Windows Key Disabling (AREV Specific)
At 10 DEC 1998 08:54:39AM Matt Sorrell wrote:
Hello everyone,
I could really use some help here. We have found a security hole in our application. It seems that from a window, if a user presses - to access the filter window, then chooses the select option that they can actually edit records. Once the select statement window comes up, if they erase they select command and type in an edit command (EDIT MEMBER for instance) and press F9, they get a message box saying the command is invalid (the command that appears is SELECT EDIT MEMBER). If they erase the word SELECT so that all is left is EDIT MEMBER, (or whatever table) they can then actually edit records. OUCH!!!!
The fix is real simple. All we have to do is disable the FILTER WINDOW key from under PAINT. What I want to know is if there is a way I can programmatically add this key to the disabled keys list in the window templates, or if I have to repaint every window, disable they key, and send the new windows to the users. I've tried creating a brand new window with no keys disabled, looking at the template, and then disabling they key and looking at the template again, but I can't figure out where in the template the disabled key information is stored.
Any help would be greatly appreciated.
Matt Sorrell
At 10 DEC 1998 11:04AM [email protected],[url=http://www.sprezzatura.com]Sprezzatura Ltd[/url] wrote:
Would this work for you?
World Leaders in all things RevSoft
At 10 DEC 1998 11:59AM Matt Sorrell wrote:
Andrew,
It would, but I'm looking for a solution that won't require me to recompile a bunch of code. I'm looking for a run-once utility that will just modify all of our window templates so that I don't have to repaint and redownload them to our stores.
Matt Sorrell
At 11 DEC 1998 12:42AM Larry Wilson - TARDIS Systems, Inc. wrote:
if You PAINT the SELECT window in SYSWINDOWS and put something in
INVALID, like code K and command {ALT-X} (erase the line), then
it never leaves them the EDIT showing and it goes for ALL windows that
use that select window (the main one.)
That should do it.
At 15 DEC 1998 06:11AM [email protected] - [url=http://www.sprezzatura.com]Sprezzatura, Inc.[/url] wrote:
My system has a SYSWINDOWS dictionary record called WC_UNKEYS.
@ANS=FIELD(@RECORD, CHAR(247), 43)
CONVERT @FM TO CHAR(179) IN @ANS
SWAP \003C\ WITH 'F2' IN @ANS
SWAP \0040\ WITH 'F6' IN @ANS
SWAP \0041\ WITH 'F7' IN @ANS
SWAP \0042\ WITH 'F8' IN @ANS
SWAP \0043\ WITH 'F9' IN @ANS
SWAP \0044\ WITH 'F10' IN @ANS
SWAP \003B\ WITH 'F1' IN @ANS
SWAP \003F\ WITH 'F5' IN @ANS
SWAP \005E\ WITH 'Ctrl-F1' IN @ANS
SWAP \0062\ WITH 'Ctrl-F5' IN @ANS
SWAP \0063\ WITH 'Ctrl-F6' IN @ANS
SWAP \0064\ WITH 'Ctrl-F7' IN @ANS
SWAP \0065\ WITH 'Ctrl-F8' IN @ANS
SWAP \0067\ WITH 'Ctrl-F10' IN @ANS
SWAP \0017\ WITH 'Alt-I' IN @ANS
SWAP \0016\ WITH 'Alt-U' IN @ANS
SWAP \0021\ WITH 'Alt-F' IN @ANS
SWAP \0030\ WITH 'Alt-B' IN @ANS
SWAP \0019\ WITH 'Alt-P' IN @ANS
SWAP \001E\ WITH 'Alt-A' IN @ANS
SWAP \0020\ WITH 'Alt-D' IN @ANS
SWAP \0018\ WITH 'Alt-O' IN @ANS
SWAP \0011\ WITH 'Alt-W' IN @ANS
SWAP \0014\ WITH 'Alt-T' IN @ANS
SWAP \0015\ WITH 'Alt-Y' IN @ANS
SWAP \001F\ WITH 'Alt-S' IN @ANS
SWAP \002F\ WITH 'Alt-V' IN @ANS
You should be able to reverse this code to place a key into the list.
