The A–Z of FileMaker: E

E is for encryption

Encryption is the act of encoding data so that it cannot be understood by normal means. To be understood, it needs to be decrypted, and that can only be done by authorised parties.

Did you know?

Cryptography is “hidden or secret writing”; steganography is “covered or concealed writing”. The difference is privacy versus secrecy. Both date back to the classical Greeks with Spartans using the scytale transposition cipher, and Herodotus reported using tattooed messages on a slave’s head hidden by regrown hair.

Clearly, encryption is done to protect data and is often an important part of a security strategy. In the FileMaker Platform, there are many areas where data is encrypted – some of these are optional, others are the standard.

Challenge

Before reading any further, how many areas of FileMaker products can you name that use encryption? Consider all products in the FileMaker Platform.

Encrypted passwords

When you create a FileMaker security account, you specify an account name, password and select a privilege set. The password is encrypted and stored in the file. The encryption method used is a one-way hash, meaning that the stored encrypted password can never be decrypted.

So how does FileMaker Pro check that your password is correct when you log in?

The password you enter is encrypted by the FileMaker client using the same hash used when storing the account password. The your encrypted password is compared with the stored encrypted password, and if they match you are allowed access.

A one-way hash is also used for the FileMaker Server Admin Console password.

Did you know?

Before FileMaker Pro 7, passwords were stored in plain text. Hacking utilities existed that could easily extract passwords from files.

Database (file) encryption

Data stored in a standard FileMaker file is encoded but not encrypted. This means that if you can decode the file, the data is there in plain text. You do not need a password. Of course, you do need access to a physical copy of the file. Maybe you ‘found’ an old backup copy stored on a drive?

Starting with FileMaker 13, database files can be encrypted. This is referred to by FileMaker as Encryption at Rest ( EAR). Using the Developer Utilities in FileMaker Pro Advanced, a file or files can be selected and the option applied to Enable Database Encryption. To do this, you must supply a Shared ID, Full Access account name and password, and an Encryption Password.

The Shared ID is used to link multiple files in a solution.

It is strongly advised that the Encryption Password be complex, and as with other passwords, it is case sensitive. Write it down and store it securely! If you ever lose the Encryption Password for your file, no-one will never be able to access the file again (not even FileMaker Inc.).

When a file is encrypted, the user must enter the Encryption Password to open the file before entering their account credentials. The exception to this is when the file is hosted by FileMaker Server – the server can be authorised to host the file and store the Encryption Password so that users only need their account credentials to access the file. Importantly, closed files or backup copies made by the server are encrypted at rest. So the contents are secure even if someone can access a backup copy.

FileMaker uses AES-256 in CBC mode for file encryption. This is the encryption level required at the highest levels of government for top-secret data.

SSL for network communications

Data transferred from FileMaker Server to a FileMaker client over a network is not secured by default. It is possible to collect and decode packets of data sent. FileMaker Server allows the configuration of SSL with a custom certificate.

Did you know?

The standard FileMaker SSL certificate installed by default on FileMaker Server is intended for test purposes only. A custom SSL certificate is required for production use.

Enabling SSL on FileMaker Server will encrypt network traffic between FileMaker Server and:

  • FileMaker clients – FileMaker Pro, FileMaker Go, FileMaker WebDirect
  • remote Server Admin Console sessions

It will also encrypt:

  • files uploaded from FileMaker Pro to FileMaker Server
  • progressive download of interactive container data

It will not encrypt data between FileMaker Server and ODBC sources – this requires SSL configuration on the ODBC source. The same applies for communications withActive Directory or Open Directory for user authentication.

Did you know?

If you use FileMaker Pro as a host (for up to five guest clients), you cannot secure network communications between host and client.

Email notifications and directory services for FileMaker Server can also use SSL to encrypt communications.

Secure container storage

When you specify external storage for a container field, there is an option for secure storage. When this is selected, container data is stored in an obscured folder structure outside of the database file and each document is encrypted.

A typical secure storage folder structure is shown below. There are encrypted files named 2E85 and 112C. The file path is a UUID broken into parts.

