ProFox February 2017

profox@leafe.com

43 participants
47 discussions

Re: SQL Backend Question - Part Deux
by Jerry Wolper 10 Feb '17

10 Feb '17

Rafael (and everyone else), > Sometimes I doubt myself on the correct use of some English expressions. > After all, they don’t teach all of them at school. I'm always impressed by how well the non-native English speakers express themselves here. (Certainly better than most of us can do in other languages.) So, don't apologize, and feel free to ask if you have a question. -Jerry --- StripMime Report -- processed MIME parts --- multipart/alternative text/plain (text body -- kept) text/html ---

4 4

SQL Variable Substitution
by Gene Wirchenko 10 Feb '17

10 Feb '17

Hello: I have never bothered with variable substitution in SQL statements. My tables are local. It did not seem to quite fit, and there is my second question below. However, I have two issues. I have a lot of cases where I have multiple options for which the end user might only select some of them. On one report that I am currently updating for other reasons, there are three: date low, date high, and client. All of these are optional. I could write for the eight cases select * from catx ... select * from catx where trndate>=?datelow ... select * from catx where trndate<=?datehigh ... select * from catx where trndate>=?datelow and trndate<=?datehigh ... select * from catx where clcode=?theclcode ... select * from catx where trndate>=?datelow and clcode=?theclcode ... select * from catx where trndate<=?datehigh and clcode=?theclcode ... select * from catx where trndate>=?datelow and trndate<=?datehigh and clcode=?theclcode ... and this will work, but this would not be practical in cases where there are more optional variables. One report has five. To get around this, I build the expression as in this example: * Build where expression. local thewhere thewhere="" thewhere=thewhere+"trndate>=?this.datelow and trndate<=?this.datehigh" if !empty(this.theclcode) thewhere=thewhere+" and clcode=?this.theclcode" endif * Get Possible Transactions SQLSEL * from catx; where &thewhere; into cursor rawdata readwrite nofilter My first question is whether this is safe from a SQL injection attack. It appears so, but I may be overlooking something. My second question is whether it is possible to have this sort of protection for other statements. I use browses, and the substitution does not work there, that is browse for clcode=?theclcode does not work. (Missing operand error) With browses, I have some with even more optional values. One has twelve. 4096 different versions of a statement is really too much. If I do it for one (SQL), I want to do it for the other (browses). Sincerely, Gene Wirchenko

2 1

Re: SQL Backend Question - Part Deux
by Gene Wirchenko 09 Feb '17

09 Feb '17

At 14:40 2017-02-08, rafael copquin <rafael.copquin(a)gmail.com> wrote: >Hi Thierry You know English is a second language to me. Perhaps I >should have said "I came across" or "just read this". Having just >returned from holidays I may have made a mistake in the way I >expressed myself. Maybe careless in the way I wrote it. I was not at >all surprised or shocked. Just used the wrong expression. Sorry Rafael Your usage was just fine if you intended that you came across something and were not specifically searching for it. Example sentence about an experience of mine: I was playing games at armorgames.com and stumbled upon an ad for an HVAC (heating, ventilation, and air conditioning) company in town which I applied to. Sincerely, Gene Wirchenko

