Looking to protect data in linked tables from being edited directly.
I've tired googling this, or looking on this site. I've found a lot of variations but I can not find an answer I am looking for.
Using Access 2016. It's split into back-end for data tables and the linked front-end for users. I have an issue with users Shift-Entering the front-end and bypassing the forms. From there they directly open the linked tables they want, and edit the data directly. I would like some form of enforcement to prevent this, but still allow myself access to do so when needed.
Ideally this will not prompt users for a password when they open the Front-End normally.
Related
I'm looking for a PHP script that will allow me to easily manage 'MySql' tables. By managing I mean not their creation but the possibility of adding new records, modifying and deleting them.
It must be possible to specify for each user which tables he will have access to and with which modalities (insertion only, modification only, etc.).
For each user I will also have to specify whether he will be able to see all or some of the columns in the table and with which permissions.
Also I'll need to know who did what, a sort of global change LOG.
My idea was to have a back-end in which I specified the users and how to access the various tables/columns and a front-end for the users.
In the front-end users will be able to add/modify/delete records and data they are allowed and the ability to filter and/or sort the various records.
I know I could use some PHP frameworks or rely on CMS but I have to write a lot of code by hand and it seems hardly credible that such a product is not already available.
Does anyone know if there is something like this?
I had tried starting with PHP frameworks but implementing everything from scratch stopped me.
I expect there is already something available.
Thanks.
Davide.
Intent: I would like to distribute forms to User X, User Y and User Z. These forms would be pre-populated with existing data on their ongoing projects. Meaning for User X, he will only be able to see his own details etc. They are to validate the information, and make changes to the data if necessary.
I tried finding the best way to go about executing this and landed on MS Access (if there's something else, please do share).
So I have a database, created my forms but how do I go about sharing only the forms to my users and updating my database. Resources I have include:
SharePoint Online (may or may not have access to it...)
Outlook
Desktop Access
I am open to various scenarios involving direct updating through SharePoint, or even manually updating the forms received through them via email if it is possible.
My most important consideration is data security. User X should not be able to see the details of other users. User-level security from older versions of Access could probably do that but its no longer in the newer version and a check online suggests it isn't the most secure option.
Any help would be much appreciated.
You do not include any information on what kind of data your "forms" includes why you collect the data and what do you want to do with it. At the very least if data from multiple users needs to be combined for any sort of overall reporting.
If the most important consideration is limiting each user to a sub-set of the data then I don't see how you decided MS Access is your best option. Any security on an Access file is easily bypassed. On top of that unless each of your users has their own set of tables you cannot set up any kind of security that isolates their individual information.
To completely isolate user information you have three options:
Use a separate database for each. Then, if you need to, link them all
into a master database in the back end.
Use an isolated front end. You cannot use an Access front end as that
will have to link to the tables; you have to use a separate
interface, either a web type interface or a Windows application that
the user has to log on and has no access to any data other than what
the software is displaying.
Use import/export files. Have access export each user's info to an
Excel sheet or other convenient data file. Let them make their
changes and return the files to you, then import them back into your
database.
We have a central Access database (with smaller peripheral databases attached) that we would like several users not in the same locality to work on through a network. We currently have the databases on OneDrive; we would also like to lock the database when it is being edited.
I see there is a relevant post that is 5 years old on StackOverflow:
Access database sharing strategies
We have the Office 365 version. Would the solution enable us to lock the databases when they are in use? Are there new solutions to help with our task? We are also willing to try other online storage options if they are better than OneDrive.
Thank you in advance.
The post you provide a link to is quote old now, and some of what it says it bang on still, but some of it is a little bit misleading.
Running an access file that is stored on onedrive sounds like a very bad idea to me.
The post mentioned "Windows Terminal Server". This is a good solution as in effect it allows multiple users to open their own copy of an access file that grabs data from a singel access database file stored on the machine they are accessing using WTS. You will need to investigate this more.
That said, I've never used the above.
I wanted to write as you should be aware that Access 2013 can be used with SQL Server to store it data. Some "slightly more expensive subscriptions designed for business" will give the subscribers access to Sharepoint and access 2013 can then be used to create "Access web apps", and Access makes it really easy to store the data on a SQL Server that is managed for you and really simple to use. Users can also enter and view data into what MS call "Access Views" which are essentiall basic access forms that can be used in a web browser.
My gut feeling is that the WTS route will be best for you.
It's worth noting that there can be considerable work to move data from an access file into SQL server using the MS tools. This depends on what features of access you use.
I'm trying to build a website that provides a login for users. Once these users login, they will be able to perform functions that will likely query a database. At some point I will need to add/modify/delete contents in the database and I'm wondering how I would be able create a page on the website that I'd only have access to. Ideally I wouldn't like to have a page on my website that allows me to edit information in my database because it could be susceptible to attacks. So how would the experts from stackoverflow create a page to edit information in their database?
get db management software like phpMyAdmin
with login abilities (or utilize the authentication by HTTP server)
Well, create a normal page - but put access restrictions on so that you're only allowed to use it if the logged in account is an administrator. (You define the administrator roles, and make sure you are one.)
You might also want to make sure the page is only served to some known IP addresses - although that becomes a pain when you suddenly want to use it from elsewhere...
Is there a way to secure tables in ms access db from unauthorized access? I would like my users to use the forms in the db but i don't want them to see the contents of the tables. I know i can hide a table but anyone who knows just a bit about access can show the hidden tables anyway. I cna also change a name to UsysTableName but again - enabling system tables shows them all. Is there a safer way? Securing by password maybe?
Also in access there are users and groups, and the possibility of granting rights.
You can access this functionality via tools/security/user and group permissions.
You need to create a workgroup information file in order to use this :
see : http://www.databasedev.co.uk/access_security.html
NOTE : Indeed Ms Access is in most cases a poor choice of db. But if you have to keep on using it for one reason or another, learning its security model is imperative in real world apps.
For Access 2003 Understanding the role of workgroup information files in Access security at http://support.microsoft.com/kb/305542/.
For Access 2007 How to use the Workgroup Administrator utility in Access 2007 at http://support.microsoft.com/kb/918583.
In your case, I suggest moving the tables you want to secure into a different database then link to the User-Interface (front end) database. This allows you more control over security. Using a password only keeps non-users out of the database. Logged in users can still see the tables.
One solution is to have your forms on one side (client side) and your tables on the other side (server side). Each user has only a copy of the forms, and the tables are somewhere else on the network.
Another solution is to install the runtime version of access (free to use) on user's computer. In this case the database window does not appear.
Whatever is you choice, you'll have to fully manage access to commandbars, creating you own ones (and forbidding the display of access commandbars).
If you go for the first solution, you'll be on your way to a real client/server structure, and you'll be able sooner or later to switch to SQL Server for your tables (your forms can then stay in an Access client application).
With some limits, it is possible to completely delete the links to the back-end tables in the front-end/app:
During app open, just use ChDir "\\someShare\someFolder" in VBA
As the source of your forms & reports, use SQL SELECT instead of saved queries/tables, using the syntax: SELECT field1, field2 FROM [BackendName_be.mdb].myTable. Note that the path is NOT specified!
This way the forms/reports will work perfectly, without any table (not even hidden) in the app.
If you put the BE in a hidden folder/share and you deliver an MDE, users will have a very hard time finding where the data is.
This technique has the added benefit to allow instant switching of the back-end (like between test/prod).
Access does a very poor job of securing data in tables. Your users NEED access to the tables in order to work with the data, but you don't want them possibly seeing EVERYTHING. You could encrypt the data in your tables yourself on the fly. I talk about this in my Access Data Encryption seminar.