer compiled machine language into readable VBA. Be sure to keep a copy of the mdb because you will have an extremely hard time editing the mde.
Converting to an mde will not protect the data. However, it is quite rare that a published database will be delivered with data that needs to be secure (usually the user will add the data).
As Pete pointed out, often less is more. If you have a desirable product that is overpriced, someone will figure a way around all your security. Look at the startup of the PC. IBM thought they would make a killing because their hardware, firmware, patents and copywrite security was solid. It took the industry about 6 months to reverse engineer the PC (and the first 5 months, the industry was just watching to see how the PC would sell).
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Steve,
>And if your application falls into the exception category you should not be developing with Access.
I have seen statements like this many times. What do you think is more secure than Access? I have also seen Access/SQL server backends that were encrypted with very high level encryption.
>And if your application falls into the exception category you should not be developing with Access.
I have seen statements like this many times. What do you think is more secure than Access? I have also seen Access/SQL server backends that were encrypted with very high level encryption.
I should have been a bit more explicit ... then your DATA should not be stored in Jet.
MDSE, SQL Express, whatever version of SQL Server you are comfortable with is more secure than Jet.
MDSE, SQL Express, whatever version of SQL Server you are comfortable with is more secure than Jet.
ASKER
Hi Experts,
Thanks for all the reply's,
I'm confused about the .mde file, I know access can convert your .mdb file to a .mde file, unfortunatly I can't do that I have to many objects in my .mdb file it fails telling me that I have to many objets for the jet engine.
But anyways, back to my confusion when you mention runtime I was under the impression that your .mdb file got turned into a .mde file, But the way the sagekey MSI Wizard works is that it makes your .mdb file into a self executing file and when you run this self executing, it places your .mdb file in a folder and provides a shortcut to it with a /runtime switch in its target, I was under the impression that it created .mde file but it doesn't, is it suppose to, or am I suppose to do this,? Because if I'm suppose to: I'm dead in the water, my .mdb file has to many objects.
I'm not sure what runtime means, I thought it meant you had .mde file.
How ever it is suppose to work, I'm satisfied with the fact that if you don't have $MS Accesss installed on your computer you can use my program and it works just like it does if you did have access installed.
I think I'll call sagekey tomorrow and ask them why my .mdb hasn't been converted to a .mde file? or is it suppose to be?
Back to the security issue, I will try and implement as many of the suggestions you experts have mentioned, to safe guard my .mdb file.
I'd better get to reading on how to implement work groups security and how to assign users to the groups and rights to the groups. I like the idea of two users/groups Super-user and data input users which will be all the purchasers. I'll be the Super User. I'm a CNE in Novell and we call it Supervisor, where Microsoft calls it Administrator/Admin. In Novell it seems easier because you can assign rights to branches .directories and all subfolders will inherit these rights, In the NDS tree. where it appears access makes you assign rights to each objet, well I have over 400 tables, 175 queries, 225 forms, and 450 macros. Which if I have to assign rights to each objest will take along time. Unless I'm missing some thing.
Thanks--Experts, I really appreciate all the help.
Patentinv
Thanks for all the reply's,
I'm confused about the .mde file, I know access can convert your .mdb file to a .mde file, unfortunatly I can't do that I have to many objects in my .mdb file it fails telling me that I have to many objets for the jet engine.
But anyways, back to my confusion when you mention runtime I was under the impression that your .mdb file got turned into a .mde file, But the way the sagekey MSI Wizard works is that it makes your .mdb file into a self executing file and when you run this self executing, it places your .mdb file in a folder and provides a shortcut to it with a /runtime switch in its target, I was under the impression that it created .mde file but it doesn't, is it suppose to, or am I suppose to do this,? Because if I'm suppose to: I'm dead in the water, my .mdb file has to many objects.
I'm not sure what runtime means, I thought it meant you had .mde file.
How ever it is suppose to work, I'm satisfied with the fact that if you don't have $MS Accesss installed on your computer you can use my program and it works just like it does if you did have access installed.
I think I'll call sagekey tomorrow and ask them why my .mdb hasn't been converted to a .mde file? or is it suppose to be?
Back to the security issue, I will try and implement as many of the suggestions you experts have mentioned, to safe guard my .mdb file.
I'd better get to reading on how to implement work groups security and how to assign users to the groups and rights to the groups. I like the idea of two users/groups Super-user and data input users which will be all the purchasers. I'll be the Super User. I'm a CNE in Novell and we call it Supervisor, where Microsoft calls it Administrator/Admin. In Novell it seems easier because you can assign rights to branches .directories and all subfolders will inherit these rights, In the NDS tree. where it appears access makes you assign rights to each objet, well I have over 400 tables, 175 queries, 225 forms, and 450 macros. Which if I have to assign rights to each objest will take along time. Unless I'm missing some thing.
Thanks--Experts, I really appreciate all the help.
Patentinv
The term 'runtime' in this context refers to the Access package you are creating and installing.
The 'runtime' is a full version of Access modified to disable all its design features.
It has very little to do with your application beyond which files make up your app and makes no changes to the mdb or mde file that you choose to distribute.
So <you> decide whether to distribute an mdb or an mde file and you give that info to the installer as you are creating your package.
You might indeed have a problem creating an mde from an mdb with this many objects.
There is a limit of what MS calls TableIDs of 2048 at the time an mde is created. Unfortunateley there is no accurate way of predicting how many TableIds are going to be required, although you will use a minimum of 1 per table and query and probably 2 for each form, 1 or 2 for each report and 1 for each of the rest but that is just the minimum because Access uses TableIDs internally for its own purposes too. So I can see 1600 from your figures and that doesn't include reports.
