Need help to put a DB in Web

[Mota]

Hi;
We want to register our users.Registration means adding their name,ID and
Password in a table named DoctorsTBL.Since our Doctors are about 3000
persons,we want to provide a facility to give them the option to register
thru internet.So i made a Data Access Page based on this table.But bacause i
dont have enough experience of putting DBs in the net,i dont know what to do
next.
Supposing we have a web space such as: Geocities.yahoo.com/me (this is just
for a test.If i can do this,we gonna rent a suitable web space),what i have
to do now?Some of my questions are:
What to upload beside this DAP,and who must have Access installed on his/her
system?My users or my web host?
Can anyone please help me to fulfill this?I appreciate you and thank you in
advance for your help.

 

[Albert D.Kallal]

Your problem here is that you started developing your software without
checking what services your provider offers.

A DAP page is really only of any use if your are going to build, run , and
maintain your OWN web server. While setting up your own web server is
actually quite easy, the security ramifications of exposing your network and
computers to the internet is a whole different ball game. In fact, it takes
a LOT of experience to know how to maintain the web site SECURELY.

It sounds like you are actually looking for a provider to host your web
site. That means you MUST USE THEIR tools to develop your software with.

Few, if any web providers support DAP pages (they really are only of use if
you have your OWN web server). And, further, end users have to have parts of
office installed before DAP pages run. So, really, trying to use ms-access
here, or word, or VB for that matter is the COMPLETE WRONG TOOL.

So, really, the best approach would be to learn ASP web pages. And then find
a provider that offers ASP and sql-server, or some other database.

Simply put, you are using the COMPLETE WRONG tool for web stuff, and thus
are in the wrong newsgroup and taking the wrong road.

you need a different set of tools..and ms-access is not one of them. You are
in the wrong place...

 

[Mota]

Yaah...the job is more complicated than i thought.
Ok.If i kinda convert my table to a SQL server format,and use FrontPage to
design a simple web page (a form related to that table),instead of a DAP,can
i carry out what i want?As far as i know,most web servers support SQL
server.But,what about the End users?Dont they need to install any additional
software to view or fill out the form?
Thank you for your help.

 

[Sylvain Lafontaine]

If you use FrontPage, end users don't need to install any additional
software; so you will be fine. See:
http://www.frontpagemagic.com/DRW/Add-Edit-Delete/AddRecord/index.htm for
some explanations on how to use FrontPage for updating a database.

You don't also need to convert your database from JET/MDB to the SQL-Server
format. See:
http://www.canhost.ca/asp.html#FrontPag Database Region Wizard .

Others solutions would be to use ASP or ASP.NET. They are more complicated
to use than FrontPage but will give you more power on the overall design of
your forms and tables.

Finally, I would forgot about DAP if I were you.

 

[Mota]

Perfect.Thats fine hearing about i dont need to convert my .mdb file to a
SQL server format.Thank you for your hopefuling reply.
But,reviewing the web pages u linked here,I feel the support of Access files
is a special characteristic of CANHOST web provider.Now supposing that i use
FrontPage to make a web page or form and connect it to a .MDB data file
(using its DB wizard),do i have to still notice the "Access Support" of the
host,whenever i want to choose a new web server?(this is not common for most
Web Servers unfortunately).Or this is not a need and i have to ask them just
about supporting FrontPage Extentions?In addition,who is responsible for my
DB security?Me or my host?I ask this because Access doesnt have any built in
web security tool or coding facility,and CanHost says you must care about
protecting ur Database in the web (also says we have a special script to
help you secure your file,that means our DB security is MY function not
theirs.)
However,i would be grateful to you if u know and send me any other links
related to "A to Z of using FrontPage to put Access DataBases on the Web"
Thank you again for your help.