3 2

SQL Backend Question - Part Deux
by Paul H. Tarver 09 Feb '17

09 Feb '17

Ok, from the range of answers I got back so far, all of which I appreciate greatly, it is clear that I need to clarify my project and goals just a bit in order to narrow the width of the discussion. Here's the situation and the parameters: 1) I have a client that is still using a btrieve based dos system that I created 20+ years ago to keep up with the names, addresses and activities of in excess of 30k+ members. The system creates a lot of specialized reports for the client and they have been unwilling to move to anything else because of all the custom functionality built into the system. (In case you are wondering, they are running the system on virtualized XP Pro systems as the verision of btrieve they have dies on anything later.) 2) I want to upgrade them to a VFP9 + Windows user interface and application in order to get them off the virtual machines, to take advantage of a lot of the speed and features available in VFP9 and I could certainly completely re-write this system in VFP using native dbf table if I chose to do so. HOWEVER. 3) In the long term, I can see a future for this client where they have a web-based front-end for members of their group to login remotely via the web and maintain their demographic data themselves thereby de-centralizing a lot of the data entry process currently done by the home office. 4) Plus, I want the best of both worlds. I want the users in the central office to take advantage of all the functionality I can bring to them with VFP9 as a networked desktop application AND at some point I want to add a web-based front-end for remote users to update various data points. The final requirement is not really a requirement but a desire on my part to learn how to best handle the data entry process and build the user interface functionality in VFP9 to create a desktop application using SQL as data storage. I am used to creating a form with a tabbed pageframe on it, creating a data grid on the first tab, adding some filter capabilities for searches and then putting all the fields on the second or third or fourth or however many detail tabs I need to conveniently display the data I want the user to edit, add, delete or save through a sub-classed button bar that I drop on the form and connect to the table in question. My sub-classed tools use CURSORGETPROP to detect any changes and prompt the user to save the buffered changes if necessary. I have come to the understanding from all I've read that this method of providing grid based data entry screens for users (while perfectly workable in my data interface projects) will not be as efficient when it comes to using SQL instead of native DBFs. I have also read lots of different opinions on how best to let the user search for the specific record they want to use and I have tried to review as many programs as I can to get some sense of the generally accepted method that makes the most sense for a best practices user interface but no joy so far. Once a user finds the record in question, I need to figure out what code snippets I need to build to detect changes and push the updates back to the SQL database and all the other stuff that goes along with that. My hope was that someone could point me toward some good VFP examples or articles specific to VFP that outlines the best practices that seemed to work best. I am not interested in moving to a development tool other than VFP9, because my personal goal in doing the project is to give me a way to learn to program the best user interface I can with VFP as the front-end and SQL as the backend. Hopefully that clarifies my original question just a bit. Paul H. Tarver Tarver Program Consultants, Inc. --- StripMime Report -- processed MIME parts --- multipart/alternative text/plain (text body -- kept) text/html ---

10 18

RE: [NF] Drop-Dead Simple USB Drive Encryption
by Gene Wirchenko 08 Feb '17

08 Feb '17

At 09:06 2017-02-07, you wrote: >Gene, >Yes it does work.... however the Drive letter is defined by the make >of the Drive and if you have a number of identical drives then it >assumes that the drive already is mapped and proceeds to randomly >map the drive to another letter. This does not make sense. Windows ignores the setting for another drive of the same maker? Are you mounting more than one of the USB drives at a time? I could understand the random mapping then as there can not be two drives with the same drive letter. [snip] Sincerely, Gene Wirchenko

2 1

RE: CleverFox Backup
by Gene Wirchenko 07 Feb '17

07 Feb '17

At 15:41 2017-02-01, "Rick Schummer" <profox(a)whitelightcomputing.com> wrote: [snip] >I mean, who writes their own reindexing routine for Visual FoxPro >data these days? (rhetorical question) What is the point here? That it is difficult or simple? I have an class associated with each table, I instantiate each class at system startup, each class includes an indexing method, and I have a few procedures that use these methods to reindex. To me, it seems rather simple. [snip] Sincerely, Gene Wirchenko