In assigning permissions you can choose a group, select all objects of one type (all tables, say) and assign permissions in one go. Based on your intended use of 2 groups, this does not sound that big a job. Obviously if you have any exceptions in the objects wou will have to deal with each of these separately.
Pete
The 'runtime' is a full version of Access modified to disable all its design features.
It has very little to do with your application beyond which files make up your app and makes no changes to the mdb or mde file that you choose to distribute.
So <you> decide whether to distribute an mdb or an mde file and you give that info to the installer as you are creating your package.
You might indeed have a problem creating an mde from an mdb with this many objects.
There is a limit of what MS calls TableIDs of 2048 at the time an mde is created. Unfortunateley there is no accurate way of predicting how many TableIds are going to be required, although you will use a minimum of 1 per table and query and probably 2 for each form, 1 or 2 for each report and 1 for each of the rest but that is just the minimum because Access uses TableIDs internally for its own purposes too. So I can see 1600 from your figures and that doesn't include reports.
In assigning permissions you can choose a group, select all objects of one type (all tables, say) and assign permissions in one go. Based on your intended use of 2 groups, this does not sound that big a job. Obviously if you have any exceptions in the objects wou will have to deal with each of these separately.
Pete
ASKER
I see I need to create my own .mde file, if possible. I don't think Access will let me
because it limits the number of objects/Table ID's you can have.
I did give my .mdb file some security, I added a Super user and another user (with only minimal rights).
What I don't understand is when I copy .mdb file to another computer and try to use it it doesn't ask for any passwords but if I run it from where it was copied from it prompts me for a password. hmmm?
I believe it has some thing to do with the .mdw file. I wonder if I need to copy that file to the other computer.
It really doesn't matter because the sagekey install program does all this for me. It places the .mdw and the .chm help files in the same diectory where the .mdb file is, so this makes life alot easier when deploying it to customers.
Thanks--Alot
Patentinv
because it limits the number of objects/Table ID's you can have.
I did give my .mdb file some security, I added a Super user and another user (with only minimal rights).
What I don't understand is when I copy .mdb file to another computer and try to use it it doesn't ask for any passwords but if I run it from where it was copied from it prompts me for a password. hmmm?
I believe it has some thing to do with the .mdw file. I wonder if I need to copy that file to the other computer.
It really doesn't matter because the sagekey install program does all this for me. It places the .mdw and the .chm help files in the same diectory where the .mdb file is, so this makes life alot easier when deploying it to customers.
Thanks--Alot
Patentinv
I believe it has some thing to do with the .mdw file. I wonder if I need to copy that file to the other computer.
Yes you do. Put without the mdw file, you should not be able to get into the database. Most likely you can because you did not remove the rights from the admin user. When there is no mdw file, the database opens under the admin user. By default admin has full rights. Change admin to no rights or very limited rights to prevent someone having full access with no mdw file.
Yes you do. Put without the mdw file, you should not be able to get into the database. Most likely you can because you did not remove the rights from the admin user. When there is no mdw file, the database opens under the admin user. By default admin has full rights. Change admin to no rights or very limited rights to prevent someone having full access with no mdw file.
I gave you two references for Security in an earlier response . You have to read at least one of these if you want to set up security soundly. It is not instinctive, and as you see, if you do not complete all necessary steps in the correct order you will be left with a system that is not secured.
Pete
Pete
ASKER
Oh, I see with out any .mdw file it opens to a default admin account with all rights, that makes sense, So I can just, re-assign lower level rights to admin or 0 rights.
Yes Pete, I appreciate the links and you are correct I jumped ahead and did not go step by step, and this is what happens, But like every thing else I believe you learn more when you make mistakes and try different things and have to figure it out. But the last thing I want to do is be a burden to you experts, with out your guys help I'd be going through bottles of asprin, I mean Excedrin!!
I'll go back and read carefully and do each step in the correct order.
I implemented the USys into my database objects,
1. You can preface your objects with "USys" so that they will be hidden in the Database window
This is pretty nice little trick.
I also got the this working, which is also a nice little trick,
How do I prevent a run-time application from being opened in full retail Microsoft Access?
You’ll need to create a function that uses SysCmd() to check to see whether the database is currently opened under the run-time version:
Function KillIt() As Integer
If Syscmd(SYSCMD_RUNTIME) = 0 Then
' use the following intrinsic constant for Microsoft Access 95 or 97
' If Syscmd(acSysCmdRuntime) = 0 Then
Application.Quit
End If
End Function
My next adventure is to:
27. How do I prevent users from holding down the SHIFT key to bypass the AutoExec macro?
which I'm just about to try and get working.
My security so far consists of:
1. Runtime mode, if executed from the shortcut. using sage key install
If they click on the .mdb file, and not the shortcut.
2. Database Password. If they get past this then,
3. User password with 0 rights. If they get past this then,
4. .mdb wil only open in runtime mode, using the KIllIt module, If they get past this then
5. USys Hides all databse objects, If they get past this then
6. Not sure
Thanks--Experts,
Yes Pete, I appreciate the links and you are correct I jumped ahead and did not go step by step, and this is what happens, But like every thing else I believe you learn more when you make mistakes and try different things and have to figure it out. But the last thing I want to do is be a burden to you experts, with out your guys help I'd be going through bottles of asprin, I mean Excedrin!!
I'll go back and read carefully and do each step in the correct order.
