What is the most secure and easier way to send approx. 1000 different records into database that is not directly accessible - MySQL database on Web provider's server - using Windows application
.
Data will be stored into different tables.
Edited:
The application will be distributed to users who have no idea what is database or putty or... They just install my application, open it, enter some data and press Submit.
Currently I'm using php to upload the generated script into webserver and there process it. I think I should also include some signature to the file to avoid some "drop..." hacks.
If you can export the data as a sql script you can just run it against the remote server using your application of choice. 1000 records wont create that big a script.
In current project on my job we have the same situation - remote (faraway) database.
I made next solution: serialization sql query into xml and putting it via HTTP to web daemon, which is running on remote server instead of open sql server. Daemon checks credentials and executes query.
As I can't execute any external programs on external server, I created following solution:
My program creates script file and calculates it's salted hash
Program sends this file together with user credentials and hash into PHP page on the server
PHP page checks the username and password, then checks hash and then executes script. Only Insert and Update commands are allowed.
Is this approach secure enough?
Related
I've already an offline updater as a download but I want to make it automatically. It's a client/server software and a ms sql database.
3 parts have to be updated:
update of a proprietary software (setup.exe with next, next, type login/password for server service, finish) which delivers a WinClient and a Service for the server. Autoupdate is only needed for server, the autoupdate for clients by the server works already.
one .hug file which contains new customized program version. The path is a directory in the above software and can be determined with registry.
MS SQL database update with new content (in a .bak file) and structural changes. The database server is sometimes another server as application server. At the moment you have to type in the SQL instance when running the udpater.
My ideas are these:
a updater program in the tray on application server and database server
updater searches with a timer for newer versions on my ftp server and downloads the files if existing
on application server it runs the setup.exe and copies the .hug file. Maybe I could make it silent with command prompt commands. But still need to fill in login/password for the service user.
on database server I configure the autoupdater once with instance name. Updater downloads .bak-file and runs sql script with insert, update and alter statements.
but one big problem which can cause problems is when users are still logged in. Don't know in the moment how I could solve that.
So, how would you realise such a project? Or have you already done something similiar? Is its generally possible?
I am having trouble sorting through all the information / various options in regards to Access 2007 used in a multi-user environment. Here is a brief description of my current situation. At work there is the "Business LAN" which I can log on and use to monitor two other servers via remote desktop. The business LAN is strictly controlled by our IT department and no one is permitted to install any software or drivers without their consent. I do have administrative privileges on both servers though.
The two servers that I log on to using RD are used for essentially the same task, which is to monitor and control the heat to different process lines. Each server runs a different program to accomplish this task but both programs use SQL Server as a back end.
I created two access databases (one on each server because they are currently behind seperate firewalls) in order to query information from the backend SQL side of these programs and combine it with relative information I have compiled in tables in order to add more detail to the data the programs are collecting. My program is still in the debug stage but ultimately this information can then be accessed by field techs / maintenance in order to make their job easier. Maintenance staff can also add even more information based on the status of repairs etc....Last, I have created reports which can be run by Managers / Engineers who are looking for an overall status of their area.
Both access db's are split so that the back ends are seperate from the forms, queries, etc... I use an ODBC data source to import a link to SQL. I am using vba for user authentication, user logging record updates, and user / group access control. Everything works the way I intended except the fact I everyone who logs on the server will be trying to run the same copy of the front end. For example, I had a co-worker log on to the server via RD to test the program and I logged on from my desk. After logging in I could see the forms he had open. Access was already running. Without being able to install access locally (or even runtime, due to IT restrictions) on to each individuals workstation, I'm not sure what approach to take to resolve this.
Additional info, Server 1
One of the servers is considered to be the "master server" in which a number of client stations "slave servers" all communicate with. The only way to access folders on themaster server is log on to the client station and run RD.
Server 2
This server is considered to be the "historian". It communicates with a terminal server in which users log on using RD and run applications which use SQL backend which resides on the historian. I have been able to set up shares so that certain folders are visible on the historian from the terminal server.
Can anyone tell me what my best option is?
Thanks in advance.
CTN
It's really crazy the way some IT departments do everything possible to make it hard to do your job well.
