Link to home
Start Free TrialLog in
Avatar of iunknown21
iunknown21Flag for United States of America

asked on

Block Quotes in Save As Dialogs

Does anyone know how to BLOCK people using quotes to change the file type in Save As dialogs?  For example, open an excel file, do a "Save as" and type 123.tmp and hit enter and it saves the file as 123.tmp.  If you dont put it in quotes, the file gets saved as 123.tmp.xls

Since I doubt that a DontAllowQuotesInSaveAs registry value exists, is there some hook I can register or something?

I would like a nice generic solution, but if that isnt possible, is there a non-macro way to do it for Office?

Im trying to keep users from changing from the standard file types.
Avatar of zorvek (Kevin Jones)
zorvek (Kevin Jones)
Flag of United States of America image

It's not that the file is in quotes, it's that the last four characters of the file name are not ".xls". Preventing a user from entering a bogus or undesired file name is difficult to begin with, but the real question is, why worry about it? There are some things we just can't control like pulling the plug or yanking the disk out of the machine while the workbook is being saved (don't laugh, I've had testers actually include those tests in their test plans - and report the results as a bug when the application failed.)

Assuming you are working from a macro, consider showing your own Save As dialog, editing the entered file name, and doing the save yourself.

Kevin
Avatar of iunknown21

ASKER

My testers used to do the same thing...until I 'reminded' them they were suppose to tell me what WORKED and not just what didn't so I could make an informed decision about shipping or not.

My application does file auditing and if they change the type of the file, it'll could fall outside the auditing rules.  So my customers would like me to stop that from happening.

Right now, I'm looking at doing a Office 2007 add-in to stop from happening, but would rather have a simple GPO solution or something.  Or maybe even a more low level solution of hooking the dialog box directly, but I don't think that will work since I don't THINK Office I don't use the windows common dialogs.
Office does not use standard Windows dialogs - they are a few steps ahead of that curve...or, as some think, a whole different reality plane.

Are you trying to control how Excel saves all files from a generic perspective or just how they save files using your tools? If the former then tell the customer the problem can't be solved. It's a really bad idea - consider that not everything a user does will then be controlled by your "force it to be this or that" add-in and the user won't be able to do one-offs that fall outside that scope. Also, given the example able, you should not be using Excel to edit and save .tmp files. Perhaps I need some more details :-)

If the latter then create a save as option in your tools so you can control how the file name is created.

Kevin
I need to be able to stop them from saving an Excel file as something OTHER than what it really is (e.g. xls, xlsx, csv, etc...)   In other words, I need to keep them from changing the extension when they do a Save As.  

The root problem is that we are tracking excel spreadsheets and if they just change the name of a spreadsheet to something other than what we recognize as a spreadsheet anymore, we can't track it.

Basically I need to keep them from renaming GL2005.xls to GL2005.jpg with a Save As.

Any clearing what I'm trying to do?
The "save as" dialog is really a scaled down version of the file explorer. You can for example rename an existing file using F2, move it, duplicate it, delete it, etc. As zorvek hinted, if you need to fully control file names, you need to rewrite window's explorer and set that as main shell. You might also need to replace Office with Open Office (so you can modify the source code to prevent all possible ways to rename a file).

You cannot really create an efficient file tracking process without the collaboration of the users. If you are saying that some of them will purposely try to break your system, then your application can't do much about it. You can of course offensively delete (or quarantine) any file in your folder structure that is not being tracked officially, but that is about all you can do. If a user overwrites an important "xls" file using notepad, and if your system relies solely on extensions, it will happily start tracking that one.

If some users "accidentally" use quotes and save files using the wrong extension, I would say that training is your best route.

(°v°)
I have the ability to block file operations that I don't want to occur.  So if I don't want people to write *.txt files, all txt files suddenly become read only.  The same things holds true for renaming, writing, deleting, changing security, etc...

My problem is when people create a file type that I don't control.  So while I could stop people from doing a save as with Excel to anything like *.txt, or *.jpg  or *.123, I can't block ALL files types since 1) nothing would work and 2) Excel writes to tmp files.

I've attached a screen shot where I've set up blocking renaming of txt files and then used Excel to attempt to rename a txt file with the F2.

any ideas other then an excel add in?
renamedDenied.jpg
You are right. An INT21 hook (like the "file sure" tool above) cannot distinguish between files written by the application (*.tmp files) or by the user of the application. In the folder(s) you are trying to control, you can always end up with some junk files.

So what is really the problem for you when a user saves as "*.foo"? Your general clean-up will find an unknown file and delete / quarantine it. The user will perhaps complain that he/she lost some data, but after a brief audit will learn that the extensions should not be changed.

What about saving as *.doc? or saving an RTF as *.xls? or any other combination not covered by these simple rules? I have the feeling you will end up with custom save features (meaning one add-in per Office applicatin), just as zorvek said in the beginning, but I don't think that would cover all possible misuse.

(°v°)
I haven't heard Int21 is a LONG time. I was ALWAYS a fan of Int 21 4B.  it was just so cool to "multi-task" in DOS and I was cool for using it...well at least to my geek friends.

While my opinion is VERY bias (since I wrote FileSure), so far I've been able to stop everything except this "Save as" thing with the rules model.  Here are basically what I've done.
1. only processes matching *\excel.exe can read and write xls files.  
2. write and rename access denied to *.exe

Rule 1 does a lot to solve my problems since only Excel.exe can make xls files and Rule 2 stops people from writing or renameing programs to Excel.exe.

My only problem is that the allowed program provides a way around my rules by allowing them to create a file OTHER then an XLS.  

As a test, I created a rule to keep Excel from writing to any file other than XLS...BOY!....Excel didn't like that.

Right now, I'm thinking that my only choice is to indeed write a "add-in" for every protected appliction, thankfully there are only a few big ones (Office being the largest)

Actually, the more I think about it....I should just hack it and write a keyboard hook.
If the Dialog that has focus is contains the phrase "Save As", don't allow them to enter quotes...just beep at them or something.

'Course that would require a global keyboard hook be installed....but "Hey! I'm desperate"

thoughts?
ASKER CERTIFIED SOLUTION
Avatar of zorvek (Kevin Jones)
zorvek (Kevin Jones)
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thank you all...I think I've figured a way to do this.  I decided not to stop excel from creating files with wacked out names but instead expand my who has read access filter.

So while Excel can save an XLS file as bubba.foo, it won't do much good since only *\Excel.exe will be able to read it.