Link A VB6 program in HTML to a distant Access databse... 1

[Labuzz]

Hi all,

This question is a simple question like so many : How to link a VB6 Program to an Access database with a faint difference...

My VB6 program is running through an HTML on client side and I have no idea about the location of my database form the client computer... (in the other half of the world).
Even If I create a system DSN on his computer, I need here also to know the location of my database from his computer...

An other and better issue should be to be able to run the part of the code which connect me to tyhe database ONLY on server side but I have, here also no idea to do such thing...

I know that VB6 is not the right tool for web programming but I had neither other 'quick' tools nor other knowledge to do the work until now. And also , now,everything is already done, I just need to connect an internet user to my database and everything is ok 4me...

Notes: On the Local Area Network of my office, the path of my databse is easy " \\servername\sharedfolder\website\othershare\mydata.mdb".
And on the LAN everything is working fine and all my colleague can apply online for a job, but them only (-.-), why ????

 

[Sheco]

Please explain more this statement:
"My VB6 program is running through an HTML on client"

 

[dilettante]

What is being done here is possible, but to make it work requires relaxing so many barriers that are intentionally erected for security reasons that it is normally impractical. In most cases you'd run up against a firm hand from site security folks, and in any case it would be a hazardous thing to do. The Internet is not a safe place to play, so applications must be built very defensively.

It sounds like we are talking about a static web page that either contains an embedded VB ActiveX control or else one that downloads and executes a VB EXE. The VB code then needs to connect back to an MDB file on a file server within the organization's LAN.


There are a number of ways to use VB in a more secure scenario, and nearly all of them involve running the VB logic back at an application or web server. Options here include VB ActiveX classes invoked from ASP pages, VB6 WebClasses (really the same thing), or VB CGI EXEs. Other variations exist as well, but these are the basics.

The essential thing is to avoid exposing the MDB or the file system to an outside user. The concerns are similar no matter what database technology is used.


One alternative is to use VB logic (EXE or ActiveX control) as a "smart client" that talks to a controlled server (and a file server doesn't count as a server here) environment using some ad hoc protocol over some ad hoc transport. A common example of this is the use of SOAP-style payloads over HTTP.

You could just as easily invent some other way of packaging your requests and data, and send them over a bare TCP socket, HTTP, etc. You can marshall ADO via MSMQ over HTTP, RPC over HTTP, etc. as well. There is also the Remote Data Objects facility.


There are lots of options, each with its own advantages and drawbacks. Most commonly though people tend to opt for the more straightforward "3 tier" web application model:
[ul][li]HTML+Javascript client (web browser)[/li]
[li]ASP, VB, etc. logic (web server)[/li]
[li]Database, possibly with stored procedure logic (database server)[/li][/ul]
User are suspicious enough about client-side ActiveX. I can't imagine many willing to tolerate a web page that wants to download and run some random EXE. While possible to implement via the web, most VB EXEs really require an installation step to ensure that the needed runtime components are installed. Installing DSNs on users' computers via the web is really starting to get bold.

 

[Labuzz]

Hi guys, thanks for answering...

For Sheco:
I mean that my VB6 program is running on an HTML page on client side via an ActiveX control.

For dilettante:
Thank you sir for giving me all that light. I haven't understand everything that you have written yet (because I am french and my english is as good as my programming level...) but I already now that there are lot's of information about web programming concept.
To use ActiveX control on my web page is not my objective, but I don't know any other thing to program on the web.
What I wanted to do is just a basic HTML form connected to an Access database in order to register online like in any other web site.
But I have a big lack of knowledge in Asp or pHp and my boss wanted this to be done very quickly that is why I lunched myself in this with ActiveX control because I am a bit fluent in VB.
But I know that it is too much problem and as you said, IE security is the main problem.

So if you can help me to understand as quick as possible how to do an HTML form connected to an Access database (with ASP for example) I will may be still safe next month...

Have a nice Day !

 

[Labuzz]

Also I forget,

diletente, if you can give me some indication in how to make applications very defensive, I would apreciate that very much...^^

Stil have nice day !

 

[Sheco]

If you know about VB and Access then it should be very easy for you to learn to make ASP with VBScript. This is even more true if you have some knowledge of using ADO to work with the database.

 

[dilettante]

Hello Labuxx.

I was trying to communicate a large number of subjects at once in a small amount of space. This naturally leads to complex wording, which may make many assumptions and take many shortcuts. I can imagine it would be difficult to get the meaning if you are not a native speaker.


Here is one suggestion though. Microsoft has an interesting book online about this subject: Improving Web Application Security: Threats and Countermeasures and it may prove interesting.

Perhaps they have a version in French at Portail de sécurité.

Much of this is .Net-oriented instead of DNA-oriented (the previous Microsoft architecture, which VB6 belongs to). Most concepts should still apply though.


A shorter (and more general) article on this subject can be found at Are your web applications vulnerable? but I don't see any French version. It gives a good overview of the issues though, and introduces terminology. These make good search terms for web searches, to find out more.

 

[Labuzz]

Thanks for all again guys.

And thank you very much dilettante for your interesting links and also to keep in mind that I am French (^_-) !

Sheco, You say that ASP and all that stuff is more easy.
Ok I can easily trust you but I need to know at leats some fundament in "How it works", and It is very hard (for me ) to find exactly thos simple question over internet (maybe I am out those day...(-.-)
Because, I tried something in asp but, all the code is running when the page is loaded, how to make a code that is lunched only when you click on a control ?
Like :

[COLOR=blue]Private sub Button_onclick()
   Dim Mystuff As MyType
   ...
   ...
   msgbox("Hahaha, welcome to my ASP !")
   'My end
End Sub[/color]

Am I oblige to use javascript ?

Whatever, thanks guys and C U (yes it is a way to talk or,
C'est une facon de parler quoi... )