The encryption method used for secure container storage depends on whether the file itself is encrypted. For encrypted files, secure container storage uses AES-256 in CBC mode; standard files use AES-128 in CBC mode.

The encryption key is held in the FileMaker file and is needed to decrypt the stored files. Without the FileMaker file, the stored files are not accessible.

FileMaker Go

FileMaker files stored on an iPad or iPhone device in FileMaker Go will be encrypted using the Apple iOS encryption as long as the device is passcode protected. There is nothing required to implement this encryption and the user does not require any encryption keys to access the files. This means that local files on a device are secure if the device is lost or stolen – the passcode is required to copy the files from the device.

Challenge Answer

Five – passwords, files, network traffic, container data and FileMaker Go files. Did you get all these encryption areas before you started reading? Are there any we have missed?

Did you know?

The author, David Head, has presented several FileMaker Security sessions at the annual FileMaker Developer Conference. Last year in Las Vegas, he presented a session titled Cryptography, SSL & the FileMaker Platform.

Can your business be more efficient?

It’s really a rhetorical question. All businesses can be more efficient. The trick is finding the best areas to improve – those that will bring the greatest benefits for the least effort.

If you could spend an hour modifying a process that saved you two hours every week, that is a raw return on investment (ROI) of 200% just in the next week. That would be incredible. However, it is probably more likely that you will spend more time on something that will save less time each week. Nevertheless, the ROI over the coming months will certainly add up.

So where do you start?

Review

First, you need to know where you are now. What is it that takes up the time in your day? What is it that you spend money on? What is it that sometimes requires fixing or redoing because it is not done right?

Select

Once you know where you are, choose one or two areas to work on. Look at potential inefficiencies. Consider any and all possible solutions. Look for the low hanging fruit — things that look like an easy fix for an immediate return. The key when you start is not to pick a six month project. There must be something that can be improved next week. It just needs to be done.

Quantify

Try to quantify the inefficiencies in terms of time, money and effort so that you can then set goals for improvement. These will be the factors that you measure as you implement changes.

Execute

Set up a clear plan for executing the improvements. As you execute, measure your processes and compare them with where you were. Don’t be surprised if efficiency goes down before improving – that often happens when new processes are introduced.

Repeat

When you have successfully implemented a change to a process and quantified the gains, look for other areas in your business where similar changes can be applied. In this way, you are leveraging off your success.

Do you want help?

uLearnIT can help you with your business processes. Contact us now to have a chat about where you would like to start improving your business processes.

The A–Z of FileMaker: D

D is for dialog

A dialogue (or dialog) is a conversation, talk, discussion or chat.

In computer terms, a dialog box (or simply, dialog) is a small window that communicates with the user, giving them options (via buttons) or allowing responses (as text).

Here is an example of a dialog seen in macOS when you empty the Trash via the Finder menu:

Dialogs are often classified as modal or non-modal. A modal dialog will block any further action in the application until the dialog is dealt with.

Did you know?

Menu commands that end with an ellipsis (…) will proceed to a dialog; those that do not, immediately execute the command. For example, in FileMaker Pro, the Records menu has a number of commands followed by an ellipsis including the destructive Delete Record… and Delete Found/All Records… commands!

Native FileMaker Dialogs

When using FileMaker Pro, any user will see a range of native dialogs – those that are generated by the application rather than by a developer. These dialogs are built into processes such as record sorting, importing and printing.

As mentioned above, one type of dialog is that seen after choosing a menu command (or using the shortcut). Where the command is destructive, the default option is to cancel.

Another sort of dialog is an error as a result of a process the user runs. For example, if the user performs a find and no records are found, the user can cancel the process or try again by modifying the find request.

Some FileMaker dialogs are more complex, allowing the user to make a number of choices before proceeding. One example is the Sort dialog, which may be a simple ascending sort by one field, or a complex multi-level sort using a summary field to re-order groups:

Native dialogs may also be displayed when validation field options are set and a validation rule is broken. For example, if a field has validation to require it to be “Not empty”, leaving the field blank may result in the following dialog when the record is committed:

Native FileMaker dialogs cannot be customised by the developer. Sometimes, they are not intuitive for all users – they may communicate the wrong message, be difficult for the user to understand, or provide unnecessary options.