I implemented the USys into my database objects,
1. You can preface your objects with "USys" so that they will be hidden in the Database window
This is pretty nice little trick.
I also got the this working, which is also a nice little trick,
How do I prevent a run-time application from being opened in full retail Microsoft Access?
You’ll need to create a function that uses SysCmd() to check to see whether the database is currently opened under the run-time version:
Function KillIt() As Integer
If Syscmd(SYSCMD_RUNTIME) = 0 Then
' use the following intrinsic constant for Microsoft Access 95 or 97
' If Syscmd(acSysCmdRuntime) = 0 Then
Application.Quit
End If
End Function
My next adventure is to:
27. How do I prevent users from holding down the SHIFT key to bypass the AutoExec macro?
which I'm just about to try and get working.
My security so far consists of:
1. Runtime mode, if executed from the shortcut. using sage key install
If they click on the .mdb file, and not the shortcut.
2. Database Password. If they get past this then,
3. User password with 0 rights. If they get past this then,
4. .mdb wil only open in runtime mode, using the KIllIt module, If they get past this then
5. USys Hides all databse objects, If they get past this then
6. Not sure
Thanks--Experts,
>But like every thing else I believe you learn more when you make mistakes and try different things and have to figure it out.
That is true for most things computer. But there are a few things that if you don't do a bunch of reading first, you will probably create a mess that will take you a doay or two less than forever to back out of. Some that come to mind is setting up a domain, setting up a server, group policy (especially pre W2002) and as you are finding out, Access ULS. I'm sure there are others.
>How do I prevent users from holding down the SHIFT key to bypass the AutoExec macro?
You can find a demo database with shift bypass functions at: www.thenelson.name/#ShiftBypassDemo
The easiest way to disable the shift bypass is with an outside DB like
Access Property Editor http://www.jamiessoftware.tk (changes all the startup features)
or
http://home.comcast.net/~rhobrero/download/ByPass.zip created by capricorn1 (is an mdb, so you can modify it.)
Start Either one, select your DB, select disable shift bypass - your done.
Here is code for disabling the shift bypass:
Function DisAbleShift()
Dim d As Database
Dim prp As Property
Set d = CurrentDb
Set prp = d.CreateProperty("AllowByp
d.Properties.Append prp
d.Properties.Refresh
d.Properties("AllowBypassK
End Function
Put the code in a module, click your mouse anywhere in the function and press F5 (Run). Close the database. The shift bypass should now be disabled.
That is true for most things computer. But there are a few things that if you don't do a bunch of reading first, you will probably create a mess that will take you a doay or two less than forever to back out of. Some that come to mind is setting up a domain, setting up a server, group policy (especially pre W2002) and as you are finding out, Access ULS. I'm sure there are others.
>How do I prevent users from holding down the SHIFT key to bypass the AutoExec macro?
You can find a demo database with shift bypass functions at: www.thenelson.name/#ShiftBypassDemo
The easiest way to disable the shift bypass is with an outside DB like
Access Property Editor http://www.jamiessoftware.tk (changes all the startup features)
or
http://home.comcast.net/~rhobrero/download/ByPass.zip created by capricorn1 (is an mdb, so you can modify it.)
Start Either one, select your DB, select disable shift bypass - your done.
Here is code for disabling the shift bypass:
Function DisAbleShift()
Dim d As Database
Dim prp As Property
Set d = CurrentDb
Set prp = d.CreateProperty("AllowByp
d.Properties.Append prp
d.Properties.Refresh
d.Properties("AllowBypassK
End Function
Put the code in a module, click your mouse anywhere in the function and press F5 (Run). Close the database. The shift bypass should now be disabled.
ASKER
Hi thenelson,
Wow your code for disabling the shift bypass, works great!!! Thanks,
I added that to my db with all the other security features like KillIt, which only allows .mdb files to run/open in runtime mode, now I can't even open this .mdb file, which is exactly what I wanted, glad it's a back up copy.
This is kinda fun, I feel like a I'm building a safe guard for the airlines trying to keep out terrorists, lol.
I Check there ID's, Check there pockets/baggage, make them walk through scanners/metal detectors, and if they are really (terrorists) and were slick enough to pass all these steps, they get to fly, but in my case they get to run, (runtime mode).
But hopefully they won't get to runtime mode and if they are really determined hackers and bypass runtime mode all my objects will be invisible (USys) preceding objects. hmmm, wish I could make a virus, that would run if they clicked on some thing while hacking around that would reformat there harddrive, lol.
I ask a simple question and with in a couple days with all your info. I feel like I've created a bullet proof .mdb file.
Thanks--Experts,
Wow your code for disabling the shift bypass, works great!!! Thanks,
I added that to my db with all the other security features like KillIt, which only allows .mdb files to run/open in runtime mode, now I can't even open this .mdb file, which is exactly what I wanted, glad it's a back up copy.
This is kinda fun, I feel like a I'm building a safe guard for the airlines trying to keep out terrorists, lol.
I Check there ID's, Check there pockets/baggage, make them walk through scanners/metal detectors, and if they are really (terrorists) and were slick enough to pass all these steps, they get to fly, but in my case they get to run, (runtime mode).
But hopefully they won't get to runtime mode and if they are really determined hackers and bypass runtime mode all my objects will be invisible (USys) preceding objects. hmmm, wish I could make a virus, that would run if they clicked on some thing while hacking around that would reformat there harddrive, lol.
I ask a simple question and with in a couple days with all your info. I feel like I've created a bullet proof .mdb file.
Thanks--Experts,
>I feel like I've created a bullet proof .mdb file.
