artful at rogers.com
artful at rogers.com
Fri Nov 3 18:35:45 CST 2006
Secure, IMO, means that you abandon Access as a back-end and focus on SQL Server or some other server database (MySQL, Oracle, DB/2, PostGres, Sybase, etc.). The security offered in such a platform is superior to that offered by Access. Typically, you create roles (groups of equivalent users), and then assign users to roles. You also prevent everyone from directly accessing tables, and allow them access to views, stored procedures and UDFs. You build up a hierarchy of roles, additively (i.e. managers can do everything everyone beneath them can do, but also have rights to do additional thngs such as run reports of salaries. For the generic web user you create a role WebUser. For employees, you create several roles corresponding to the hierarchy of responsibility. The CEO has, in theory, access to everything, but in practice I am god, not the CEO, because I don't trust him to play safe. So in a nutshell, if you want to move into web-dev, think SQL Server on the Back End and then choose any Front End that appeals to you (.NET, PHP, Ajax, DreamWeaver, whatever). In all cases the essential thing is to avoid dynamic SQL at all costs, and instead think everything out in stored procedures, views and UDFs. HTH, Arthur ----- Original Message ---- From: Mark A Matte <markamatte at hotmail.com> To: accessd at databaseadvisors.com Sent: Friday, November 3, 2006 11:59:24 AM Subject: Re: [AccessD] Access to web Hello All, I would consider myself quite competent in SQL, VBA, and Access. With that in mind...I would like to learn to create secure web based apps(convert some of my old Access dbs to web). I need some direction as to what I should start learning/researching to accomplish this. Any ideas, suggestions, or recommendations would be greatly appreciated. I'm just not sure where to begin. Thanks, Mark A. Matte _________________________________________________________________ Add a Yahoo! contact to Windows Live Messenger for a chance to win a free trip! http://www.imagine-windowslive.com/minisites/yahoo/default.aspx?locale=en-us&hmtagline -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com