Re: How to ensure that a supported version of my script is being executed?

in reply to How to ensure that a supported version of my script is being executed?

Even if you lock down your application, if your users have permission to enter junk data in your database they can write their own application to do it, or just connect to it with Excell and Access and start entering junk.

If you want to prevent them entering junk, remove direct access to the database and only let them run stored procedures which validate the inputs.

Comment on Re: How to ensure that a supported version of my script is being executed?

Replies are listed 'Best First'.
Re^2: How to ensure that a supported version of my script is being executed? by sanbiswa (Initiate) on Aug 21, 2012 at 08:45 UTC
Thanks for your response. I do have all the mechanisms in place (stored procedures with proper grants etc.) so that the users can modify the database only via this script. So his modified script gets into the database and writes x instead of y; how to prevent that? Validating the data entered is not always possible in my case, so my idea was to ensure that the script that entered such data is the correct one.	[reply]
Re^3: How to ensure that a supported version of my script is being executed? by ig (Vicar) on Aug 21, 2012 at 13:42 UTC
How do you prevent the user entering `x` instead of `y` in your script? If your script doesn't allow the user to enter `x` or `y`, but derives `y` from some other input, then don't accept either `x` or `y` as input to your stored procedure but, rather, accept only the primary input from which `y` can be derived.	[reply] [d/l] [select]

In Section Seekers of Perl Wisdom