Don't get over confident. Access databases are pretty easy to hack into.
Concerning the shift bypass. That is very easy to enable again. Take a look at:
http://www.jamiessoftware.tk
Don't get over confident. Access databases are pretty easy to hack into.
Concerning the shift bypass. That is very easy to enable again. Take a look at:
http://www.jamiessoftware.tk
ASKER
I guess to have a positive attitude, I can look at jamies software as a way to get back in if I ever get locked out.
We'll so much for bullet proof, guess I'll head off to school.
When I get back I get to start making a Poor Mans Copy Right/Terms and Conditions.
Thanks--
We'll so much for bullet proof, guess I'll head off to school.
When I get back I get to start making a Poor Mans Copy Right/Terms and Conditions.
Thanks--
To create an other security level to protect from utilities like jamies software, take a look at the AntiAllowBypassKey Function at the end of modShiftkeyFunctions module in www.thenelson.name/#ShiftBypassDemo
ASKER
Hi thenelson,
I'm not understanding, when I open this file it finds my login and your 1234 password is not accepted, so nothing seems to work.
hmmm, am I doing some thing wrong?
Thanks--patentinv
I'm not understanding, when I open this file it finds my login and your 1234 password is not accepted, so nothing seems to work.
hmmm, am I doing some thing wrong?
Thanks--patentinv
Did you disable the shift bypass, exit, then reenter the database with the shift bey held down? The database should then ask for a password. If you enter the right password, the database will enable the shift bypass - just a simple feature to demonstrate the technique.
The part I was referencing is the AntiAllowBypassKey Function at the end of modShiftkeyFunctions module. I did not demonstrate this function since it would delete the database.
The part I was referencing is the AntiAllowBypassKey Function at the end of modShiftkeyFunctions module. I did not demonstrate this function since it would delete the database.
ASKER
Oh my bad, I did a no no and did not understand,
I see if I have the Shift-By-Pass-Key Not an option / (disabled) as I do (thanks to your provided code), and some-one try's to use a third party software (like jamies or Capricorn1) to re-enable the Shift-By-Pass-Key to hack there way into my db.
Your code prompts them for a password, instead of just re-enabling the Shift-By-Pass-Key. Wow this another great idea, and the other option you mentioned would be to delete the db, Instead of using a password, which is even better.
How come I can't see any of your objects, like forms, tables etc. in design view?
Your design view is different than any one I've ever seen.
I was looking for the AntiAllowByPassKey function at the end of the ModShiftKeyFuntion module, thats suppose to delete the db, if they try to re-enable the Shift-By-Pass-Key.
But you mention these functions will not work to keep third party softwares like capricorn1 and Jamies, from re-enabling the Shift-By-Pass-Key. That's to bad this is a great idea.
But they are usefull if you do need to re-enable the Shift-By-Pass-Key, to get back into my db.
Please explain if I missed some thing.
Is this possible?
I've been tyrying to fugure a way to change the access icon key that shows on my .mdb file, but through long searching it appears it's not possible, I did change the shortcut icon, but if the user looks at the shortcut target they will be lead to the .mdb file and realize this program is made in access, I guess they would also be able to tell by .mdb extension, but I could probably hide that.
Thanks--thenelson, you are always very helpfull, and I really appreciate it..
patentinv
I see if I have the Shift-By-Pass-Key Not an option / (disabled) as I do (thanks to your provided code), and some-one try's to use a third party software (like jamies or Capricorn1) to re-enable the Shift-By-Pass-Key to hack there way into my db.
Your code prompts them for a password, instead of just re-enabling the Shift-By-Pass-Key. Wow this another great idea, and the other option you mentioned would be to delete the db, Instead of using a password, which is even better.
How come I can't see any of your objects, like forms, tables etc. in design view?
Your design view is different than any one I've ever seen.
I was looking for the AntiAllowByPassKey function at the end of the ModShiftKeyFuntion module, thats suppose to delete the db, if they try to re-enable the Shift-By-Pass-Key.
But you mention these functions will not work to keep third party softwares like capricorn1 and Jamies, from re-enabling the Shift-By-Pass-Key. That's to bad this is a great idea.
But they are usefull if you do need to re-enable the Shift-By-Pass-Key, to get back into my db.
Please explain if I missed some thing.
Is this possible?
I've been tyrying to fugure a way to change the access icon key that shows on my .mdb file, but through long searching it appears it's not possible, I did change the shortcut icon, but if the user looks at the shortcut target they will be lead to the .mdb file and realize this program is made in access, I guess they would also be able to tell by .mdb extension, but I could probably hide that.
Thanks--thenelson, you are always very helpfull, and I really appreciate it..
patentinv
>How come I can't see any of your objects, like forms, tables etc. in design view?
Goto tools, startup. Uncheck the items you don't want the user to have access to; restart the DB.
>I was looking for the AntiAllowByPassKey function at the end of the ModShiftKeyFuntion module, thats suppose to delete the db, if they try to re-enable the Shift-By-Pass-Key.
In the VB Editor, press Ctrl-R to goto the project explorer, click on the + in front of "modules", select ModShiftKeyFuntion.
I uploaded a new version of ShiftBypassDemo which has a button in the read me form that will jump you to the code.
Please explain if I missed some thing.
No you didn't.
The AntiAllowByPassKey function is another layer of protection which will protect against someone enabling the shift bypass.
I just located some sites on software protection:
http://www.searchlores.org/protec/protec.htm
http://inner-smile.com/nocrack.phtml
http://www.activelock.com/index.html
Goto tools, startup. Uncheck the items you don't want the user to have access to; restart the DB.
