Application security. (dBASE Developer: limiting access, password entry, using INKEY) (Tutorial)

Now that we've finally finished with the subject of help development and display, we can get on to other topics of interest. Let's discuss application security in general, and develop a password-entry routine.

Why security?

Even with single-user applications, it's often important to have security measures as a feature of the system. There may be certain operations that only specific operators are allowed to perform. Without a security system, it's impossible for an application to know if the current user is allowed to access or change information in the system. Security systems are most often controlled by a password entry routine. The password, or a piece of information associated with a password, becomes a control on users' access to either the system, or to a specific activity within an application.

At the lowest possible level, security can be "hard-coded" into an application. In its simplest form, you can have your application ask for a user password and simply store it to a PUBLIC memory variable. The system then checks the stored password before performing any sensitive operation. Unless the password is "BLATZ" (for discussion's sake, our super-secret password), the system informs the user that the option isn't open to them. Sample code for this approach is shown in Listing 1.

Listing 1--Sample password code.

DO CASE && from a menu

CASE m_choice = "Add" DO add_it

CASE m_choice = "Edit" DO edit_it

CASE m_choice = "Delete"

IF m->mypassword = "BLATZ" DO delete_it ELSE ?? chr (7) …