2 1

Re: [NF] Drop-Dead Simple USB Drive Encryption
by Ken Dibble 07 Feb '17

07 Feb '17

>The Kingston Data Traveler series drives have hardware crypto, but >they're unlocked using a small program stored on separate cleartext >partition. They're not cheap however. so after I lost mine I switched >to truecrypt/veracrypt. About $1 US per GB at Amazon for the Kingston DataTraveler Locker + G3--do-able for me, since I typically pay close to the same price for the rubberized non-encrypted Corsair drives. >Given your sole purpose, however, have you totally ruled out >automating the backup routine and baking-in file-level crypto? I have a comprehensive network data backup system that automatically copies data from my SAN to a 4 TB USB drive every night, and the drive is taken offsite each day. Not all of the data that needs to be backed up is stored on the network/SAN though. Also, I'm a fan of redundant backup. The reason I'm asking is primarily because one of our big customers--tens of thousands of dollars in annual billing--has recently introduced a requirement for us to carry "cyber insurance". I will avoid the entire rant about the fact that this is a scam, since, like many other IT trends that are also essentially scams, this one seems to be unavoidably growing in popularity. The insurance provider wants an assurance that all USB thumb drives are encrypted. (It also wants all laptop hard drives to be encrypted, and it wants my 4 TB offsite backup drives encrypted.) So I am evaluating my options, one of which is to avoid much of the problem by discontinuing use of thumb drives--at an increase in inconvenience. I am opposed to essentially turning all of our computers into dumb terminals and keeping all the data on the network. What's the point of having computers at all then? Plus, I don't like single points of failure. Without thumb drives I would have to force people to make even greater use of network shares than they do now. And there would be even more people sitting here twiddling their thumbs in the event of a network outage. The laptop thing is especially troubling to me. I can encrypt the data drive on a laptop and require users to enter a password to access it, but since the user can then set the drive to be automatically decrypted without entering the password, and they are likely to do so to avoid the annoyance of having to enter two passwords to access the computer, the whole thing is mostly pointless. As for encryption software that requires the user to be logged in as administrator--has it occurred to anyone that it is more dangerous for the typical computer user to be running an administrator account on a Windows machine than it is for them to have their data on an unencrypted USB stick? Too many programmers, IMO, overestimate the ability of their customers to use computers safely or to cope with complex interfaces. (Well, that's not the right way to put it; it's more like most programmers can't change their personal mindsets to encompass the limited abilities of the vast majority of the people who have to use the software that they create. Making things simpler and safer is too annoying for power-users and CLI-lovers to contemplate.) The removable backup drives are using a Linux file system, and my consultant tells me that there's probably an option to have just these backup drives encrypted without also encrypting the data on the SAN. Since there's limited access to these drives (just me and my assistant), that's an option I can live with. Thanks for everyone's help! Ken

3 2

RE: [NF] Drop-Dead Simple USB Drive Encryption
by Gene Wirchenko 07 Feb '17

07 Feb '17

At 00:45 2017-02-07, Dave Crozier <DaveC(a)Flexipol.co.uk> wrote: [snip] >My only gripe with USB drives is that when you have a number of them >they don't always set themselves up as a permanent drive letter. For >instance I have 3 x USB drives that are rotated on a daily basis and >I use Syncback to put mirror images onto the disks. Syncback >requires a fixed drive mapping (example z:) but windows in its >infinite wisdom gives random drive mappings which have to be changed >using disk Manager at which stage the auto decrypt of bitlocker >takes over and opens the drive. I have tried man, many pieces of >software which state that they will force a drive to be mapped to a >specific letter but none of them work 100%. The software I use for this is called Windows. Here is a link showing how: Assign Permanent Drive Letters To A Removable USB Drive In Windows http://www.addictivetips.com/windows-tips/assign-permanent-drive-letters-to… I believe you would have to do this for each of the USB drives on each of the systems. If you do not use more than one of them at a time on a system, I think you could use the same drive letter. (I only have one USB drive to worry about so I have not tried this.) [snip] Sincerely, Gene Wirchenko