 

[user]

Perfect.Thats fine hearing about i dont need to convert my .mdb file to a
SQL server format.Thank you for your hopefuling reply.
But,reviewing the web pages u linked here,I feel the support of Access files
is a special characteristic of CANHOST web provider.Now supposing that i use
FrontPage to make a web page or form and connect it to a .MDB data file
(using its DB wizard),do i have to still notice the "Access Support" of the
host,whenever i want to choose a new web server?(this is not common for most
Web Servers unfortunately).Or this is not a need and i have to ask them just
about supporting FrontPage Extentions?In addition,who is responsible for my
DB security?Me or my host?I ask this because Access doesnt have any built in
web security tool or coding facility,and CanHost says you must care about
protecting ur Database in the web (also says we have a special script to
help you secure your file,that means our DB security is MY function not
theirs.)
However,i would be grateful to you if u know and send me any other links
related to "A to Z of using FrontPage to put Access DataBases on the Web"
Thank you again for your help.

Take a look here

http://members.cox.net/tulsaalstons/Documents/Microsoft Access Developer Transition to Internet.htm

http://members.cox.net/tulsaalstons/Documents/Access-WebConversionSoftware.htm

Bob

 

[Albert D.Kallal]

Yaah...the job is more complicated than i thought.
Ok.If i kinda convert my table to a SQL server format,and use FrontPage to
design a simple web page (a form related to that table),instead of a
DAP,can i carry out what i want?As far as i know,most web servers support
SQL server.But,what about the End users?Dont they need to install any
additional software to view or fill out the form?
Thank you for your help.

Yes, you are on the right track. Many web providers even support what is
called front page extensions. So, Front page is a excellent start. Check
with your web provider as to what they support. In this approach, the end
users do NOT need to install any software.

Note that can also connect front page to a mdb file, but for the most part,
since you are not using ms-access anymore...might as well use sql server
(and, while some providers do support mdb files...it not much worth it
anyway).

By the way, don't be taken off by how terse and hard I was in my other post.
It just that it is so UNFAIR for you to waste a bunch of time on the wrong
road....so, to save you some grief, I was very blunt to the point in my
other post....

However, you do seem to be on the right road...and FP + sql server is a
ideal place to start web stuff with.

 

[Albert D.Kallal]

I feel the support of Access files

is a special characteristic of CANHOST web provider.

Yes, as I mentioned in my other response, some providers do support the mdb
files..but NOT ms-access. So, really, your are just working with a data
file, and thus it really don't matter much what you use (mdb, or sql
server). You gain little, or really nothing by using mdb files here.

Now supposing that i use
FrontPage to make a web page or form and connect it to a .MDB data file
(using its DB wizard),do i have to still notice the "Access Support" of
the
host,whenever i want to choose a new web server?

Yes, the above is correct. As I mentioned, mdb files don't take too much to
web stuff. The problem is that the web site is attached to the mdb file, and
in theory, you have to stop, or shut down the web site (that has the mdb
file open) if you need to modify tables, or do other things. This is the
same idea like you must kick users out when you modify the mdb file...but in
this case, the user is the web server!!!...how do you shut that down!! So,
using mdb files really don't help a whole lot here...better to work with
something that is designed around this concept.

Or this is not a need and i have to ask them just
about supporting FrontPage Extentions?

Well, either you ensure your provider allows use of extensions, or you don't
use the extensions, and stick to quite plain HTML pages. For the most part,
FP creates standard HTML..but if you use extensions..then ISP must support
them.

In addition,who is responsible for my DB security?Me or my host?

Well, the provider for the most part is responsible. If someone gets a hold
of your passwords etc, then not much you can do. However, it is unlikely
that a hacker will garb, or do damage to the system, since the providers are
VERY good at keeping things locked up. So, for the most part, the web
provider will keep your system secure.

I ask this because Access doesnt have any built in web security tool or
coding facility,and CanHost says you must care about protecting ur Database
in the web

Remember, the public Joe user cannot connect, or see the mdb file. What
happens is that the WEB SERVER connects to the mdb file. So, public users
NEVER see, nor can connect to the files that your web site is built upon. In
fact, simple pictures, and html web pages which are just files can NOT be
accessed by public..but *just* by the web server which dishes out this stuff
to the browser. However, you as the site admin will have a password, and
thus can browse/use/modify/upload any file to the web server/site.

So, end users can no more modify the mdb file then they can modify a picture
file on the server.

