[AccessD] Access to web

artful at rogers.com artful at rogers.com
Fri Nov 3 18:35:45 CST 2006 

Secure, IMO, means that you abandon Access as a back-end and focus on SQL Server or some other server database (MySQL, Oracle, DB/2, PostGres, Sybase, etc.). The security offered in such a platform is superior to that offered by Access. 

Typically, you create roles (groups of equivalent users), and then assign users to roles. You also prevent everyone from directly accessing tables, and allow them access to views, stored procedures and UDFs. You build up a hierarchy of roles, additively (i.e. managers can do everything everyone beneath them can do, but also have rights to do additional thngs such as run reports of salaries.

For the generic web user you create a role WebUser. For employees, you create several roles corresponding to the hierarchy of responsibility. The CEO has, in theory, access to everything, but in practice I am god, not the CEO, because I don't trust him to play safe.

So in a nutshell, if you want to move into web-dev, think SQL Server on the Back End and then choose any Front End that appeals to you (.NET, PHP, Ajax, DreamWeaver, whatever). In all cases the essential thing is to avoid dynamic SQL at all costs, and instead think everything out in stored procedures, views and UDFs.

HTH,
Arthur

----- Original Message ----
From: Mark A Matte <markamatte at hotmail.com>
To: accessd at databaseadvisors.com
Sent: Friday, November 3, 2006 11:59:24 AM
Subject: Re: [AccessD] Access to web

Hello All,

I would consider myself quite competent in SQL, VBA, and Access.  With that 
in mind...I would like to learn to create secure web based apps(convert some 
of my old Access dbs to web).

I need some direction as to what I should start learning/researching to 
accomplish this.  Any ideas, suggestions, or recommendations would be 
greatly appreciated.  I'm just not sure where to begin.

Thanks,

Mark A. Matte

_________________________________________________________________
Add a Yahoo! contact to Windows Live Messenger for a chance to win a free 
trip! 
http://www.imagine-windowslive.com/minisites/yahoo/default.aspx?locale=en-us&hmtagline

-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list