Monday, April 17, 2006

Things to fix before 0.7.0 release

Hi all,

as privileges and user management stuff is complete, we're done with
features for 0.7.0. I'd like to get the list of things that need to be
fix/polished before the release.

One of the problems is perhaps AdvancedMetadataSearch dialog. We still
haven't decided what exactly should it look like. Do you guys think that
we can go with 0.7.0 release with it - as it is now? It is completely
functional, just the layout and some other details are probably
different than they should be.

Other thing is StatementHistoryFrame. For the time being, I'd like to
make a modal dialog out of it (select SQL statement from history and
close it). I know how I'd do it when deriving from wxDialog, but I'm not
sure what happens if we're to derive it from BaseDialog. What happens
with "buttons panel and sizer". Perhaps we should leave search box and
search/delete buttons at top, and move "Copy to editor" button to bottom
- and also add "Close" button to it?

I'd also like to know how does PrivilegesDialog look on other platforms,
as I only tested on Linux. I tried on Windows 98 at some point, and it
seemed fine, but I'd like to know about WinXP and Mac.

Please say if there's any other issue as well...

--
Milan Babuskov
http://swoes.blogspot.com/


..:: ::..:: ::..

Sunday, April 09, 2006

Privileges page



Finally, the Privileges page is here.

This is still a work in progress, but you can already look at table and view privileges. The main problem we currently have is that wxHtmlWindow doesn't support TITLE attribute of IMG tag. I wanted to use it to display the grantor (user who granted the privilege) as a tooltip - when you hover the mouse over privilege icon.


..:: ::..:: ::..

FlameRobin license changed

This is the new license used for FlameRobin code:

Copyright (c) 2004, 2005, 2006 The FlameRobin Development Team

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.


..:: ::..:: ::..

Friday, April 07, 2006

New FlameRobin password protection



- all passwords(PW) are encrypted with master password (MPW)
- MPW is not saved in any file, it is only known to the user
- PW + MPW => Cipher (cipher is stored in .conf file)
- When PW needs to be decrypted, user is prompted for MPW
- Cipher + MPW => PW

Defense from "known plain-text" attack:

- If the attacker gets a hold on to .conf file and knows one of the PWs
he would be able to compute MPW (Cipher + PW => MPW). In order to prevent
this, we use the following scheme:

- we take MPW+username+full_database_path, and use it as a seed for
some irreversible random number generator (RNG) like ISAAC.
- we use the numbers produced by RNG to encrypt the PW.
- since numbers are unique for each username+full_db_path and RNG is
not reversible, the attacker cannot get MPW, and he also cannot decrypt
any other password.

Information on ISAAC:
http://en.wikipedia.org/wiki/ISAAC
http://www.burtleburtle.net/bob/rand/isaacafa.html


..:: ::..:: ::..

Monday, April 03, 2006

Small niggles with current FlameRobin

Hi guys,

today I took a look at FlameRobin after a few days away from it, and
here are some things I noticed that are not optimal IMO. Maybe you
don't agree, maybe you agree and want to fix/change some of them, maybe
I'll get around to some of them...

Anyway, here goes:

1) All property pages:
- The links on top of the pages jump around when one follows them, and
the link for the current page disappears. I much prefer the way e.g.
SourceForge handles this, with all links always visible in the same
place, with the current page as standard text of the same font. Compare
enabling/disabling controls to hiding them.

2) Database property page:
- The page uses two narrow tables of fixed width, while all other use
expanding tables, stacked vertically. I'd prefer consistency.
- Could the database size be given in MB? Even better would be a
dynamic label (kB/MB/GB)...
- We need a database32.xpm file, current icon is the generic FR one.

3) Advanced Metadata Search frame:
- The layout needs to be improved. It is too large (minimal size on my
system 824x347), to wide for the height (a ratio of about 4:3 would be
ideal), and it is quite confusing. It would also be hard to extend it
(adding more criteria, adding AND/OR combination of criteria, ...). I
don't really have a better layout in mind ATM, but I would like it to be
closer to the backup/restore frame layout: controls in the upper part,
then the action button, then the result list in the lower part.
- The "DDL for selected objects" control shouldn't be there at all,
IMHO. Double click on the result list would open the property page with
the same information (default action for DBH objects, known behaviour
from the tree control).

4) SQL Execution frame:
- SQL History frame should at least stay on top of parent execution
frame, otherwise frame relation is lost when $user switches between
frames. But I doubt that a frame is actually the right design there.
How about a list box left or right of the SQL edit control, with a
splitter, keyboard and drag and drop operations instead of buttons,... ?

Comments, flames and stuff very welcome.

Thanks

--
Michael Hieke




..:: ::..:: ::..

Saturday, April 01, 2006

MySQL AB Acquires Firebird Foundation and Flamerobin

Milan Babuskov one of original creators of fbManager which became Flamerobin, just made it publicly known that he now works for MySQL AB.

My project, Flamerobin and Firebird Foundation , have been acquired by MySQL, AB. As
part of the agreement, I will be working full time for MySQL. I expect
to lurk on the flamerobin-devel list from time to time and may contribute
the occasional wolf-o-gram, but I will not be taking an active part in
Flamerobin development. Although Mariuz will work for MySQL, part time,
translating from wolf to English,He will continue to be active in the
Firebird/Flamerobin projects.

Ann Harrison gave the idea to buy all the firebird developers with this post
on firebird-support

..:: ::..:: ::..:: ::..:: ::..

The New license for flamerobin

By downloading flamerobin you agree to the following disclaimer:

This programme carries no warranties either implied or explicit. Use at your own risk. It was written by me as a personal challenge. It seemed to work when I ran it, but it might not work for you. It might also delete random files, send pornographic pictures to the president, crash you computer or cause space aliens to destroy the planet. Use it at your own risk and remember: if it’s not backed up, it’s not important.


..:: ::..:: ::..