1984 (Big Brother)
in [General]
|
Prev: How to handle a submitted form with no changes -- bestpractices sought
Next: Counting Children!
From: Paul M Foster on 13 Sep 2010 12:59 On Mon, Sep 13, 2010 at 12:47:24PM -0400, tedd wrote: <snip> > When I get rich enough to hire myself, then I'll tell myself what to > do. Until then, I'm just a worker bee and follow the hive. Oh, heck, you don't have to wait that long. We'll tell you what to do for *free*! ;-} Paul -- Paul M. Foster
From: "Daevid Vincent" on 13 Sep 2010 17:09 > -----Original Message----- > From: tedd [mailto:tedd(a)sperling.com] > Sent: Sunday, September 12, 2010 9:32 AM > To: PHP-General list > Subject: [PHP] 1984 (Big Brother) > > Hi gang: > > I have a client who wants his employees' access to their online > business database restricted to only times when he is logged on. > (Don't ask why) > > In other words, when the boss is not logged on, then his employees > cannot access the business database in any fashion whatsoever > including checking to see if the boss is logged on, or not. No access > whatsoever! > > Normally, I would just set up a field in the database and have that > set to "yes" or "no" as to if the employees could access the > database, or not. But in this case, the boss does not want even that > type of access to the database permitted. Repeat -- No access > whatsoever! > > I was thinking of the boss' script writing to a file that > accomplished the "yes" or "no" thing, but if the boss did not log off > properly then the file would remain in the "yes" state allowing > employees undesired access. That would not be acceptable. > > So, what methods would you suggest? > > Cheers, > > tedd You sure know how to pick'em Tedd. This is the second "whacky" client you've posted about on the list... This guy sounds like a real control-freak (read: tool). One other thing I'll throw out is the use of a crontab to start/stop mysql during "boss's hours". I don't have a complete solution for you as I just don't care enough about helping this Dbag lord over his employees like that, but I suspect you could have "/etc/init.d/mysql start" or "stop" at some pre-determined times like 8am - noon. Then noon till 5pm. Or something. RDBMS are not really designed to be turned on and off like that. Another option is to maybe use M$ Access instead (which does have a multi-user mode). Use ODBC to connect via PHP to it. So then he would start up the DB when he likes and shut it down when he likes. (note that a logout of Windows will NOT prevent the ODBC connection as it is a service -- as God intended RDBMS to be) http://www.configure-all.com/php_access.php This guy is making me angry just thinking about it! d
From: chris h on 13 Sep 2010 17:43 On Mon, Sep 13, 2010 at 5:09 PM, Daevid Vincent <daevid(a)daevid.com> wrote: > > > > -----Original Message----- > > From: tedd [mailto:tedd(a)sperling.com] > > Sent: Sunday, September 12, 2010 9:32 AM > > To: PHP-General list > > Subject: [PHP] 1984 (Big Brother) > > > > Hi gang: > > > > I have a client who wants his employees' access to their online > > business database restricted to only times when he is logged on. > > (Don't ask why) > > > > In other words, when the boss is not logged on, then his employees > > cannot access the business database in any fashion whatsoever > > including checking to see if the boss is logged on, or not. No access > > whatsoever! > > > > Normally, I would just set up a field in the database and have that > > set to "yes" or "no" as to if the employees could access the > > database, or not. But in this case, the boss does not want even that > > type of access to the database permitted. Repeat -- No access > > whatsoever! > > > > I was thinking of the boss' script writing to a file that > > accomplished the "yes" or "no" thing, but if the boss did not log off > > properly then the file would remain in the "yes" state allowing > > employees undesired access. That would not be acceptable. > > > > So, what methods would you suggest? > > > > Cheers, > > > > tedd > > You sure know how to pick'em Tedd. > > This is the second "whacky" client you've posted about on the list... > > This guy sounds like a real control-freak (read: tool). > > One other thing I'll throw out is the use of a crontab to start/stop mysql > during "boss's hours". I don't have a complete solution for you as I just > don't care enough about helping this Dbag lord over his employees like > that, but I suspect you could have "/etc/init.d/mysql start" or "stop" at > some pre-determined times like 8am - noon. Then noon till 5pm. Or > something. > > RDBMS are not really designed to be turned on and off like that. > > Another option is to maybe use M$ Access instead (which does have a > multi-user mode). Use ODBC to connect via PHP to it. So then he would start > up the DB when he likes and shut it down when he likes. (note that a logout > of Windows will NOT prevent the ODBC connection as it is a service -- as > God intended RDBMS to be) > http://www.configure-all.com/php_access.php > > This guy is making me angry just thinking about it! > > d > > Yes I've been following this post purely in the hope that someone gets Tedd is explain the client's "logic" on this one. It's one thing for a layman to have this kind of requirement, but another entirely for them to STILL have it after an explanation. I mean part of consulting is to tell the client when