>I was looking for the AntiAllowByPassKey function at the end of the ModShiftKeyFuntion module, thats suppose to delete the db, if they try to re-enable the Shift-By-Pass-Key.
In the VB Editor, press Ctrl-R to goto the project explorer, click on the + in front of "modules", select ModShiftKeyFuntion.
I uploaded a new version of ShiftBypassDemo which has a button in the read me form that will jump you to the code.
Please explain if I missed some thing.
No you didn't.
The AntiAllowByPassKey function is another layer of protection which will protect against someone enabling the shift bypass.
I just located some sites on software protection:
http://www.searchlores.org/protec/protec.htm
http://inner-smile.com/nocrack.phtml
http://www.activelock.com/index.html
ASKER
>The AntiAllowByPassKey function is another layer of protection which will protect against someone enabling the shift bypass.
Will this protect against 3rd party Companies Like Capricorn1 and jamies software
from re-anabling the ShiftByPass? I believe you mentioned no, because they modify the startup, but I'm not sure.
Oh you can hide project explorer, I see, I had to re-nable it: Tools-Options-Docking.
Thats a good idea, adds another layer of protection.
OK In startup I can remove all objects, from being displayed. All-right, Another layer security.
You Experts know all the tricks,
Thanks for the links, I think I'll take the afternoon off, and I'll take a look at the links this evening, It's finally not raining here.
Thanks--thenelson
patentinv
Will this protect against 3rd party Companies Like Capricorn1 and jamies software
from re-anabling the ShiftByPass? I believe you mentioned no, because they modify the startup, but I'm not sure.
Oh you can hide project explorer, I see, I had to re-nable it: Tools-Options-Docking.
Thats a good idea, adds another layer of protection.
OK In startup I can remove all objects, from being displayed. All-right, Another layer security.
You Experts know all the tricks,
Thanks for the links, I think I'll take the afternoon off, and I'll take a look at the links this evening, It's finally not raining here.
Thanks--thenelson
patentinv
ASKER
Oh I got a little peak at your Code that deletes the DB if the antibypass is enabled,
I'm going to look at it better and try it, this evening. Great Idea !!!
Thanks--thenelson
patentinv
I'm going to look at it better and try it, this evening. Great Idea !!!
Thanks--thenelson
patentinv
>The AntiAllowByPassKey function is another layer of protection which will protect against someone enabling the shift bypass.
Will this protect against 3rd party Companies Like Capricorn1 and jamies software from re-anabling the ShiftByPass?
No & yes. It will not prevent enabling shift bypass but you call AntiAllowByPassKey from the on open events of all your forms and reports so if the shift bypass is enabled, the database will be deleted as soon as the user opens a form or report. You want to rename AntiAllowByPassKey to something obscure to make it harder to find.
Will this protect against 3rd party Companies Like Capricorn1 and jamies software from re-anabling the ShiftByPass?
No & yes. It will not prevent enabling shift bypass but you call AntiAllowByPassKey from the on open events of all your forms and reports so if the shift bypass is enabled, the database will be deleted as soon as the user opens a form or report. You want to rename AntiAllowByPassKey to something obscure to make it harder to find.
ASKER
I pasted the code below in the on open procedure of one of my forms but recieved an error It highlighted this line
Private Sub Form_Open(Cancel As Integer)
And said expected end sub
Not sure why?
I also tried calling your function from the on open form procudere, But recieved an error saying. (Expected Variable or Procedure, not Module)
Here's how I called it
Private Sub Form_Open(Cancel As Integer)
Call AntiAllowbypasskey
End Sub
hmmm, It would be nice to add this other layer of security, but I'm feeling pretty confident that most users won't be able to get by my first few layers of security, unless an expert like you or some one equivalent wants it, I think I'm OK, plus even if your code deletes my db and they want my db bad enough they will down load it again and figure there way around this security feature.
But the more the security the better.
Here's the code I Pasted into one my forms in the on open procedure,
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
End Function
Like I think, I've mentioned before I'm not good with code, so when I recieve errors I get easily confused on what to do to correct these errors, I hate to be under your mercy, but unfortunatly that's is the case.
Thanks--thenelson
patentinv
Private Sub Form_Open(Cancel As Integer)
And said expected end sub
Not sure why?
I also tried calling your function from the on open form procudere, But recieved an error saying. (Expected Variable or Procedure, not Module)
Here's how I called it
Private Sub Form_Open(Cancel As Integer)
Call AntiAllowbypasskey
End Sub
hmmm, It would be nice to add this other layer of security, but I'm feeling pretty confident that most users won't be able to get by my first few layers of security, unless an expert like you or some one equivalent wants it, I think I'm OK, plus even if your code deletes my db and they want my db bad enough they will down load it again and figure there way around this security feature.
But the more the security the better.
Here's the code I Pasted into one my forms in the on open procedure,
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
End Function
Like I think, I've mentioned before I'm not good with code, so when I recieve errors I get easily confused on what to do to correct these errors, I hate to be under your mercy, but unfortunatly that's is the case.
Thanks--thenelson
patentinv
ASKER
Sitting here thinking about where to place your code?
It would make most sense to add it to a module so it can be called from all forms and report, Instead of having to place all that code in each form and report.
But it's just a guess.
patentinv
It would make most sense to add it to a module so it can be called from all forms and report, Instead of having to place all that code in each form and report.