As mentioned, if you try and do this yourself, there is SO MANY holes that
hackers can exploit, but web providers are quite good in this regards. So,
each file, pictures, or mdb files cannot be touched by public people...and
thus you don't need anything more special to the mdb file then the picture
file. I suppose there are a few cases where some extra caution needs to be
taken. For example, if you have some part of the web site that builds sql
and sends it to jet, but part of that input is from a user..then a smart
user might enter something else in place of what you expect.

eg:

What name to search for [ ]

Your internal code might go

sqlSql = "select Company from tblCustomers where CompanyName = " [user
input]

You expect the user type in Wal Mart for the prompt, but they might type in

shell("delete c:\*.*)

Well, in theory, you could get

sqlSql = "select Company from tblCustomers where CompanyName = "
shell("delete c:\*.*)

The problem that some systems allow expressions to be evaluated, and users
can
type that in place of simple text. So, even with a secure system,
sometimes holes are left. (again, most web providers would not allow those
expressions to function).

However,i would be grateful to you if u know and send me any other links
related to "A to Z of using FrontPage to put Access DataBases on the Web"

Well, I would think that the front page newsgroups would at least be a start
for your general questions.

 

[Mota]

Dear Albert;
I thank you for the great guides.Specially for the sql example.I will never
forget to use filtering rather than SQL statements in these cases,and be
aware of using query in public fields in other cases.
I know u recommend SQL server for our Web DB.But knowing that our main
database is in Access format,i hope u give us the the right to resist a bit
against using another format as a part of our work.In this case,we would
need an on line or on call stuff to do prepare and convert records collected
from web,to add to an Access Table.(We will do it of course,if there is no
logical solution to use a mdb data file)
As i got from ur posts,the only limitation(for us) on using MDBs in web is
that we must turn off our web,when modifying tables.and this is done by the
users that want to add a record to a table.First i wonder how this
happens,if they see a HTML version or a picture of our table?And the
second,isnt there any trick to solve this problem?Otherwise,no doubt we have
to use SQL server.
At the end,im not wasting my time here.Making a decide to use Access or
not,is more related to the Access experts,vs FrontPage ones.The cautions u
wrote is the things i must know before going for FrontPage usage.
Thank you for all helps.

I feel the support of Access files
is a special characteristic of CANHOST web provider.

Yes, as I mentioned in my other response, some providers do support the
mdb
files..but NOT ms-access. So, really, your are just working with a data
file, and thus it really don't matter much what you use (mdb, or sql
server). You gain little, or really nothing by using mdb files here.

Now supposing that i use
FrontPage to make a web page or form and connect it to a .MDB data file
(using its DB wizard),do i have to still notice the "Access Support" of
the
host,whenever i want to choose a new web server?

Yes, the above is correct. As I mentioned, mdb files don't take too much
to
web stuff. The problem is that the web site is attached to the mdb file,
and
in theory, you have to stop, or shut down the web site (that has the mdb
file open) if you need to modify tables, or do other things. This is the
same idea like you must kick users out when you modify the mdb file...but
in
this case, the user is the web server!!!...how do you shut that down!! So,
using mdb files really don't help a whole lot here...better to work with
something that is designed around this concept.

Or this is not a need and i have to ask them just
about supporting FrontPage Extentions?

Well, either you ensure your provider allows use of extensions, or you
don't
use the extensions, and stick to quite plain HTML pages. For the most
part,
FP creates standard HTML..but if you use extensions..then ISP must support
them.

In addition,who is responsible for my DB security?Me or my host?

Well, the provider for the most part is responsible. If someone gets a
hold
of your passwords etc, then not much you can do. However, it is unlikely
that a hacker will garb, or do damage to the system, since the providers
are
VERY good at keeping things locked up. So, for the most part, the web
provider will keep your system secure.

I ask this because Access doesnt have any built in web security tool or
coding facility,and CanHost says you must care about protecting ur
Database
in the web

Remember, the public Joe user cannot connect, or see the mdb file. What
happens is that the WEB SERVER connects to the mdb file. So, public users
NEVER see, nor can connect to the files that your web site is built upon.
In
fact, simple pictures, and html web pages which are just files can NOT be
accessed by public..but *just* by the web server which dishes out this
stuff
to the browser. However, you as the site admin will have a password, and
thus can browse/use/modify/upload any file to the web server/site.

