Next we'll be suggesting sharks with frikking laser attached to their heads to 
guard the door!


Sent from my iPod

On Sep 15, 2010, at 19:53, Matty Sarro <> wrote:

> Ooooh, how about a pressure sensor on his seat??? Like the ones they have in
> cars to make that little airbag light illuminate.
> if buttDetected{
> allowAccess();
> }
> On Wed, Sep 15, 2010 at 7:00 PM, Yousif Masoud <>wrote:
>> On 12/09/10 17:32, tedd wrote:
>>> Hi gang:
>>> I have a client who wants his employees' access to their online business
>>> database restricted to only times when he is logged on. (Don't ask why)
>>> In other words, when the boss is not logged on, then his employees cannot
>>> access the business database in any fashion whatsoever including checking to
>>> see if the boss is logged on, or not. No access whatsoever!
>>> Normally, I would just set up a field in the database and have that set to
>>> "yes" or "no" as to if the employees could access the database, or not. But
>>> in this case, the boss does not want even that type of access to the
>>> database permitted. Repeat -- No access whatsoever!
>>> I was thinking of the boss' script writing to a file that accomplished the
>>> "yes" or "no" thing, but if the boss did not log off properly then the file
>>> would remain in the "yes" state allowing employees undesired access. That
>>> would not be acceptable.
>>> So, what methods would you suggest?
>>> Cheers,
>>> tedd
>>> Hi Tedd,
>> One aspect of software design to keep in mind is change.  Today the
>> customer wants everyone to have access when they are logged in.  They may
>> want that rule relaxed a little.  Perhaps, employees can login when members
>> of a certain group are logged in.
>> I recommend using some form of external device that instructs the system to
>> enable/disable access to the database. Depending on the sensitivity of the
>> data, the solution can utilize a card reader (once the boss takes the card
>> out of the reader, database access is terminated for the company) and either
>> a fingerprint or retinal scanner [for extra security].  If it is really
>> sensitive data, then a retinal scanner and some form of code generator that
>> generates one-time eight digit (at least) code to enable access to the
>> database.  The algorithm that generates the codes would be a deeply guarded
>> secret (that would mostly be their problem -- you will need to ensure that
>> once you sign off the project, there is no way it can be retrieved from
>> you).
>> No need to shut down the database server, just instruct the firewall to
>> block the MySQL port and/or Web server port.  Might be a good idea to choose
>> a different port than 3306 for MySQL.
>> What would happen if, for some reason the "boss" couldn't make it in or is
>> on Holiday?
>> Good luck,
>> Yousif
>> PS. It might be a good idea to introduce them to the concept of RBAC and
>> see what they think.
>> --
>> PHP General Mailing List (
>> To unsubscribe, visit:

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to