But it's just a guess.
patentinv
>It would make most sense to add it to a module so it can be called from all forms and report,
Yes
Yes
ASKER
I thought so, so now at least O know to put it in module and callit, hmmmm,
The error says'
(Expected Variable or Procedure, not Module)
Here's how I called it,
Private Sub Form_Open(Cancel As Integer)
Call AntiAllowbypasskey
End Sub
I'll try and trouble shout this error,
It must not recognize the name it's called by (AntiAllowbypasskey)? or
I'm calling it wrong, (Call AntiAllowbypasskey), or
Maybe thats not the name of the function? hmmm, or I don't have your code
placed in module correctly? here is how it is placed in the module.
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
End Function
Anyways back to the actual error mesage,The error says'
(Expected Variable or Procedure, not Module)
It must think I'm calling a variable or a Procedure, but the code is placed in a
Module, so I must be calling a module, but it sounds like it wants or expects a variable or a procedure, could this be the batch file you refer to in your code?
I typed the error into google says I can't call a module.
I'm getting closer I renamed the saved module to something different now its calling the function, not the module, but now I'm getting an error highlights this line and it says (property not found)
If CurrentDb.Properties("Allo
Any Suggestions?
I just got office 2003 Pro and frontpage 2003, I get to load them.
Any help will be greatly appreciated,
Thnaks--thenelson
patentinv
The error says'
(Expected Variable or Procedure, not Module)
Here's how I called it,
Private Sub Form_Open(Cancel As Integer)
Call AntiAllowbypasskey
End Sub
I'll try and trouble shout this error,
It must not recognize the name it's called by (AntiAllowbypasskey)? or
I'm calling it wrong, (Call AntiAllowbypasskey), or
Maybe thats not the name of the function? hmmm, or I don't have your code
placed in module correctly? here is how it is placed in the module.
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
End Function
Anyways back to the actual error mesage,The error says'
(Expected Variable or Procedure, not Module)
It must think I'm calling a variable or a Procedure, but the code is placed in a
Module, so I must be calling a module, but it sounds like it wants or expects a variable or a procedure, could this be the batch file you refer to in your code?
I typed the error into google says I can't call a module.
I'm getting closer I renamed the saved module to something different now its calling the function, not the module, but now I'm getting an error highlights this line and it says (property not found)
If CurrentDb.Properties("Allo
Any Suggestions?
I just got office 2003 Pro and frontpage 2003, I get to load them.
Any help will be greatly appreciated,
Thnaks--thenelson
patentinv
Change the function to
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
On Error GoTo AntiAllowBypassKey_Error
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
AntiAllowBypassKey_Error:
If Err = 3270 Then
'AllowBybassKey property does not exist
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean, rbFlag)
Resume
Else
'Some other error
MsgBox "Unexpected error: " & Error$ & " (" & Err & ")"
End If
End Function
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
On Error GoTo AntiAllowBypassKey_Error
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
AntiAllowBypassKey_Error:
If Err = 3270 Then
'AllowBybassKey property does not exist
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean, rbFlag)
Resume
Else
'Some other error
MsgBox "Unexpected error: " & Error$ & " (" & Err & ")"
End If
End Function
Oops, change the function to:
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
Dim db As Database
On Error GoTo AntiAllowBypassKey_Error
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
AntiAllowBypassKey_Error:
If Err = 3270 Then
'AllowBybassKey property does not exist
Set db = CurrentDb
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean)
Resume
Else
'Some other error
MsgBox "Unexpected error: " & Error$ & " (" & Err & ")"
End If
End Function
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
Dim db As Database
On Error GoTo AntiAllowBypassKey_Error
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next
DoCmd.Quit
AntiAllowBypassKey_Error:
If Err = 3270 Then
'AllowBybassKey property does not exist
Set db = CurrentDb
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean)
Resume
Else
'Some other error
MsgBox "Unexpected error: " & Error$ & " (" & Err & ")"
End If
End Function
ASKER
Good Morning thenelson,
OK, I just placed the new posted function in the module, and called it from the on open of one of my forms,
I recieved this error message
Runtime error 3386
Property Value must be set before using
And it highlighted this line in the code:
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean)
hmmm, OK, not sure what this means maybe I need to assign a value to "AllowBypassKey"? just a guess!!
It almost ran were closer, Any ideas?
Question?
This function will delete the db if the shiftbypasskey is enabled?
So I need to be testing it on a db with the shiftbypasskey enabled?
How access is by default?
I just noticed some thing, once the shiftbypass code is ran, I can't disable it.
Here's the code that enables it, I hit f-5 to run it,
Function DisAbleShift()
Dim d As Database
Dim prp As Property
Set d = CurrentDb
Set prp = d.CreateProperty("AllowByp
d.Properties.Append prp
d.Properties.Refresh
d.Properties("AllowBypassK
End Function
I've never had to use the shiftbypass key to get in, but if I ever do, what will I do?
I'm glad all this is happening now I get to see how it will actually work in real time,
Maybe I'll be getiing in touch with Jamies or Capricorn1, wanting there software to re-enable the shiftbypass. lol
I have plenty of backups 4 different computers of course networked with Raid scuzzy harddrives in the server, The main server (Novell) has 6 hardrives all mirrored with full duplexing, and the workstations have 2-3 IDE harddrives. That reduntly get backed up to a diskdrive, using cheyennes ARC Serve.
So I'll be working on backup copy's of the db.
