Jump to content
Sign in to follow this  
Tom England

Using FMP online

Recommended Posts

This is a very generic query. We have been using FMP for about 12-18 months and are successfully using FMP over our company network. We are now looking at allowing access to some of our data over internet.

I am now wondering if FMP is an appropriate piece of software to perform what we are looking for. I want our clients to be able to log on and see their (and theirs only) individual record. It needs to be secure and would hold a few thousand records with any number of people wanting to gain access to their record at any time.

Obviously, I understand that this in itself is a massive topic, but initially I just want to know if it is feasible to use FMP to perform such a task.

Thanks

Share this post


Link to post
Share on other sites

It can be done with CDML -- custom web publishing.

But to talk about "web", "secure" and "FileMaker" doesn't ad up.

There are several security holes in FM for which workaround and programs do exists.

Share this post


Link to post
Share on other sites

It is feasible. However, you should download, and read, the FM Security document from the Filemaker site.

Have a good look at the 'Web Security' database.

Good Luck.

Garry

Share this post


Link to post
Share on other sites

Thanks Anatoli, the link is the one for the old forum format. The thread is Security Loophole, started by Chazboi.

The new link seems to be (since I just searched and got it)???

http://www.fmforums.com/threads/showflat.php?Cat=&Board=UBB21&Number=19032&Forum=All_Forums&Words=chazboi&Match=Username&Searchpage=0&Limit=25&Old=allposts&Main=19032&Search=true#Post19032

Share this post


Link to post
Share on other sites

Hi, can I suggest here that a "secure" (by web standards!) method would be with Webserver/WSC (or Lasoo) on a Firewall DMZ for public access and the database server inside the firewall on the local network. Open a route to the database server for only the webserver IP address.

In your format pages, only accept calls from the correct referring page and maybe use a nice secure method like server-side includes to deliver them.

You'll still have to address the issues of the kind of password verification you need for data security. If you're happy with the security, FileMaker can do just about any database serving you want

Share this post


Link to post
Share on other sites

It will be secured with Lasso (until Chazboi or someone else crack it) but not secure at all with WC and/or WSC.

Until you can match every user with "exact" matches in Security Databases, which is not practical or possible at all, databases are easily "hackable".

The protection should exist at syntax level -- our solution of Security Filter or syntax programmable firewall.

Share this post


Link to post
Share on other sites

Jeff said:

"I suggest here that a "secure" (by web standards!) method would be with Webserver/WSC"

This is where I suggest using Apache/PHP and the "readfile()" function. Apache/PHP comes with OS X.

All the best.

Garry

Share this post


Link to post
Share on other sites

I wish I know something of that.

I am still busy with new system and it will be 6 months from now when I will have 1 hour to go to peek at PHP.

Anyway, are you suggesting doing pages in PHP driven by FileMaker?

Share this post


Link to post
Share on other sites

Anatoli said:

"are you suggesting doing pages in PHP driven by FileMaker?"

It is one way of adding extra security to FM. I am talking about using CDML/PHP, not ODBC.

Garry

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.