Custom Scripted Dialogs

The majority of custom dialogs in FileMaker solutions are created with the Show Custom Dialog script step. This allows the developer to craft a message and to provide up to three buttons for the user. The button clicked by the user can be queried with the Get ( LastMessageChoice ) function and conditional actions performed as a result.

The custom dialog also allows for up to three text input fields. This allows the user to enter data into fields through the dialog. The input fields are specified and can be labelled in the dialog  by the developer. There is an option to use the password character (•) to obscure input.

Did you know?

The result of the button choice for a custom dialog will persist in a script until another custom dialog is presented or until the script ends. This means that the Get ( LastMessageChoice ) function does not need to be invoked immediately after a dialog.

Changing the Message

If the developer is not confident that the user will understand the native validation message shown when a rule is broken, they may craft a clearer message.

For example, a rating field may have validation set that it must contain a value that is a member of a value list. If that list contains the numbers 1, 2, 3, 4 and 5 and a user enters 2.5 or 6 in the field, they may see the following validation dialog:

It is not clear to the user what is a ‘valid’ value. And they may not understand what the Revert Field option will do. So the developer may opt for a custom message:

Did you know?

When crafting a custom error message, it is important to do two things – let the user know what went wrong, and give them options to fix it.

Suppressing FileMaker Dialogs

A FileMaker developer can suppress most of the native FileMaker dialogs that arise, and they can provide their own dialog for the user.

In scripting, the Set Error Capture [On] script step will suppress native FileMaker error dialogs. This does not mean that the error does not happen – simply that the dialog is not shown. This is useful when the error needs to be handled in a particular way.

One commonly captured error is that where no records are found. In many scripts, the Find process is built in and not actually performed by the user. So a message stating that no records were found would be confusing.

In that case, the developer can use script steps to test how many records were found and then act conditionally on the result. For example, it may be reasonable that if no records were found that a new record is created. This could be done without involving the user, or they could be shown a dialog stating what happened and giving them the option to create a new record.

Did you know?

The Get ( LastError ) function is used to retrieve FileMaker error codes. A commonly trapped error is 401, meaning “No records match the request”. When no error occurs, the error code is 0.

Many script steps provide the option to suppress the dialog. This is often used when the action should be automatic and the user would not necessarily know what settings to apply. Examples of script steps where the dialog might be off are Sort, Print Setup and Export Records. In these cases, required settings would be stored for each step. The Print step will usually present a dialog.

When you need to inform your user or get information from your user, dialogs are the way to go.

The A–Z of FileMaker: C

C is for container

Container is a field type.

When you build a database, most of your fields will likely be text fields. Other standard data field types are number, date, time and timestamp. Although each of these have subtleties in how they store and present data, they are fairly obvious in their usage.

Why use container fields?

Container fields exist to store files such as a picture, a video or a PDF file. Such files are often referred to as binary files (as opposed to text files). Although some of their contents may be read as text, the file usually requires interpretation to ‘read’ the contents.

As opposed to storing data such as a text string or a number, container fields allow us to store documents or files. This can be extremely useful in creating a store of files that can be searched and accessed within a database structure. Many people will find use for a document management solution that stores PDF copies of files.

Inserting

There are a few different ways you can use to get a file into a container field and container fields have additional native functionality on iOS devices.

On the desktop, you can insert a picture into a container by:

  • drag and drop
  • Insert > Picture…
  • Insert > File…

Either of the first two methods will display the picture in the container field; the last method will display only the file icon and name. Your choice will depend on your intended use of the file – most users will be storing pictures for viewing while using the database.

On iPhone and iPad devices, you can insert images directly from the camera or from the Photo Library. Container fields also allow you to scan and capture a bar code with the camera, or to capture a signature as an image using sign-on-glass.

