When in make Installer on my project in Visual Basic 2012. I'm using InstallShield - and filed that i need to create the program are only "Debug or Realese" Folder. But there are files "program.exe.config" files. Everyone can open it if he has VB or program that can open VB 2012 files. In those files there is an information about connection to server that program makes. So they have my server name and mine user/password that gives access to mine sql server. Can i make the line with server information crypted and it still workes to avoid - changing server/logging into my server.
Or how can i block the files while i'm making the installer. - So they could not open them.
Store encrypted password and username in config file. And decrypt them inside code right before connection. This should make the trick.
Make the same with server name if you'd like to.
Related
Every time I log into the Accurev plugin in visual studio 2012 I have to re enter the server information. Has anyone else run into this issue?
What version of Windows are you running and what are the User Access Controls (UAC) settings for the system? Higher UAC settings will block writing to files located within the "Program Files (x86)" directory, which is where AccuRev is installed and maintains the "acclient.cnf" file. This is the file that lists which servers are available for you to login. Open this file with a text editor, add the server you login to by adding a line like the following:
SERVERS = myserver:5050
Please notice the spaces before and after the equals sign is intentional and needed. Your server name can use either the short name of the fully qualified domain name. The number after the colon is port number that AccuRev uses for establishing connections.
This file is located in the "AccuRev\bin" directory.
I have read many articles here, but haven't quite found the solution. I have a SQL Server Express database that is used by my VB.NET application. I have packaged and deployed the application via an MSI file and everything works great except I cannot figure out how to include my database file with the package. I understand there are three general ways to do this (copy the files over manually, custom actions, and SQL scripts). I didn't need anything fancy here, just a quick way to put the DB on the client machine so my app can access it.
I decided copying over the DB manually was the quickest option. I tried putting it in the working directory and in the \DATA directory of the client's SQL Server Express install, but my app wouldn't connect. I also tried changing my connection in the project to .\SQLEXPRESS instead of [my_computer_name]\SQLEXPRESS followed by a rebuild of the deployment project and reinstall on the client machine, but no soup for me. Same issue. I tried changing the "UserInstance" property in the project to "True" but my project would not let me save that action.
Am I correct that a manual copy is the quickest and easiest way to get this done?
You should to attach your file to the Sql Server instance.
CREATE DATABASE YourDatabaseName
ON (FILENAME = 'C:\your\data\directory\your_file.mdf'),
(FILENAME = 'C:\your\data\directory\your_file_Log.ldf')
FOR ATTACH;
You need to attach your database file to the running SQL Server on the client machine.
This could be easily done using this variation on the connection string stored in your configuration file (app.config or web.config)
Server=.\SQLExpress;AttachDbFilename=where_you_have_stored_the_mdf_file;
Database=dbname; Trusted_Connection=Yes;
in alternative, you could use the |DataDirectory| substitution string.
This shortcut eliminates the need to hard-code the full path.
Using DataDirectory, you can have the following connection string:
Server=.\SQLExpress;AttachDbFilename=|DataDirectory|\yourfile.mdf”
Database=dbname; Trusted_Connection=Yes;
I have an application that needs to open an excel file. However, when I run it, i get this error. I have already granted all permissions necessary to the file and the folders housing the file. Are there any other causes for this exception? My application is built on Visual Studio 2005 in VB and it is housed on a windows 2003 server. I've already tried refreshing the IIS as well.
Thanks!
Jennifer
Turns out the application on the server was pointing to a different version of the spreadsheet where the columns had been modified. I copied the spreadsheet that was on my local machine and copied it on to the new server (renaming the previous spreadsheet). Once the application was pointing to the correct spreadsheet, it worked.
Under VB.Net 2005, I created a Setup Project which produced installation files for a windows application. I placed the mdb file in the User's Application Data Folder and remapped the DataDirectory to Environment.SpecialFolder.ApplicationData at runtime. Unfortunately, sometimes the system just did create the mdb file at the Application Directory. An example was that I installed the program in Windows 7 under a normal user account. I chose inside the installer that the program would be made available to everyone. After installation, the mdb file would be created automatically for the Administrator account but not for the normal user account. For XP, the whole thing worked fine.
I am tempted to write a routine to check and create the mdb file if it is not present, but why does this happens and what other opinions do I have?
If the application is installed for all users instead of once for each user that logs onto the machine, then you will eventually run into a problem where the database isn't available for the signed on user.
In order to resolve this, you would probably be better off checking for the existence of the database on application startup and then either copying a standard version from the application directory to the current user's data directory or creating a new db from scratch in place. I would recommend the first approach.
I wish to ship SQL server database file with my application. I am very very new to SQL.
1) I do not know how to protect this file from being opened.
2) If this file is emailed, can anybody read it?
3) Is there any possibility of protecting it like Access database is password protected so even emailed, no one can open it.
Thanks
Furqan
Regular SQL Server database files (.mdf, .ldf) aren't intended to be shipped with your application and installed locally - they are intended to be used on a SQL Server instance, running in a secure environment where typical users don't have physical access to the files per se.
As such, .mdf/.ldf files cannot really be protected by a password or anything like that - you can define users and their permissions, but that only applies to the permissions inside the database - not the database file(s) itself.
For your scenario, I guess you'd be better off with SQL Server Compact Edition - an in-process (just a bunch of DLL's), one-file-for-your-entire-database (*.sdf) kind of database - much more closely an Access replacement than the full-fledged SQL Server.
The documentation clearly states:
SQL Server Compact Edition was
designed from the beginning assuming
the user had access to the physical
file. Without an additional security
mechanism, the user could bypass your
application and use tools such as
MSQuery to view and edit the raw data.
SQL Server Compact Edition supports
the ability to password protect and
encrypt the data file, thereby
limiting access to your application
which embeds the password. The
password protection of the database
file adds a layer of protection that
travels with the file, making it
harder to access the data in the event
a rogue user obtains the file.
Read more about SQL Server Compact 3.5 and you might also want to check out the SQL Server Compact blog which discusses the latest developments (SQL Server Compact 4.0 is in testing right now).
1) Assign a username and password to through SSMS or Enterprise Manager
2) No, because of [1]
3) Yes, because of [1]
Just to be doubly sure: take the database offline, zip encrypt .mdf file, and send it
If you ship it - than someone on the other end need to open and install it.
You can protect the file using zip software with password, and tell it to the other party on the phone.
1) Even if you protect it before it is added to the SQL server the user will be able to get into the database once it is loaded and running on the server.
2) Possible, but why would you want to email a database file?
3) When you email it you can add it to an archive with password, like a password protected zip file.