On Sep 13, 2010, at 17:49, Tim Thorburn <immor...@nwconx.net> wrote:
> On 9/13/2010 9:10 AM, Steve Staples wrote: >> here's a silly idea... >> >> put the database on his computer (or the entire app). that way, when >> he's *there* he is logged in. if the computer is off, he's not there, >> the app wont work (and the database). >> >> Steve >> >> >> >> On Mon, 2010-09-13 at 11:26 +0100, Richard Quadling wrote: >>> On 12 September 2010 17:32, tedd<t...@sperling.com> wrote: >>>> Hi gang: >>>> >>>> I have a client who wants his employees' access to their online business >>>> database restricted to only times when he is logged on. (Don't ask why) >>>> >>>> In other words, when the boss is not logged on, then his employees cannot >>>> access the business database in any fashion whatsoever including checking >>>> to >>>> see if the boss is logged on, or not. No access whatsoever! >>>> >>>> Normally, I would just set up a field in the database and have that set to >>>> "yes" or "no" as to if the employees could access the database, or not. But >>>> in this case, the boss does not want even that type of access to the >>>> database permitted. Repeat -- No access whatsoever! >>>> >>>> I was thinking of the boss' script writing to a file that accomplished the >>>> "yes" or "no" thing, but if the boss did not log off properly then the file >>>> would remain in the "yes" state allowing employees undesired access. That >>>> would not be acceptable. >>>> >>>> So, what methods would you suggest? >>>> >>>> Cheers, >>>> >>>> tedd >>> What operating system is he using? >>> >>> Does he (for example), log into his computer and logoff/shutdown when >>> he goes home? >>> >>> If he is using Windows (and I'm sure there are many ways to achieve >>> this), then in the Startup folder, a small PHP script which sets a >>> flag "I'm here", would allow the DB to know he's at least logged in. >>> >>> There are different ways to do this. >>> http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/XP/Q_21195727.html >>> covers login/logout/startup/shutdown. >>> >>> >>> Do they have a clock card system for clocking in/out the building? >>> Could you read the database that the clockings are logged in? An odd >>> number for the day = he's in, even = he's out, missed clocking = >>> screwed/guess. >>> >>> Ideally you want to "hook" into his normal activity if you can. >>> >>> >>> >>> -- >>> Richard Quadling >>> Twitter : EE : Zend >>> @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY >>> >> >> > I'm pretty sure I'd have run for the hills after my first meeting with this > client, but if you're sure you want to proceed ... Beyond the options > mentioned, you could set it up so that the boss would log in each morning > with a session that times out at the end of the work day (8, 10, 12, w/e > hours later). To make it even more secure, you could have the boss create > new logins for each employee at the start of each day. Since yesterdays > passwords will no longer work, the boss will have to be there to issue new > passwords to whomever he deems worthy of access on this day. These passwords > would of course expire at the normal leaving time, so if someone came in late > for a password at 4pm and work ends at 6pm, their password would only last > two more hours. > > All in all, I'd still grill him more about what it is he actually wants and > why, as all of the ideas presented thus far have at least a dozen different > ways things can go wrong. Putting the app on the bosses computer sounds > great and all, but if he's sick or away on business suddenly no one in the > office is doing any work. Or when his hdd gives out or is replaced and IT's > backup system wasn't as great as it could have been you'll have fun getting > paid to re-do everything. Having everything require a usb stick to launch > sounds secure, until he loses the stick or forgets it at home one day. For > fun I'd suggest tagging him with a microchip which your application will > constantly scan for and only activate when he's within a certain radius of > his desk. Retna scans shouldn't be overlooked either. <insert Mission > Impossible theme here> > > May the force be with you on this one. > > -Tim Well, if we are going down this route, many new laptops are offering some form of biometrics for access. If your client has one, you could potentially launch a script to start/ stop the db at that time. Or if we follow the new password suggestion, his morning login could run a script to reset and email all users their passwords automatically. Bastien Sent from my iPod -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php