Jump to content

Peter Wagemans

Members
  • Content Count

    66
  • Joined

  • Last visited

  • Days Won

    1

Peter Wagemans last won the day on August 9 2018

Peter Wagemans had the most liked content!

Community Reputation

2 Neutral

About Peter Wagemans

  • Rank
    just passing through

Profile Information

  • Title
    developer
  • Gender
    Male
  • Location
    Belgium

Contact Methods

  • Website URL
    http://www.lesterius.com/

FileMaker Experience

  • Skill Level
    Expert
  • FM Application
    17

Platform Environment

  • OS Platform
    X-Platform
  • OS Version
    High Mojave 11

FileMaker Partner

  • Membership
    FileMaker TechNet
    FileMaker Business Alliance
    FIleMaker Platinum Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. This really triggered my curiosity and I fired up my old win7 VM where I still have a 5 version. Even there, I could not find any graphical interface (using the tab bar on top of the window) that would give me a way to set tab stops for text fields (vs text boxes). So... I clearly misremembered that this was an option before. This is from the html file the OP refers to (this is from the 12 help): Well... that settles it 🙂
  2. Thanks for the tip. My point is, that it used to be possible to put a field on the layout, and, still in layout mode, assign tab stops to that field, not using the info panel, but using the tab ruler above. As the OP indicates: Indeed, this thread started about a field, not a text box with merge fields. I understand the issue can get a bit confusing ... 🙂 You indicate that i am getting off topic, but I was just comparing the workarounds.
  3. Exactly my point. Merge fields are a pain to use with tab stops, because their name is most of the time way to long, and this interferes with a wysiwyg experience. I last experienced even that the little trick to make the text font really small between the brackets, is not working anymore.
  4. Thanks for this question Xochi. Even if this topic is 4 years old. I am missing that possibility as well, and before reading thi posts, I thought I was misremembering how things used to work. . In the end I abandonded using tab stops and used fields, because this is very hard to make and maintain if you do not see what you are doing. Since I am currently working on a list layout, this multiplies the number of objects on the layout by 7. Which is not a good thing.
  5. But FileMaker can always solve bugs from the distant past, I don’t mind...☺️
  6. Ok, got it. My notification email kept linking back to this thread, that was split in the mean time, and there was nothing to see...:-)
  7. Uh. It seems to be part ( a few posts at the end ) of this thread are gone. Did something go wrong with the forum server? @Ocean West? Not really a big problem, just mentioning.
  8. Thanks for offering an alternative. I am sure you are trying to be helpful. But this thread is about trying to solve a big shortcoming in using QuickFind, and not about alternatives. FileMaker should work on removing the product bugs, and I wouldn't mind getting no new features for a few releases, just bug fixes. FIleMaker should work on things that should work, but aren't, or only "half". And watch for inconsistencies, and make them consistent. We are always trying to get around them, and this gives birth to alternative ways of doing things, while they should have worked correctly to begin with. Of course this would be a problem for marketing, and this is not the way the world turns today. The next version of FIleMaker will have a ton of new features with oooos and aaaaas and a lot of unsolved bugs.
  9. The hack could be done with a server side plug-in. I don't want to put words in your mouth, but you seems to be pointing out that when someone malicious has access to such plug-ins running on a server it's "game over". Which is exactly my point. Let's agree to disagree on the priority. If you don't need the option, it's logical that it has no priority for you. Now you have. Must we conclude now that if servers are comprised, securety is not good enough? How frequent do you have in mind? I know an effort has been done since 2010 to increase security. So this is not completely fair of me, I admit. But do we have to have a few sucessfully compromised servers before the obvious security holes are plugged? Your last sentence is very correct. If the hacking community would have an interest, we would be screwed already.
  10. There is something I would like to add to your remark. A standard installation of FileMaker Server on Windows sets the service to be executed by the system account, which is the default for every service on Windows. When you set the user to another account though, the FileMaker installer refuses to install if that user does not have administrative privileges. You need that alternative account, if you want to have network access, since the system account does not have network access, and you cannot grant this either. So I presume you are currently running the service under an alternative user account, in order to access your NAS. I wonder WHY FIleMaker enforces the service to run under a administrative account. It does not do that on macOS. So... I had to explain this first, before reacting to you last paragraph. It is indeed possible to restrict the FMS user, and things seems to run fine, after you remove the fmserver account from the admin group. But I'm not sure this will cause misbehaviour somewhere later down the line. On Windows. Because the installer does not like it. I would like to pursue this further and ask the question to FileMaker Inc. If this would run without problems, this would be already a great first step in the sandboxing process, and the fmserver account used during server side OS calls would not be able to attack the rest of the OS in such a direct way, while still being able to access networked drives. It would still be able though to read and even write every file in the FileMaker Server folder. We recently had a 45 minute "hacking" session during .fmp in Berlin, where we quickly found out which file to modify in order to get full admin console access. This is very ugly. IT could restrict access to some files to read-only, though, but that would require a lot of knowledge about the inner workings of FileMaker Server, and I do not think they would be able to plug every security hole. Yes. But that is also the purpose of sandboxing. But not always. And I think virtualising does not add any benefit, except for what e.g. ESX offers to isolate the VM into a DMZ, and have snapshots in case things go south. It's also a