Thanks--thenelson
patentinv
OK, I just placed the new posted function in the module, and called it from the on open of one of my forms,
I recieved this error message
Runtime error 3386
Property Value must be set before using
And it highlighted this line in the code:
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean)
hmmm, OK, not sure what this means maybe I need to assign a value to "AllowBypassKey"? just a guess!!
It almost ran were closer, Any ideas?
Question?
This function will delete the db if the shiftbypasskey is enabled?
So I need to be testing it on a db with the shiftbypasskey enabled?
How access is by default?
I just noticed some thing, once the shiftbypass code is ran, I can't disable it.
Here's the code that enables it, I hit f-5 to run it,
Function DisAbleShift()
Dim d As Database
Dim prp As Property
Set d = CurrentDb
Set prp = d.CreateProperty("AllowByp
d.Properties.Append prp
d.Properties.Refresh
d.Properties("AllowBypassK
End Function
I've never had to use the shiftbypass key to get in, but if I ever do, what will I do?
I'm glad all this is happening now I get to see how it will actually work in real time,
Maybe I'll be getiing in touch with Jamies or Capricorn1, wanting there software to re-enable the shiftbypass. lol
I have plenty of backups 4 different computers of course networked with Raid scuzzy harddrives in the server, The main server (Novell) has 6 hardrives all mirrored with full duplexing, and the workstations have 2-3 IDE harddrives. That reduntly get backed up to a diskdrive, using cheyennes ARC Serve.
So I'll be working on backup copy's of the db.
Thanks--thenelson
patentinv
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean, False)
db.CreateProperty("AllowBy
dbBoolean, False)
ASKER
I pasted that code in the procedure, I did not recieve any errors but it did not delete my db but it did enable the shift bypass key,
hmmm,
Any suggestions?
Gotta go to school,
Thanks--thenelson
patentinv
hmmm,
Any suggestions?
Gotta go to school,
Thanks--thenelson
patentinv
If the AllowByBypassKey property is not created, the code will create it. The next time the code runs, the property will be there and the database will be deleted. You can eliminate this behavior by creating the property (by running this code or the enable/disable code) before shipping the database.
ASKER
hmmm, I must be missing some thing, when I run your code it creates/turns on the antibypasskey, but it never deletes the db. I did as you instructed and ran it a bunch times it never deletes the db?
I did get the password that enables the AntiBYPassKey to work and the Disable AntiBYPassKey to work, so now I can get into the db's if I need to. That is a great idea!!!
Any suggestions?
Thanks--patentinv
I did get the password that enables the AntiBYPassKey to work and the Disable AntiBYPassKey to work, so now I can get into the db's if I need to. That is a great idea!!!
Any suggestions?
Thanks--patentinv
ASKER
I'm tring to think of a scenario when I would need to use the shiftbypasskey, I'm pretty convinced it would be in a scenario when the db would freeze and not open up, but I'm not sure.
But I'm sure there's a good reason for it, maybe its like safe mode for windows?
Just wondering?
Thanks--pateninv
But I'm sure there's a good reason for it, maybe its like safe mode for windows?
Just wondering?
Thanks--pateninv
hmmm, I must be missing some thing, when I run your code it creates/turns on the antibypasskey, but it never deletes the db. I did as you instructed and ran it a bunch times it never deletes the db?
I just tried it and it worked fine. Did you single step through the code to see what it is doing.
If you have disabled items in the startup dialog, you would use the shift bypass to open the database so you can do further development on it. I use shift bypass all the time. Safe mode for Access 2002+ is starting a database with the control key held down.
I just tried it and it worked fine. Did you single step through the code to see what it is doing.
If you have disabled items in the startup dialog, you would use the shift bypass to open the database so you can do further development on it. I use shift bypass all the time. Safe mode for Access 2002+ is starting a database with the control key held down.
ASKER
I've never stepped through the code, I've heard about it, How do you do this?
Maybe it just won't work in my case, might be some thing in my db, thats different than yours, make sure you are working on a backup if you are using the delete db code.
I feel pretty good about the security I have implemented, so it's not a big deal, if it won't work in my case.
I see, you can go directly to the objects you are working on instead of having to close the switchboard/opening form, and then going to the objects, good idea!! Maybe I'll start to do that. Your enable disable shiftbypass code makes all this really easy!!
Really, it's called safe mode in access 2003, what a coincidence.
We'll I'd better get back to finishing my template form, I made a template form for the contract/proposal form so the users can just copy and paste there services to be performed from the template form to the contract/propsal form. Now they will only need to change the price and maybe a few key words. It's just a form with
a bunch of memo boxes labeled according to the different services that will be performed.
Thanks--thenelson
patentinv
Maybe it just won't work in my case, might be some thing in my db, thats different than yours, make sure you are working on a backup if you are using the delete db code.
I feel pretty good about the security I have implemented, so it's not a big deal, if it won't work in my case.
I see, you can go directly to the objects you are working on instead of having to close the switchboard/opening form, and then going to the objects, good idea!! Maybe I'll start to do that. Your enable disable shiftbypass code makes all this really easy!!
Really, it's called safe mode in access 2003, what a coincidence.
We'll I'd better get back to finishing my template form, I made a template form for the contract/proposal form so the users can just copy and paste there services to be performed from the template form to the contract/propsal form. Now they will only need to change the price and maybe a few key words. It's just a form with
a bunch of memo boxes labeled according to the different services that will be performed.
Thanks--thenelson
patentinv
Since it is a function in a global module, place your cursor anywhere in the procedure and press F8. The line of code that is active will hightlight in yellow. Keep pressing F8 to see where the code goes.
ASKER
I see F8 steps through the code line by line, I'm guessing its simulating the actual call/run command?
