system command and dummy fields

[GCC Consulting]

Dennis,

Who is controlling access to the record involved?  Do your screens have
passwords?

Since you seem to be using a record to hold this data, one could add value
checking to processing to insure that no improper values appear.

However, if one wanted to completely safe, the same logic should be added to
the output processing just in case someone figured out how to access the
record without any processing.

If there are a limited number of outputs and files to be used, one could
create a listbox with the files available and then the associated output
formats in another listbox, this would allow the user to select what file
and what output to run.  You could even replace the real file and output
names with more user friendly names.

By using this method, you reduce the chance of any problems based on user
input and they are selecting not entering,

You have all of the i/o tools if filePro to do this if you want.  

    

Richard Kreiss
GCC Consulting
rkreiss at gccconsulting.net
  







> -----Original Message-----
> From: filepro-list-
> bounces+gccconsulting=comcast.net at lists.celestial.com [mailto:filepro-
> list-bounces+gccconsulting=comcast.net at lists.celestial.com] On Behalf
> Of Dennis Malen
> Sent: Monday, May 19, 2008 11:07 AM
> To: Jay R. Ashworth; filepro-list at lists.celestial.com
> Subject: Re: syatem command and dummy fields
> 
> I agree with you. Your heads up was most appreciated.
> 
> Thanks again.
> 
> Dennis Malen
> 516.479.5912
> ----- Original Message -----
> From: "Jay R. Ashworth" <jra at baylink.com>
> To: <filepro-list at lists.celestial.com>
> Sent: Monday, May 19, 2008 11:05 AM
> Subject: Re: syatem command and dummy fields
> 
> 
> > On Mon, May 19, 2008 at 10:57:31AM -0400, Dennis Malen wrote:
> >> I'm sorry. I should have added that the lines person would not have
> >> access
> >> to those fields. It would only be myself or another programmer. The
> >> execution of the reports were set up in order that a lines person
> could
> >> provide input on some basic variables (such as dates) and could
> press the
> >> button. This could easily allow us to change the sequence or what
> was in
> >> the list of reports to run for a particular client (Sometimes up to
> 12
> >> different sensitive reports per client).
> >
> > Sure.  We just wanted to make sure you know there was a hole, and
> that
> > you weren't exposing the hole to anyone who shouldn't get to it.
> >
> > Cheers,
> > -- jra
> > --
> > Jay R. Ashworth                   Baylink
> > jra at baylink.com
> > Designer                     The Things I Think
> RFC
> > 2100
> > Ashworth & Associates     http://baylink.pitas.com
> '87
> > e24
> > St Petersburg FL USA      http://photo.imageinc.us             +1 727
> 647
> > 1274
> >
> >      Those who cast the vote decide nothing.
> >      Those who count the vote decide everything.
> >        -- (Joseph Stalin)
> > _______________________________________________
> > Filepro-list mailing list
> > Filepro-list at lists.celestial.com
> > http://mailman.celestial.com/mailman/listinfo/filepro-list
> 
> _______________________________________________
> Filepro-list mailing list
> Filepro-list at lists.celestial.com
> http://mailman.celestial.com/mailman/listinfo/filepro-list