[Gambas-user] A dude about Gambas

Jose Daniel Santos Delgado jdsantos1978 at ...626...
Wed Jan 18 13:34:42 CET 2006 

Thank you All.

I think that the last solution (Fabien's one) is the most appropiated
though I still don't like the idea of harcoding user and passwd in the
database because, for instance, let's suposse I give the application 
to other's schools: every school should have to recompile the
application to store its own database user and password.

I had already thought about the user table idea, though it would be
better that I could authenticate against the LDAP server (each student
and teachr has its own ldap account).

Regards



2006/1/19, Fabien Bodard <gambasfr at ...11...>:
> Hi, Jose
>
> This is my suggest :
>
> You create a mysql account with all right(read, write, edit). And a very
> complicated user name and password that you hardcode into your program.
>
> Then in your database you add a users table with login , password (stored in
> md5), UserLevel, and otherthing you want.
>
> When a user use your program, the program connect the database and query an
> identification. And in function of the UserLevel your program allow or not
> the database editing...
>
> You need fortunally to be the only to know the database grant psw. (but it's
> true for many other case .
>
> It work like most of cms in php... On fact there is only one password
> registred on the database... others are stored into the database or into a
> users database that drive the program permitions.
>
> Regards, Fabien Bodard
>
>
>
>
>
>
> Le Mercredi 18 Janvier 2006 12:40, juan a écrit:
> > Hello
> > Just a question about your problem.
> > I'm not sure but Is it not better to create a table with user and password
> > in sql and later from gambas check that table and in base to that you can
> > control the access level also?.
> > It's just a suggestion, but it is not a good idea to hard code a password,
> > if a somebody gess it or discover it from a teacher you will have to change
> >  it on you code and it is not a good idea.
> >
> > Regards
> > Juan
> >
> > On Wednesday 18 January 2006 08:32, Jose Daniel Santos Delgado wrote:
> > > At the moment I've thought in two possible solutions:
> > >
> > > - Hard code the user and passwd information.
> > > - Use a public file with the user and password, but the application
> > > add a prefix to each of them to build the real user and the real
> > > password.
> > >
> > > I'm planing to build a gambas-based Library Control Application for
> > > the school I work at. The alumns could view the database and the
> > > teachers coud edit it.
> > >
> > > I don't want that and advance boy (orgirl) guess the user and password
> > > of the mysql database and make a 'delete from books' :) and I had
> > > thought that there might be other ways of accessing the database.
> > >
> > > Thanks.
> > >
> > > 2006/1/17, johnf <jfabiani at ...1109...>:
> > > > On Tuesday 17 January 2006 05:11, Jose Daniel Santos Delgado wrote:
> > > > > The user and the passwd that grant access the database must be stored
> > > > > somewhere at the client machine but I don't want it to be public. And
> > > > > I also don't like the idea of being hardcoded into the application
> > > >
> > > > In general I ask the user to supply a password and use a pref file that
> > > > contains things like the database, port, host.  Or just hard code it.
> > > > I get the user name from "username.Text".  That means a login window
> > > > must be used. Making it so the login process is transparent would
> > > > required storing the password somewhere.  You might be able to setup
> > > > some sort of LDAP way of doing it (single signon).
> > > >
> > > > John
> > > >
> > > >
> > > >
> > > > -------------------------------------------------------
> > > > This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> > > > files for problems?  Stop!  Download the new AJAX search engine that
> > > > makes searching your log files as easy as surfing the  web.  DOWNLOAD
> > > > SPLUNK!
> > > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=12164
> > > >2 _______________________________________________
> > > > Gambas-user mailing list
> > > > Gambas-user at lists.sourceforge.net
> > > > https://lists.sourceforge.net/lists/listinfo/gambas-user
> > >
> > > -------------------------------------------------------
> > > This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> > > files for problems?  Stop!  Download the new AJAX search engine that
> > > makes searching your log files as easy as surfing the  web.  DOWNLOAD
> > > SPLUNK!
> > > http://sel.as-us.falkag.net/sel?cmd=lnk&kid3432&bid#0486&dat1642
> > > _______________________________________________
> > > Gambas-user mailing list
> > > Gambas-user at lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/gambas-user
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
> http://sel.as-us.falkag.net/sel?cmdlnk&kid3432&bid#0486&dat1642
> _______________________________________________
> Gambas-user mailing list
> Gambas-user at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/gambas-user
>

More information about the User mailing list