2 1

[NF] Drop-Dead Simple USB Drive Encryption
by Ken Dibble 07 Feb '17

07 Feb '17

Hi Folks, This is probably one of those issues where my requirements seem obvious and common-sensical to me but not to the people who make hardware or software. However, in the interest of developing a complete understanding of my options: I am looking for recommendations for the simplest possible way to encrypt USB thumb drives. "Simplest possible" means in reference to the end user. The sole purpose of the thumb drive is to provide offsite backup for important files. The sole purpose of encrypting the thumb drive is to prevent access by unauthorized people to the contents of the drive if the user loses it. Here are my requirements: 1. Must be usable by a "standard user" account: No administrative access required. 2. Must not require software to be installed on the computer (installed on the removable drive is okay). 3. Access should be available, ideally, simply by right-clicking the drive in Windows Explorer and entering the password for the drive (like with BitLocker). Less desirable would be for the user to have to manually execute software residing on the drive before being given an interface in which to enter the password. Anything more complicated than that, such as requiring users to copy files to/from the drive, or carry out multiple steps to get to the point where the password can be entered, is not acceptable. 3. The drive should work on any Windows computer of recent vintage, no matter where it was initially set up. 4. Users cannot permanently turn the encryption off. 5. Ideally, the entire drive should be encrypted. I am prepared to accept that my staff will have to set up these drives initially for the users. That's okay as long as, once that work's been done, the drive functions as described above. And, of course, I can only set up computers under my control, which is why I can't use a system that requires software to be installed on every machine where the drive will be used. Here is what I've looked at: BitLocker Problems: only available on Windows 7 Ultimate, or later. Most of our workstations are Windows 7 Ultimate, but some are Pro. Also, there are a couple of points I'm not sure about with BitLocker: A. When an internal drive is encrypted on a computer, the user can check a box to essentially turn off the encryption (that is, the drive will be automatically decrypted when the computer is booted). I do not want the user to be able to turn off the encryption on a thumb drive such that, if the drive is inserted into another computer it is automatically decrypted. Does BitLocker allow that? B. I am not sure that a drive encrypted with BitLocker on a Win 7 machine will be accessible on a Win 10 machine, or vice versa. Does anyone have a definitive answer on that point? LaCie Private - Public Problems: Does not work for "standard users", period. Also, requires the drive to be formatted NTFS in order to encrypt more than 4 GB of space. Rohos Problems: Requires multiple steps for standard users to access; cannot encrypt more than 4 GB under any circumstances. VeraCrypt Problems: Requires software to be installed on the machine. Hardware Encryption I took a visual look at the Corsair Flash Padlock drive. It's got dinky little flashing lights and tiny little buttons. I can just imagine what will happen when a user has to get into the drive by poking and punching tiny little buttons with their fingernails while the drive is inserted into the typical fragile USB slot. Not a winner... But are there other hardware encryption options that don't suffer from this or other flaws? Of course, I am also looking for solutions that are free as in beer. But I am willing to pay a reasonable one-time cost. No way would I pay a recurring cost for a license to access a thumb drive. Any thoughts are welcome. Thanks! Ken Dibble www.stic-cil.org

7 9

RE: [NF] Drop-Dead Simple USB Drive Encryption
by Ken Dibble 07 Feb '17

07 Feb '17

Thanks very much. I do recall reading some time back that people were having problems when trying to access files encrypted under one Windows OS from a different Windows OS. I do not recall whether that specifically related to Bitlocker or to some Windows encryption API or something else. I suppose I should also ask whether it makes a difference if the two different machines are running 32-bit vs 64-bit OS versions. Ken >It is under the section "Bitlocker To Go" > >Dave > >-----Original Message----- >From: ProFox [mailto:profox-bounces@leafe.com] On Behalf Of Dave Crozier >Sent: 07 February 2017 15:21 >To: ProFox Email List <profox(a)leafe.com> >Subject: RE: [NF] Drop-Dead Simple USB Drive Encryption > >Or in Windows 10 you need to load up the Bitlocker Control Panel Item. > >Dave > > >-----Original Message----- >From: ProFox [mailto:profox-bounces@leafe.com] On Behalf Of Dave Crozier >Sent: 07 February 2017 15:18 >To: ProFox Email List <profox(a)leafe.com> >Subject: RE: [NF] Drop-Dead Simple USB Drive Encryption > >Yes it can no problem. You set the machine you connect it to log >onto the drive and auto decrypt it. It is an option when you click >the bitlocker menu item on Windows Explorer (right click on USB Drive). > >Dave > > >-----Original Message----- >From: ProFox [mailto:profox-bounces@leafe.com] On Behalf Of Ken Dibble >Sent: 07 February 2017 15:05 >To: profox(a)leafe.com >Subject: RE: [NF] Drop-Dead Simple USB Drive Encryption > >Dave, > >Do you know if a removable drive encrypted with BitLocker on Win 7 >can be accessed on Win 10 and vice-versa? > >Thanks. > >Ken > > >Just a bit more Bitlocker info: > > > >Bitlocker allows you to set up an automatic decrypt on whatever > >machine(s) you want but the default value is to ask for the decrypt > >key. For instance, I have my USB drive set up to automatically decrypt > >but plugging it into any other machine will ask for an unlock key. > > > >My only gripe with USB drives is that when you have a number of them > >they don't always set themselves up as a permanent drive letter. For > >instance I have 3 x USB drives that are rotated on a daily basis and I > >use Syncback to put mirror images onto the disks. Syncback requires a > >fixed drive mapping (example z:) but windows in its infinite wisdom > >gives random drive mappings which have to be changed using disk Manager > >at which stage the auto decrypt of bitlocker takes over and opens the > >drive. I have tried man, many pieces of software which state that they > >will force a drive to be mapped to a specific letter but none of them > >work 100%. > > > >However this is another gripe taking the thread off topic somewhat. > > > >Dave > > > > > >-----Original Message----- > >From: ProFox [mailto:profox-bounces@leafe.com] On Behalf Of Ken Dibble > >Sent: 06 February 2017 20:13 > >To: profox(a)leafe.com > >Subject: [NF] Drop-Dead Simple USB Drive Encryption > > > >Hi Folks, > > > >This is probably one of those issues where my requirements seem obvious > >and common-sensical to me but not to the people who make hardware or > >software. However, in the interest of developing a complete > >understanding of my options: > > > >I am looking for recommendations for the simplest possible way to > >encrypt USB thumb drives. "Simplest possible" means in reference to the > >end user. > > > >The sole purpose of the thumb drive is to provide offsite backup for > >important files. > > > >The sole purpose of encrypting the thumb drive is to prevent access by > >unauthorized people to the contents of the drive if the user loses it. > > > >Here are my requirements: > > > >1. Must be usable by a "standard user" account: No administrative > >access required. > > > >2. Must not require software to be installed on the computer (installed > >on the removable drive is okay). > > > >3. Access should be available, ideally, simply by right-clicking the > >drive in Windows Explorer and entering the password for the drive (like > >with BitLocker). Less desirable would be for the user to have to > >manually execute software residing on the drive before being given an > >interface in which to enter the password. Anything more complicated > >than that, such as requiring users to copy files to/from the drive, or > >carry out multiple steps to get to the point where the password can be > >entered, is not acceptable. > > > >3. The drive should work on any Windows computer of recent vintage, no > >matter where it was initially set up. > > > >4. Users cannot permanently turn the encryption off. > > > >5. Ideally, the entire drive should be encrypted. > > > >I am prepared to accept that my staff will have to set up these drives > >initially for the users. That's okay as long as, once that work's been > >done, the drive functions as described above. And, of course, I can > >only set up computers under my control, which is why I can't use a > >system that requires software to be installed on every machine where > >the drive will be used. > > > >Here is what I've looked at: > > > >BitLocker > > > >Problems: only available on Windows 7 Ultimate, or later. Most of our > >workstations are Windows 7 Ultimate, but some are Pro. Also, there are > >a couple of points I'm not sure about with BitLocker: > > > >A. When an internal drive is encrypted on a computer, the user can > >check a box to essentially turn off the encryption (that is, the drive > >will be automatically decrypted when the computer is booted). > >I do not want the user to be able to turn off the encryption on a thumb > >drive such that, if the drive is inserted into another computer it is > >automatically decrypted. Does BitLocker allow that? > > > >B. I am not sure that a drive encrypted with BitLocker on a Win 7 > >machine will be accessible on a Win 10 machine, or vice versa. Does > >anyone have a definitive answer on that point? > > > >LaCie Private - Public > > > >Problems: Does not work for "standard users", period. Also, requires > >the drive to be formatted NTFS in order to encrypt more than 4 GB of space. > > > >Rohos > > > >Problems: Requires multiple steps for standard users to access; cannot > >encrypt more than 4 GB under any circumstances. > > > >VeraCrypt > > > >Problems: Requires software to be installed on the machine. > > > >Hardware Encryption > > > >I took a visual look at the Corsair Flash Padlock drive. It's got dinky > >little flashing lights and tiny little buttons. I can just imagine what > >will happen when a user has to get into the drive by poking and > >punching tiny little buttons with their fingernails while the drive is > >inserted into the typical fragile USB slot. Not a winner... But are > >there other hardware encryption options that don't suffer from this or > >other flaws? > > > >Of course, I am also looking for solutions that are free as in beer. > >But I am willing to pay a reasonable one-time cost. No way would I pay > >a recurring cost for a license to access a thumb drive. > > > >Any thoughts are welcome. > > > >Thanks! > > > >Ken Dibble > >www.stic-cil.org > > > > [excessive quoting removed by server]

2 1

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

ProFox February 2017