Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
sqlserverdeveloper
Posting Yak Master
243 Posts |
 Posted - 2008-07-31 : 17:18:38
|
| We have an very critical application written in .net, since it's badly written, the users can delete the data from the application. For example, if there are orders in the web page the users can go into the application and delete the orders. I am not a .net programmer, so I am trying to see if I can do the following on the database side:1. Create a ondelete trigger so that as soon as someone deletes the order, it should get into a deletedorders table along with the user who deleted the order.And also if it can alert me as soon as a order is deleted that will be great too.Thanks for your responses!! |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2008-07-31 : 17:25:48
|
| Yes that is possible. Show us what you've got so far and we can help you with that. But will SQL Server even know who deleted the order? How are users connecting?Tara KizerMicrosoft MVP for Windows Server System - SQL Serverhttp://weblogs.sqlteam.com/tarad/Subscribe to my blog |
 |
|
|
rmiao
Master Smack Fu Yak Hacker
7266 Posts |
Posted - 2008-07-31 : 22:37:52
|
| You may need sql auditing tools, they can get windows account of the process even connected with sql authentication. |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2008-08-01 : 00:50:14
|
| But not if you are using application authentication for the users. In that case, you would need to modify the application to send that info as part of your queries.Tara KizerMicrosoft MVP for Windows Server System - SQL Serverhttp://weblogs.sqlteam.com/tarad/Subscribe to my blog |
|
|
|
sqlserverdeveloper
Posting Yak Master
243 Posts |
Posted - 2008-08-01 : 09:11:09
|
quote:
Originally posted by tkizer
Yes that is possible. Show us what you've got so far and we can help you with that. But will SQL Server even know who deleted the order? How are users connecting?Tara KizerMicrosoft MVP for Windows Server System - SQL Serverhttp://weblogs.sqlteam.com/tarad/Subscribe to my blog
We have a user's table in the orders database, and for any new user we add them in this table to give them access to the application. What I was thinking is writing a ondelete trigger and log the delete and also track the username too. Thx. |
|
|
|
sqlserverdeveloper
Posting Yak Master
243 Posts |
Posted - 2008-08-01 : 09:11:55
|
quote:
Originally posted by rmiao
You may need sql auditing tools, they can get windows account of the process even connected with sql authentication.
Are there any free tools? |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
|
|
|
|
|
Making data secure