So, end users can no more modify the mdb file then they can modify a
picture
file on the server.

As mentioned, if you try and do this yourself, there is SO MANY holes
that
hackers can exploit, but web providers are quite good in this regards. So,
each file, pictures, or mdb files cannot be touched by public people...and
thus you don't need anything more special to the mdb file then the picture
file. I suppose there are a few cases where some extra caution needs to be
taken. For example, if you have some part of the web site that builds sql
and sends it to jet, but part of that input is from a user..then a smart
user might enter something else in place of what you expect.

eg:

What name to search for [ ]

Your internal code might go

sqlSql = "select Company from tblCustomers where CompanyName = " [user
input]

You expect the user type in Wal Mart for the prompt, but they might type
in

shell("delete c:\*.*)

Well, in theory, you could get

sqlSql = "select Company from tblCustomers where CompanyName = "
shell("delete c:\*.*)

The problem that some systems allow expressions to be evaluated, and users
can
type that in place of simple text. So, even with a secure system,
sometimes holes are left. (again, most web providers would not allow those
expressions to function).

However,i would be grateful to you if u know and send me any other links
related to "A to Z of using FrontPage to put Access DataBases on the Web"

Well, I would think that the front page newsgroups would at least be a
start
for your general questions.

--
Albert D. Kallal (Access MVP)
Edmonton, Alberta Canada
(e-mail address removed)
http://www.members.shaw.ca/AlbertKallal

 

[Mota]

Ok,Thanx.

Take a look here

http://members.cox.net/tulsaalstons/Documents/Microsoft Access Developer Transition to Internet.htm

http://members.cox.net/tulsaalstons/Documents/Access-WebConversionSoftware.htm

Bob

 

[Albert D.Kallal]

on using MDBs in web is that we must turn off our web,when modifying

tables.and this is done by the users that want to add a record to a table.

no. What I am saying that when you now run ms-access, you must kick users
out if you are going to make DESING CHANGES to the talbes.

When you have the mdb file on the web server, then the user you must kick
out is the web server.

First i wonder how this happens,if they see a HTML version or a picture of
our table?

Your web server is most certanly allowed to update data. They don't see a
htlm version..you write a web page that *connects* to he mdb ifle..and loads
up the data. This is just like building a form in sma-ccess..and the
conencts to a table. So, you have to build the intefqace to the mdb
file..but as general rule you had to to do this when you built ms-access
appcliaones. And, of course, since you do NOT HAVE ms-access installed on
the web server, all you have is JET. Thus, you don't have some table
view..or the ability to browse reocrds in a table...you MUST write the
software to do this. Thus, for major updates, and changes...likey you would
download the mdb file to YOUR computer...do the changes..and then upload it
back to the web server.

So, .I was speiclaifty talking about doing mdb file maintance (things like
compaciting the file, or modifying a table requites that NO other users be
in the file...but for regular updateing of data...of couse users will be
attached to the mdb file (or, in yyour case, the user is actally the web
server...since users will never touch the actual data file...no more then
you do when you order a book on amazon.com. (you don't attach to the
amazon.com database...but the web server sure does).

As to how you detach the web server from the mdb file..often, just making
sure that a particular web page is not open will do the trick. This actually
depends your provider..and how they + you set things up.

Remember, if you send me a mdb file to my computer, and I don't have
ms-access, I can still open, and read information from that file since I
have the JET database installed on my computer. It is this jet engine that
is installed on the web server...not actually ms-access.

Thus, to do any updates, or changes to the mdb file..you will have to use
sql update commands via the asp web pages.

 

[Mota]

All of these are good news for me,and to the favor of using mdb file as my
Database in the web.As u mentioned at the top,that limitation(kicking the
users off when we wanna make design changes in a table)exists even NOW,with
our small network.Surly i dont expect to bypass it in the web.So i believe
that i had missunderstood the term "Changes" in ur previous sayings.
Now,thanks to your detailed descriptions,i think i have got the most of
things i needed for choosing a web DB,and im ready to go on with
FrontPage.Never forget your helps.Thanks a lot.