Re: 1984 (Big Brother)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Sep 12, 2010 at 12:32:21PM -0400, tedd wrote:

> Hi gang:
> 
> I have a client who wants his employees' access to their online
> business database restricted to only times when he is logged on.
> (Don't ask why)
> 
> In other words, when the boss is not logged on, then his employees
> cannot access the business database in any fashion whatsoever
> including checking to see if the boss is logged on, or not. No access
> whatsoever!
> 
> Normally, I would just set up a field in the database and have that
> set to "yes" or "no" as to if the employees could access the
> database, or not. But in this case, the boss does not want even that
> type of access to the database permitted. Repeat -- No access
> whatsoever!
> 
> I was thinking of the boss' script writing to a file that
> accomplished the "yes" or "no" thing, but if the boss did not log off
> properly then the file would remain in the "yes" state allowing
> employees undesired access. That would not be acceptable.
> 
> So, what methods would you suggest?

I hate to seem flippant, but here would be my conversation with this
customer:

Customer: "My employees got access to the database while I was gone
yesterday!"

Consultant: "Well, let's see. Oh, it appears you didn't properly log
out."

Customer: "Yes, but I was *gone*. They weren't supposed to be able to
access the database unless I'm *here*."

Consultant: "The only way we know that is if you log in and log out
properly. Now, if you like, we can put a nanny-cam in your office, and
whenever you're not there (like in the bathroom), the whole thing shuts
down. That will cost $x. Your choice. We've been working on the
mind-reading extension to PHP, but it's not finished yet."

Other than the "boss file", I don't see another way. And as you said, if
he doesn't log out properly, the boss file will allow access when he
didn't intend to allow it.

Paul

-- 
Paul M. Foster

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux