The LA Fox Developer

The LA Fox Developer Newsletter

March 1996

Simple But Effective

Access Security

by Steve James

(Ed. Note: Steve James is a member of the UK Fox Users

Group. Here, he presents a simple method for implementing

security in any app.)

There are times when a degree of security is required for an

application in order to prevent unauthorised access. Most

systems require the user to enter their Id and a password before

access is available to the application. The main problem is how

to hold the security information.

It could be hard-coded into the application but this would

severely restrict the control of user access. The more reason-

able method is to hold the user information in a file. The problem

with this is that anybody with access to FoxPro, dBase, Xtree

or a number of other packages can view the information held on

file. I have seen many instances of this type of ‘security’.

The function FnEntPWord generates the encrypted version of

the entered password which can then be stored on file with a

reasonable amount of confidence. A piece of code is also

provided to illustrate how the function can be used.

The secret of the function is the encryption string which can be

modified to suit the requirements os the user. It is imprtant that

you do not use the obvious ABCDEF..XYZ order. The example

supplied uses the following string taken from the Fox User

magazine, with removed duplicates: You can generate additional

randomness by leaving duplicate letters.

FOXUSERPANBHMDTWYKCJLQVYZ ;

FOXUSERsGrouPANneBoreHaMDrlfTWaYhooKbaslngstoke +

CJLQVYZ

Function fnChkPWord

parameters pcPassword

private nCode, nLen, nKeyPosn, cKey, nCodeLen

nCode = 0

cEncrypt = “FOXUSERGPANBHMDITWYKCJQVYZ”

nCodeLen = len(cEncrypt) + I

for nCount = I to Ien(pcPassword)

cKey = substr(pcPassword,nCount,I)

nKeyPosn = atc(upper(cKey),cEncrypt)

if nKeyPosn # 0

nCode = nCode * nCodeLen + nKeyPosn

endif

en dfo r

return str(nCode,9)

So instead of holding the password AAA you can now store the

encrypted value 7570, for BAA it would be 9028, making it a

little harder to break into the application. The largest value

generated from 6 characters ( 777777 ) is 387,420,488 and for 8

characters ( 77777777 ) is 282,429,536,480.

The following function controls the input of the password using

the inkey() function and displays an asterisk for each character

entered.

Function fnEntPWord

private cPassWord, cPassMark, nEntry

nEntry = 0

cPassWord =

cPassMark =

do while

nEntry # 13 .AND. Ien(cPassWord) < 9

nEntry = lnkey(0)

Check if backspace entered, If so delete end character

return cPassWord

First National Bank Place

First National House

Harrow

Tel: 0181 861 1313

Out and About (Con’t from page 6)

expenses” (meeting room, newsletter, etc.) of the group for ‘96.

Any monies beyond that give us a cushion for speaker procure-

ment (including travel expenses, hotel acommoda-tions, etc.).

For those members whose membership expired in ‘95, please

send your dues ($45), payable to “LA Fox”, to Barry R. Lee,

P.O. Box 6624, Huntington Beach, CA, 92615-6624, if you wish

to continue receiving the newsletter. Otherwise, you won’t be

receiving one.

Don’t forget abouL Sally Wong at this month’s meeting, March

18th. She’ll be coming in from Sacramento to demo a product

that she’s been testing/using called “xCase for Fox”. It’s a

CASE-type tool that enables a developer to completely model a

business and then output to VFP’s database container (DBC).

This tool also outputs to other formats such as FP and FPW,

as well as diagrams in both “developer-readable” and “client-

readable” schemas. This is a handy tool for technically-

diagramming a system and also provides a clear and concise

client communication tool. She’ll be bringing a copy of the

program, thanks to Neon Software (who distributes it), to give

away to some lucky paid-up member of the group. Don’t miss

thisone!!

OC Fox announces a new meeting location for March and

April the Yorba Linda Community Center. It is located at

Imperial Highway and Casa Loma Avenue, midway between the

57 and 91 Freeways in Yorba Linda. The meeting room is on the

north side of the building facing Imperial Highway. From the 91

Freeway, exit Imperial and proceed west about 5 miles to Casa

Loma. Enter from Casa Loma. From the 57 Freeway, exit

Imperial Highway and proceed east about 4 miles and enter

from Imperial just past Valley View. OC Fox meets on the

second Wednesday of each month at 6:30 PM.

Some hot sites:

http://www3.techstocks.com

http://www.altavista.com

http://www.yahoo.com

http://www. microsoft. corn

Page 8