they're wrong, for someone to not heed that when they are paying for the advice is mind boggling. *sigh* if only everyone were perfect like me... :p "Hey lets pay someone to consult us on a subject that we're ignorant of." "Great idea! And when he makes a suggestion we can totally ignore him! SQL - Shmeequal" Rant aside; I would defer the logistics to the client. He wants the DB to shutdown when he's not in the office? Ok no problem - not what it was designed to do, but no problem! "How would you like the system to be aware of rather or not you're in the office? It can assume you are between these hours; You can log into a screen that unlocked it, but then you have to logout; we can put a motion detector in your office; ... etc." This would put the consequences of the system off on the client. Because if this system works then there will be consequences and you'll look like a jerk :-) Btw, are there no cron / batch jobs that need to run over night? Chris
From: Tim Thorburn on 13 Sep 2010 17:49 On 9/13/2010 9:10 AM, Steve Staples wrote: > here's a silly idea... > > put the database on his computer (or the entire app). that way, when > he's *there* he is logged in. if the computer is off, he's not there, > the app wont work (and the database). > > Steve > > > > On Mon, 2010-09-13 at 11:26 +0100, Richard Quadling wrote: >> On 12 September 2010 17:32, tedd<tedd(a)sperling.com> wrote: >>> Hi gang: >>> >>> I have a client who wants his employees' access to their online business >>> database restricted to only times when he is logged on. (Don't ask why) >>> >>> In other words, when the boss is not logged on, then his employees cannot >>> access the business database in any fashion whatsoever including checking to >>> see if the boss is logged on, or not. No access whatsoever! >>> >>> Normally, I would just set up a field in the database and have that set to >>> "yes" or "no" as to if the employees could access the database, or not. But >>> in this case, the boss does not want even that type of access to the >>> database permitted. Repeat -- No access whatsoever! >>> >>> I was thinking of the boss' script writing to a file that accomplished the >>> "yes" or "no" thing, but if the boss did not log off properly then the file >>> would remain in the "yes" state allowing employees undesired access. That >>> would not be acceptable. >>> >>> So, what methods would you suggest? >>> >>> Cheers, >>> >>> tedd >> What operating system is he using? >> >> Does he (for example), log into his computer and logoff/shutdown when >> he goes home? >> >> If he is using Windows (and I'm sure there are many ways to achieve >> this), then in the Startup folder, a small PHP script which sets a >> flag "I'm here", would allow the DB to know he's at least logged in. >> >> There are different ways to do this. >> http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/XP/Q_21195727.html >> covers login/logout/startup/shutdown. >> >> >> Do they have a clock card system for clocking in/out the building? >> Could you read the database that the clockings are logged in? An odd >> number for the day = he's in, even = he's out, missed clocking = >> screwed/guess. >> >> Ideally you want to "hook" into his normal activity if you can. >> >> >> >> -- >> Richard Quadling >> Twitter : EE : Zend >> @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY >> > > I'm pretty sure I'd have run for the hills after my first meeting with this client, but if you're sure you want to proceed ... Beyond the options mentioned, you could set it up so that the boss would log in each morning with a session that times out at the end of the work day (8, 10, 12, w/e hours later). To make it even more secure, you could have the boss create new logins for each employee at the start of each day. Since yesterdays passwords will no longer work, the boss will have to be there to issue new passwords to whomever he deems worthy of access on this day. These passwords would of course expire at the normal leaving time, so if someone came in late for a password at 4pm and work ends at 6pm, their password would only last two more hours. All in all, I'd still grill him more about what it is he actually wants and why, as all of the ideas presented thus far have at least a dozen different ways things can go wrong. Putting the app on the bosses computer sounds great and all, but if he's sick or away on business suddenly no one in the office is doing any work. Or when his hdd gives out or is replaced and IT's backup system wasn't as great as it could have been you'll have fun getting paid to re-do everything. Having everything require a usb stick to launch sounds secure, until he loses the stick or forgets it at home one day. For fun I'd suggest tagging him with a microchip which your application will constantly scan for and only activate when he's within a certain radius of his desk. Retna scans shouldn't be overlooked either. <insert Mission Impossible theme here> May the force be with you on this one. -Tim
From: "Daevid Vincent" on 13 Sep 2010 18:00
> have been you'll have fun getting paid to re-do everything. Having > everything require a usb stick to launch sounds secure, until > he loses > the stick or forgets it at home one day. For fun I'd suggest tagging ....or pulls it out before all the writes have taken place from the cache or mysql's DELAYED WRITES and so the DB is corrupt or lost integrity. *sigh* |