PDF files can be stored and displayed such that they are interactive – you can scroll through a multi-page PDF in a container field and use tools to zoom and print. To do this, the PDF must be drag-dropped into the container )or use Insert > PDF…), and the container must be formatted on the layout to be interactive (see later section on Formatting).

Storage

By default, files are copied into a container field and stored in the database file itself. This has two implications:

  • the original file can be moved, edited, renamed or deleted without affecting the stored copy
  • the database file will get larger, by approximately the size of the file inserted

When using the Insert menu to insert a picture, file, media or PDF, there is an option in the dialog to “Store only a reference to the file”. If you check this option, FileMaker will create a link to the original file in the container field. This will keep the database file size smaller. The link is used when the container field is displayed. If the file linked is missing, an error is shown in the container field – “The file cannot be found: <file name>”. This could happen if the file was moved or renamed.

Container fields have special field options under Storage.

You can change the option to store container data externally. This means that all files are stored outside of the database file in a folder structure created and managed by the FileMaker client. The folder structure is usually next to the database file in the computer filing system (there are special locations on FileMaker Server for hosted files).

For external storage, there is a further option for secure storage  or open storage. Secure storage creates a complex filing structure based on UUIDs and also encrypts the files. Files can only be decrypted by the FileMaker client and the FileMaker database. Open storage creates a logical filing structure of file/table/field with the raw files inside.

If any externally stored file is altered, the container file will display an error that the file has been tampered with (see above image). This is a security feature.

Formatting

Container fields on a layout can be formatted through Data Formatting on the Data tab of the Inspector (see below). These formatting options affect the size of the image displayed, alignment in the container, and whether the container field instance is interactive (important for PDF display and video playback).

Export

If the user has access to the field, they can export the contents of a container field using Edit > Export Field Contents….

Calculations

There are some calculations which are useful when looking at container field contents. Calculations can be used to get information about the file in a container field.

GetContainerAttribute ( Table::Container; "all" )

returns a return-separated list of a lot of useful attributes of an image such as file name, storage type and file size. The attributes are grouped into categories and have name pairs. Use parsing techniques to extract any attribute data you need. An example of what is returned is shown here:

[General] 
Filename: chart-1.png 
Storage Type: File Reference 
MD5: 00AE673591301E56D2EDFDFC53D21280 
File Size: 2355 
Internal Size: 74 
External Size: 2355 
External Files: 1

You can also query a single attribute, so:

GetContainerAttribute ( Table::Container; "filename" )

will return just the named attribute. The file name can also be extracted using:

GetAsText ( Table::Container )

Where the file is stored as a reference, the above expression will return the file name and the stored file path as a return separated list. For example:

file:landscape.png
filemac:/Macintosh HD/Users/johndoe/Desktop/landscape.png

Another GetContainerAttribute is filesize, the file size in bytes, which can also be returned using:

Length ( Table::Container)

For photos, you can access metadata if it is stored in the file. This may include latitude and longitude of the photo location, and make and model of the camera.

For signatures captured on an iOS device, use the signed attribute to get the timestamp when the signature was inserted.

The GetThumbnail function is very useful to return a down sampled version of an image stored in a container field (calculation result is container). The function format is:

GetThumbnail ( sourceField ; fitToWidth ; fitToHeight )

This example will return an image one third the size of the original:

GetThumbnail ( picField ; 
               GetWidth ( picField ) / 3 ; 
               GetHeight ( picField ) / 3 )
Want to know more?

uLearnIT runs FileMaker training classes in Australia and New Zealand. See the FileMaker Training page for more details.

The A–Z of FileMaker: B

B is for Boolean

A Boolean value is either true or false.

A Boolean expression is one that produces a Boolean value when evaluated.

FileMaker Pro uses Boolean expressions in a number of areas – calculations, scripts and object formatting to name a few. When creating an expression to be evaluated by the FileMaker calculation engine, you may use functions that either use or return a Boolean result.

If function

The If function has the format:

If ( test ; result1 ; result2 )

The test is a Boolean expression. If it evaluates to true then result1 is returned, otherwise result2 is returned.