It stopped at Next, as shown below.
For I = 1 To 30000
Next
DoCmd.Quit
Here's the code:
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
Dim db As Database
On Error GoTo AntiAllowBypassKey_Error
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next < Here it gets hung up
DoCmd.Quit
AntiAllowBypassKey_Error:
If Err = 3270 Then
'AllowBybassKey property does not exist
Set db = CurrentDb
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean, True)
Resume
Else
'Some other error
MsgBox "Unexpected error: " & Error$ & " (" & Err & ")"
End If
End Function
It gets hung up at the batch file, Do I need a batch file called eraseme.bat? but then it appears as if it is suppose to make one form me.
It's a kinda of debugger. But I don't see any error messages.
Any suggestions?
patentinv
It stopped at Next, as shown below.
For I = 1 To 30000
Next
DoCmd.Quit
Here's the code:
Public Function AntiAllowBypassKey()
Dim fs As Object, f As Object, ts As Object, I As Integer
Dim db As Database
On Error GoTo AntiAllowBypassKey_Error
If CurrentDb.Properties("Allo
Set fs = CreateObject("Scripting.Fi
'Create a file, overwrite if it already exists
fs.CreateTextFile "eraseme.bat", True
Set f = fs.GetFile("eraseme.bat")
Set ts = f.OpenAsTextStream(2, 0)
'create the lines in the batch file
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
ts.Close
'Run the batch file
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
'Wait for the batch file to start then quit
For I = 1 To 30000
Next < Here it gets hung up
DoCmd.Quit
AntiAllowBypassKey_Error:
If Err = 3270 Then
'AllowBybassKey property does not exist
Set db = CurrentDb
db.Properties.Append _
db.CreateProperty("AllowBy
dbBoolean, True)
Resume
Else
'Some other error
MsgBox "Unexpected error: " & Error$ & " (" & Err & ")"
End If
End Function
It gets hung up at the batch file, Do I need a batch file called eraseme.bat? but then it appears as if it is suppose to make one form me.
It's a kinda of debugger. But I don't see any error messages.
Any suggestions?
patentinv
>I'm guessing its simulating the actual call/run command?
Not simulating. It is actually running the code one line at a time.
It doesn't stop at Next.
For I = 1 To 30000
Next
Loops through 30000 times. You would need to press F8 30000 x 3 Lines or 90,000 times to get through those lines. To get past those lines, you put your cursor on the line
DoCmd.Quit
Press F9 to set a break point on the line and then press F5 to run the code to the break.
>It gets hung up at the batch file,
It must not get hung up at that line since it reaches the For-next loop.
fs.CreateTextFile "eraseme.bat", True
will create a file called eraseme.bat in the default folder. Run a search through the entire hard drive to find it. when you find it, double click on it to run it with the database closed to see if the database is deleted after a 20 second delay. If the database deletes, you know the code is working up to there.
The next thing to test is the line
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
change it to
Shell Chr$(34) & "eraseme.bat" & Chr$(34)
place a code break on it.
change the lines
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
to
ts.WriteLine ("Echo I'm here!")
ts.WriteLine ("Pause")
Press F5 then press F8. You should get a DOS window to open with "I'm here!", "Press any key to continue" displayed. If you do, return the code back to what it was, with no code breaks and the curser in the procedure, press F5. The database should close and then be deleted 20 seconds later.
Not simulating. It is actually running the code one line at a time.
It doesn't stop at Next.
For I = 1 To 30000
Next
Loops through 30000 times. You would need to press F8 30000 x 3 Lines or 90,000 times to get through those lines. To get past those lines, you put your cursor on the line
DoCmd.Quit
Press F9 to set a break point on the line and then press F5 to run the code to the break.
>It gets hung up at the batch file,
It must not get hung up at that line since it reaches the For-next loop.
fs.CreateTextFile "eraseme.bat", True
will create a file called eraseme.bat in the default folder. Run a search through the entire hard drive to find it. when you find it, double click on it to run it with the database closed to see if the database is deleted after a 20 second delay. If the database deletes, you know the code is working up to there.
The next thing to test is the line
Shell Chr$(34) & "eraseme.bat" & Chr$(34), vbHide
change it to
Shell Chr$(34) & "eraseme.bat" & Chr$(34)
place a code break on it.
change the lines
ts.WriteLine ("ping 1.1.1.1 -w 20000 -n 1") 'wait twenty seconds
ts.WriteLine ("Del """ & CurrentProject.Path & "\" & CurrentProject.Name & Chr(34))
to
ts.WriteLine ("Echo I'm here!")
ts.WriteLine ("Pause")
Press F5 then press F8. You should get a DOS window to open with "I'm here!", "Press any key to continue" displayed. If you do, return the code back to what it was, with no code breaks and the curser in the procedure, press F5. The database should close and then be deleted 20 seconds later.
ASKER
>will create a file called eraseme.bat in the default folder. Run a search through the entire hard drive to find it. when you find it, double click on it to run it with the database closed to see if the database is deleted after a 20 second delay. If the database deletes, you know the code is working up to there.
How many databases will this delete?
I found it, not to sure if i want to run it.
thanks--patentinv
How many databases will this delete?
I found it, not to sure if i want to run it.
thanks--patentinv
open it up it note pad.
ASKER
I'll let one of my class mates open it ip it note pad.
patentinv
patentinv
ASKER
I'm trying to think of a way a user with access installed will not be able to open my .mdb file (unless it's in runtime mode), so I can keep it safe-guarded?