| Subject | Re: [firebird-support] Detecting Database Changes |
|---|---|
| Author | Alexandre Benson Smith |
| Post date | 2004-01-09T02:34:28Z |
At 01:18 09/01/2004 +0000, you wrote:
I have read a good article by Ivan Prenosil sometime ago about simulating
an On Connect trigger by some hacks on isc4.gdb, take a look at this
http://www.volny.cz/iprenosil/interbase/ip_ib_isc4.htm
Did you say about multi-user enviroment and FB Embebbed, I supose you will
have diferent scenarios right ?
You could revoke update to tables and grant only to SP's this can help that
only your code modify the table data.
You could encrypt the data, so nobody can read or update the table contents.
I suppose that the control you want is nothing so sophisticated since one
of your thoughts is to store the counter/timestamp/etc in a INI file, so I
think these very simple sollutions can help.
If you just want to know and do not mind if someone else is messing around
with your data, you could put triggers on insert, delete, update for all
tables that logs the last time something was changed to a "log table" and
when your application starts compares the timestamp stored in your "log
table" with the timestamp of the last time your application run (finalized)
stored somewhere else.
If you want something very very very simple to prevent a "basic user" to
modify your data direct with isql for example you could put a trigger on
before insert, delete, update to check if a value in some flag table is set
and if not abort the statement. When your application starts set the flag
to true, when closes sets it to false. As you can see not "rock solid" ;-)
but can help a little bit. I think the time spent in some solution may
depend on the importance of someone messing with your data.
HTH
Alexandre Benson Smith
Development
THOR Software e Comercial Ltda.
Santo Andre - Sao Paulo - Brazil
www.thorsoftware.com.br
----------
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.558 / Virus Database: 350 - Release Date: 02/01/2004
[Non-text portions of this message have been removed]
>I've written a Windows application that uses Firebird v1.5. (Note:Hi Joe !
>I'm using C++ and the IBPP class wrappers.) I'm concerned about
>someone using a different application or tool (e.g. isql.exe) to
>modify the content of my database. This seems very easy to do given
>the Firebird Embedded version that allows a database to be open
>without needing a username/password.
>
>Therefore, I'm looking for a technique to determine if my database
>has been modified by another application. Here's what I've thought
>of so far, all having some hurdle to get over:
>
>1. I was thinking of storing the database file-time in a .ini file
>and compare that before I connect to the database, but this approach
>requires file-level access to the database file, which I may not have
>in a multi-user setup.
>
>2. I was also looking at the header checksum and the header
>generation fields, but can I read those somehow? Also, is the header
>guaranteed to be updated if a table gets updated?
>
>3. Lastly, I was thinking about having a trigger update a counter in
>a user defined table. But how do I guarantee that trigger gets fired
>each time the database is opened by any application (is there some
>update on a system-level table each time a database is opened)?
>Using this technique, I could store the counter in a local ini and
>compare it when I open the database.
>
>Any and all input will be appreciated. Thanks!
>
>Joe A.
I have read a good article by Ivan Prenosil sometime ago about simulating
an On Connect trigger by some hacks on isc4.gdb, take a look at this
http://www.volny.cz/iprenosil/interbase/ip_ib_isc4.htm
Did you say about multi-user enviroment and FB Embebbed, I supose you will
have diferent scenarios right ?
You could revoke update to tables and grant only to SP's this can help that
only your code modify the table data.
You could encrypt the data, so nobody can read or update the table contents.
I suppose that the control you want is nothing so sophisticated since one
of your thoughts is to store the counter/timestamp/etc in a INI file, so I
think these very simple sollutions can help.
If you just want to know and do not mind if someone else is messing around
with your data, you could put triggers on insert, delete, update for all
tables that logs the last time something was changed to a "log table" and
when your application starts compares the timestamp stored in your "log
table" with the timestamp of the last time your application run (finalized)
stored somewhere else.
If you want something very very very simple to prevent a "basic user" to
modify your data direct with isql for example you could put a trigger on
before insert, delete, update to check if a value in some flag table is set
and if not abort the statement. When your application starts set the flag
to true, when closes sets it to false. As you can see not "rock solid" ;-)
but can help a little bit. I think the time spent in some solution may
depend on the importance of someone messing with your data.
HTH
Alexandre Benson Smith
Development
THOR Software e Comercial Ltda.
Santo Andre - Sao Paulo - Brazil
www.thorsoftware.com.br
----------
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.558 / Virus Database: 350 - Release Date: 02/01/2004
[Non-text portions of this message have been removed]