You allude to users logging on via Terminal Server. If so, perhaps you can store the front ends in the user profiles of their Terminal Server logons? This assumes they're not just using the two default admininstrative Terminal Server logons, of course.
The other thing that's not clear to me is why you need a back end at all in Access/Jet/ACE -- why not just link via ODBC to the SQL Server and use that data directly? The only reason to have an independent Jet/ACE file with data tables in it in that scenario is if there is data you're storing for your Access application that is not stored in the SQL Server. You might also have temp tables (e.g., for staging complicated reports, etc.), but those should be in a temp database on a per-user basis, not in a shared back end.
Here is a suggestion how to implement what David Fenton wrote: write a simple batch script which copies your frontend from the installation path to %TEMP% (the temporary folder of the current user session) and runs the frontend from there. Something along the lines of
rem make sure current directory is where the script is
cd /d %~d0%~p0
rem assume frontend.mdb is in the same folder as the script
copy /y frontend.mdb %temp%
start %temp%\frontend.mdb
Tell your users not to run the frontend directly, only via the batch script, then everyone should get his own copy of the frontend. Or, give your frontend a different suffix in the installation path and rename it to "frontend.mdb" when copying to %temp%.
I'm following a tutorial for constructing a PHP and MySQL ecommerce driven website, and I'm uploading them to my server at the moment, but in need of some assistance determining how to proceed.
In the README of the tutorial, are the following instructions:
INSTALLATION INSTRUCTIONS
1.) Unzip plaincart.zip to the root folder under your
HTTP directory ( or under your preferred directory)
2.) Create a database and database user on your web
server for Plaincart
3.) Use the sql dump in plaincart.sql to generate the
tables and example data
4.) Modify the database connection settings in
library/config.php.
5.) If you want to accept paypal modify the settings
in include/paypal/paypal.inc.php . More information
about this paypal stuff can be found in
http://www.phpwebcommerce.com/shop-checkout-process/
OK, so I obviously am capable enough to complete #1! :)
So, on to number 2, how to I create a database on my server?
I understad number 3, referring to the fact that I use the SQL dump file to construct some sample data once the database has been created.
I can't tell about #4 and #5 yet, but we'll see when we get there.
So, I guess I just need to know how to construct a MySQL database on my web server.
Easiest way: install phpmyadmin on the remote server, and do it from that web interface.
I want to create a Lotus Notes agent that will run on the server to generate a text file. Once the file is created, I need to send it to a remote server.
What is the best/easiest way to send the file to a remote server?
Thanks
If your "remote" server is on a local windows network, you can simply copy the file from the server file system to a UNC path (\myserver\folder\file.txt) using the FileCopy statement. If not, you may want to look at using a Java agent, which would make more file transfer protocols easily accessible.
In either case, be sure to understand the security restrictions on Notes agents - for your agent to run on the server and create a file on the server's file system, the agent will need to be flagged with a runtime security level of 2 or 3, and signed by an appropriately authorized ID.
Sending or copying files using O/S like commands to a remote server require that destination servers be also mapped as drives on your source server. As Ed rightly said, security needs to allow you to save files down onto the server and then try and copy them.
You can generate the file locally on the server and then use FTP commands in a script to send the file. Or if you're a java guru, you can try using Java.FTP to send the file as well. I had some trouble with it, but it should be possible providing an FTP account is setup on the destination server. FTP related stuff by a well known notes guy can be found here and here
I have done it using a script, and it's clumsy but effective in simply pushing files around. Ideally, if the server at the other end is a Domino server as well, you could actually attach the file in an email and send it to a mailin account on the destination server. I have done that before, and it's great as you can just pass the whole problem of getting files off to the SMTP process.
I m working on a single user swing application that access an hsqldb database. How can i Automatically run the DB server when a user run the application.?
for example, after i finish development i will put the application into an exe file.
If the exe file is distributed to multiple users. How can the DB server run and the DB be created when the user run the exe file?
Thanks
dumb question: why not just use HSQLDB in an embedded manner, instead of a client-server? (in fact, before reading your Q I didn't realize it could be made to run in client-server mode) If you're not sharing anything, just accessing a persistence layer, it should be straightforward.