On 9/13/2010 9:10 AM, Steve Staples wrote:
here's a silly idea...
put the database on his computer (or the entire app). that way, when
he's *there* he is logged in. if the computer is off, he's not there,
the app wont work (and the database).
Steve
On Mon, 2010-09-13 at 11:26 +0100, Richard Quadling wrote:
On 12 September 2010 17:32, tedd<tedd@xxxxxxxxxxxx> wrote:
Hi gang:
I have a client who wants his employees' access to their online business
database restricted to only times when he is logged on. (Don't ask why)
In other words, when the boss is not logged on, then his employees cannot
access the business database in any fashion whatsoever including checking to
see if the boss is logged on, or not. No access whatsoever!
Normally, I would just set up a field in the database and have that set to
"yes" or "no" as to if the employees could access the database, or not. But
in this case, the boss does not want even that type of access to the
database permitted. Repeat -- No access whatsoever!
I was thinking of the boss' script writing to a file that accomplished the
"yes" or "no" thing, but if the boss did not log off properly then the file
would remain in the "yes" state allowing employees undesired access. That
would not be acceptable.
So, what methods would you suggest?
Cheers,
tedd
What operating system is he using?
Does he (for example), log into his computer and logoff/shutdown when
he goes home?
If he is using Windows (and I'm sure there are many ways to achieve
this), then in the Startup folder, a small PHP script which sets a
flag "I'm here", would allow the DB to know he's at least logged in.
There are different ways to do this.
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/XP/Q_21195727.html
covers login/logout/startup/shutdown.
Do they have a clock card system for clocking in/out the building?
Could you read the database that the clockings are logged in? An odd
number for the day = he's in, even = he's out, missed clocking =
screwed/guess.
Ideally you want to "hook" into his normal activity if you can.
--
Richard Quadling
Twitter : EE : Zend
@RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY
I'm pretty sure I'd have run for the hills after my first meeting with
this client, but if you're sure you want to proceed ... Beyond the
options mentioned, you could set it up so that the boss would log in
each morning with a session that times out at the end of the work day
(8, 10, 12, w/e hours later). To make it even more secure, you could
have the boss create new logins for each employee at the start of each
day. Since yesterdays passwords will no longer work, the boss will have
to be there to issue new passwords to whomever he deems worthy of access
on this day. These passwords would of course expire at the normal
leaving time, so if someone came in late for a password at 4pm and work
ends at 6pm, their password would only last two more hours.
All in all, I'd still grill him more about what it is he actually wants
and why, as all of the ideas presented thus far have at least a dozen
different ways things can go wrong. Putting the app on the bosses
computer sounds great and all, but if he's sick or away on business
suddenly no one in the office is doing any work. Or when his hdd gives
out or is replaced and IT's backup system wasn't as great as it could
have been you'll have fun getting paid to re-do everything. Having
everything require a usb stick to launch sounds secure, until he loses
the stick or forgets it at home one day. For fun I'd suggest tagging
him with a microchip which your application will constantly scan for and
only activate when he's within a certain radius of his desk. Retna
scans shouldn't be overlooked either. <insert Mission Impossible theme here>
May the force be with you on this one.
-Tim