If ( Year (dateBirth) >= 1995; "Gen Z"; "Other")

The above example of an If expression will return the string “Gen Z” if the year of the date of birth for the record is greater than or equal to 1995; in all other cases, it will return the string “Other”.

Note that the FileMaker calculation engine also allows numeric results for the test where 0 (zero) is false and any non-zero numeric result is true.

DID YOU KNOW?

FileMaker provides the Case function for evaluating a series of tests.

If script step

The If script step has the structure:

If [ test ]

   # do script steps here if the test is true

Else

   # do script steps here if the test is false

End If

As for the If function, the test in the If script step should return a Boolean or a numeric result. If the test returns no data (null) or does not resolve into a number, then it evaluates to false.

IsEmpty

The IsEmpty function has the format:

IsEmpty ( field )

It is a Boolean function returning 1 (true) if the specified field is empty; otherwise it returns 0 (false).

In addition to specifying a field name, you could also provide a text or numeric expression for evaluation.

Boolean Operators

The FileMaker calculation engine provides Boolean operators (and, or, xor, not) to construct more complex logic in expressions.

For example, the test in a If function:

If ( isEmpty ( discount ) and salescount > 10; 0.1 ; 0 )

For the test to return a true result (and therefore the function to return 0.1), both the expressions (separated by the and operator) must be true.

Other areas of use

You can also find Boolean expressions in:

  • other functions – e.g. Case, Choose
  • other script steps – e.g. Exit Loop If
  • conditional formatting and visibility of layout objects
  • security – record level access controlling view, edit and delete
  • custom menus – conditional installation
Did you know?

FileMaker reserves the words true and false. Each of these returns what it says. So what would the following inane expression return? This or That?

If ( true and not false ; "This" ; "That" )

The A–Z of FileMaker: A

A is for Auto-Enter

When using a data field (text, number, date, etc.), you can set field options. The first set of these are for auto-entry of values in the field. In most cases, the auto-entered data will be entered in the field when a new record is created. In some cases, the data can be updated when the record is modified.

Although the interface uses checkboxes for the choices, these are mostly exclusive (you can only choose one). And that makes sense.

Challenge: Find the non-exclusive choice and investigate how that behaves when two separate auto-entry options are set.

Creation

Data is set when the record is created. Choose from date, time, timestamp, name or account name (depending on field type).

The date and time are from the client’s clock. Name is the user name from the client’s preferences. Account name is the currently logged in account.

Modification

The data will be set when the record is created and updated each time data in the record is modified and committed. Choose content as for creation.

Serial Number

Sets a incremental serial number when the record is either created or committed. The next value is specified and an increment set (usually 1).

The last numeric ‘word’ of the next value is incremented. For example, for an increment of 1:

  • 1999 increments to 2000
  • A001999Z increments to A002000Z
  • A001-999Z increments to A001-1000Z
  • 100.9 increments to 100.10
Value from last visited record

Enters the data from the same field from the last record where any field was entered (but data not necessarily changed).

Data

A defined data string up to 255 characters. Often used to set a default value for a field for new records e.g. set the Status field to Draft for new projects. If a conditional string is required, use a Calculated value (below).

Calculated value

A value returned by evaluating a calculation expression at the time of record creation. When the option for “Do not replace existing value (if any)” is unchecked, the expression may be re-evaluated.

Looked-up value

A value looked up from another related table and copied into the field. This option has largely been superseded by the more flexible Calculated value (above). However, it does provide the additional option of copying the next smaller or larger value if there is no exact match.

Prohibit modification during data entry

If checked, will prevent a user from modifying any value in a field by keyboard entry. The auto-entered value could still be modified by a script step or when the record is modified.

Start with FileMaker Starter Solutions

One of the most common ways to start a new FileMaker database is by using one of the starter solutions. There are two levels of starter solutions available – four simplified files and sixteen advanced solutions. Where do you get them and what is the difference?

