Jump to content
View in the app

A better way to browse. Learn more.
FMForums.com

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

So, what's wrong with this system...

kennedy
in Security Concepts

Featured Replies

Don Wieland kindly gives out a user password system at:

http://www.dwdataconcepts.com/dwdctips.htm

Looks pretty good so far. So what are the weaknesses of this system?

What are its vulnerabilities? Why should I NOT use it?

Do others use similar approaches?

Thanks!

In thier new book, Chris Moyer and Bob Bowers cover the basics of building a user login system complete with privledge assignment and checking.

Definately worth a look.

Don's systems seems OK, although quite simple.

I used concepts from Chris and Bob system, as well as my own knowledge and created a system which uses quite a few files, but is pretty secure and could be implemented on an enterprise-wide basis with quite a bit of variation of security.

Basically there are 3 core files: LogIn, _UserPriv, and _LauncherPriv. The LogIn file is what the user interracts with and enteres thier username and password. _UserPriv validates the users and returns thier access level. _LauncherPriv validates the access level and runs another launcher with the specific Filemaker Security level built into it.

You then need another launcher file for each Filemaker Password/Security Level.

A further Privledges file would specify specific functionality privledges for each user.

It was a little complicated to setup, but very powerful and pretty easy to manage.

I think Don's system needs work. I gained full access to the Users file with a one-step script in another file.

I imagine that this limitation could be overcome by some sort of security check within each of the Users file's scripts, i.e. prevent them from being run if called from a file that is not Menu.

Which book would this be?

  • Author

Which book would this be?

Advanced FileMaker Pro 5.5, Chris Moyer and Bob Bowers, ISBN 1-55622-859-7

Thanks! Now I wonder how long it'll be before Advanced Filemaker 6 books come out. smile.gif

  • 2 weeks later...
  • Author

Okay, so you smart guys broke into Don's system easily. And thus, I took the advice and got the Moyer/Bowers book, learned their system (and why Don's failed), and basically incorporated it, with some small adaptations and fixes, into my relational template. Wanted to point to that from this thread, for those that find this thread looking for a security solution.

So, now I ask the same question, but for a different system...

What's wrong with the security system in the relational template that I just posted to the Sample Files forum?? Can you smart guys crack it (without having access to the physical files)??

Thanks!

Create an account or sign in to comment

https://fmforums.com/topic/11396-so-whats-wrong-with-this-system/
Go to topic listing

Important Information

By using this site, you agree to our Terms of Use.

I accept

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.