matter of responsabilities. I do not want to have full access to a FileMaker Server, even when the IT people who are managing that server are ... my collegues. They do not have the full access password to the development, and I do not have full access to the FileMaker Server. And this is the way it should be. It would be a great setup for a (limited access) development server, but not for a production one. But then again, you can run a VM dev server on your own machine as well. I think it also depends on who your customer, and what the entire setup is. As I mentioned before, it should be an option, and whoever is responsible should be able to choose to do things the hard - and secure way, or not. If you are the big boss over everything, including development and IT, that is a big difference with a corporate setup. Coming back to my original question: I would really like to monitor those extra logs. Indeed, the only way to do so, is to make use of the unsecure setup FileMaker Server has to today, and use a server side plug-in to manipulate those logs so I can start monitoring them. I presume FileMaker is well aware of these issues, so I think it's not worth it to invest time into some monitoring tool, that would probably cease to work when they close things up. I hope that log monitoring makes it way back again into the admin console.
  11. True, there would be a whole bunch of nice things you cannot do anymore (the way you do them). But there would also a number of very awful things an attacker wouldn't be able to do either. You could do what you mention in another way. I is possible to share the Documents folder, even over a firewall. You can also install other software on the server that synchronises files to the sandboxed folder. If you have full access to the FileMaker Server machine, there are other ways to do things. Maybe not always, but it might surprise you how many things can be done. On the other hand, consider this situation: A developer is working on a solution, which is hosted on a FileMaker Server. This is a contractor, and is not supposed to have access to the operating system in any way, this should only be possible by the IT people of the company. The current situation allows the developer to use the server side plug-ins ( that he requires for the development ) to gain access to parts of the OS that should be restricted to him. This is no imaginary situation. I have multiple setups like that - and I am the contractor...:-) At least, lowering security to allow for the current situation should be an option, off by default. If you really know what the consequences are, it is then your call of judgement to allow that.
  12. Thanks for the reply Honza. Pity you are not really offering a tested solution, but you did manage to squeeze in two links to your site. So this at least this works for you 😊 that makes one of us. It is kinda creepy to hear that the only way this is going to work, is not supposed to work. Server side scripts should be sandboxed and they clearly are not.
  13. Because I write a lot of server side scripts and often using custom WPE urls, one of the most annoying things in FileMaker Server 17 is that it is now impossible to monitor the logs from the admin console. I always have to download them. I found an alternative way to monitor them, by using FTP. With some nifty perl scripts, I can now even tail the Event.log and Access.log. It's a whole other story for the other logs, like the wpe.log, the Stats.log... It is just impossible to download those over FTP. Earlier I already noticed they don't play nice with FSEvents on the Mac either. Has anyone here created a good solution to monitor those files, given that: I have only access to the FileMaker Server using FTP (Implicit SSL) and the admin console, no SSH, RDP or other management tools. I do have the possibility to install plug-ins on the server. Maybe some of you created some server side script that is able to monitor those files. Or you have some other solution.
  14. I am really getting fed up with the SSL connection. Xojo’s MySQL community plug-in is not supporting it very well, and is not maintained as I would like. Itis also inconstent in it’s behaviour in cross platform development. I would like to leave it as it is now, and hope that Xojo will support it better in future release of their IDE. For now I will put a comment on tab that things are “experimental”. Encrypting the data ourselves seems to be a good idea instead. The interface to configure that woul be simple: provide a password to encrypt, and one to decrypt. Switch these on the FileMaker side. Maybe some options to encrypt only fmsadmin traffic, and not the logs, so less critical things can remain readable.
  15. We are now 3 years later and there are still similar issues with QuickFind. make a popover and put a merge field and a regular field on it check "include field for Quick Find" select all objects on layout ( using shortcut ) unlock all objects uncheck "include field for Quick Find" open the popover and notice that QuickFind is not disabled. I have the impression that this also happens with objects in a group, but did not continue testing. Can anyone reproduce this? It took me a while to find out why QuickFind was simply crashing my FileMaker 17. Clicking the cancel button... still removes the cancel button, but does not cancel the search (another old bug). Which forces me to kill FileMaker after 10 minutes of drinking coffee. You are never sure that you did not miss any field that still has QuickFind enabled. With an XML clip editor, "quickfind=1" and "object flags="14"" seems to find objects with the QuickFInd flag on. I hope there will be a slightly less cumbersome way to find those object in the future. I wonder why the QuickFind option doesn't follow the defaults either. The "include field for Quick Find" checkbox is greyed out when you have no objects selected in the layout. This slightly forgotten technique allows you to set field defaults, but the developers who created QuickFind apparantly weren't notified. Especially for QuickFInd, it is very important NOT to have it enabled by default, or it becomes a FileMaker killer. Especially if you cannot cancel a very complicated QuickFind in progress. I consider this yet another bug. Go ahead if you're able to reproduce. I 've done my share of bug reporting, and would continue to do so, if it weren't so... unfulfilling. And I lost enough time already today because of these bugs. Aha. You KNOW when you have disabled them all when you get this dialog when executing a QuickFInd:
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.