The starter solution files that ship with FileMaker Pro can be accessed through File > Get Started…. Scrolling down, you will come to ‘Choose a Starter Solution’ and the four simplified files – Contacts, Inventory, Content Management and Tasks. Each of these files has a ‘Create from This Starter Solution’ button. Simply click to create the new file on your desktop.

Scroll further down to the ‘Explore the possibilities’ section and click the link to ‘See advanced solutions’.

One of the most commonly used starter solutions is Contacts – a solution designed to store details of people and the company they work for. This is available in both the simplified and advanced versions.

So what are the differences and which one should you use?

Layouts

Contacts simplified has seven layouts – a startup screen, and a form/list pair for each of desktop, tablet and phone devices. The layouts are reasonably simple constructions using the Tranquil themes. The tablet and phone layouts are sized correctly for proper display on these devices. For each pair of layouts (form and list), there are simple and intuitive navigation buttons to switch between form and list views.

Contacts advanced has eleven layouts including a form/list pair for web clients, one for labels and a contact list for printing. Most of the layouts have a more complex structure including objects formatted with conditional visibility, invisible slide panels with button navigation, and objects off the layout edge required for some scripted operations. This means that it will be much harder for a novice FileMaker developer to both understand how all the layout objects work and to be able to modify the structure to fit their needs.

Data Structure

Both files have a very simple data structure with just one table – Contacts. This means that each is effectively a flat file. If a FileMaker developer was to create a Contacts file from scratch, they might create it with more tables. For example, there might be a Company table to separately store company details and to be able to link multiple person records, and a Notes table for storing notes with timestamps and categories.

Although both files have a single table, the simplified file has 31 fields while the advanced file has 56 fields. The difference is in the number of calculation fields in the advanced file (with just two in the simplified file). The simplified file focusses on fields for data entry, while the advanced file does some clever data manipulation with various calculations. Again, this will be an area where a novice developer may have difficulty understanding how the calculations work and why they are there.

Scripts

Contacts advanced has more than 20 scripts, many of which are used with event triggers such as switching layouts and resizing screens. Contacts simplified has just four scripts – one to explain what scripts are, one when the file opens, one to sort the contact list, and one to deal with new records on mobile devices. For the novice developer, this means that Contacts simplified is more obvious with what is going on as you use it. In contrast, Contacts advanced may do a lot of things automatically which can be harder to work out how and why.

Recommendations

So which one is best for you? Simplified is best. Why?

If you are a novice FileMaker developer with a need for a well structured Contacts solution, then Contacts simplified will be a great starting point. You can explore the file and easily add and remove fields according to your needs. For example, you might want to remove the Fax field – who still has one of those?! The file is ready for an upgrade such as adding  new table and creating a relationship from Contacts when you learn how that is done. The Contacts table already has a primary key field, albeit a serial number, so that is a good start and best practice for all tables.

If you are a more advanced FileMaker developer, you may be tempted to jump in and use Contacts advanced. I would recommend not doing this. Instead, I would encourage you to get a copy of Contacts advanced and pull it apart to see exactly how it works. When you see features that you like, work out how they were built (which fields, layouts, scripts and trigger they use) and then build them into your file. So even you can start with Contacts simplified and gradually make it more complex to suit your requirements.

Mentoring Service

Did you know that uLearnIT offers FileMaker mentoring? We can help you online or in person to understand any area of FileMaker development and give you the tools to build your own solutions.

If you are starting from a FileMaker starter solution, we can help you to understand how it is built and how to modify it to suit your needs.

You can start with a half hour session to see how it works. If you are interested, send us a message through our Contact form.

Come and learn FileMaker Pro 15

Well it has been a lot of work but enrolments are open for our first FileMaker courses for 2017. These will be the entry level FileMaker Pro 15 classes running in Sydney and Melbourne in March.

Get Started with FileMaker Pro 15 is an introduction to FileMaker Pro and creating custom database solutions. It covers everything from creating a new solution, setting up data structure, customising the appearance, securing and deploying your file and more.

The course is two full days and has been written from scratch to cover the most important skills of a beginning FileMaker Pro developer.

Check the course schedule now and book your place.