The sensible way is to do it as John wrote - to restrict access rights to everyone except admin to calling functions only. That way the functions are written by the people who are paid to understand the business rules and the data behind it, and the application developers can ask those experts to do the heavy lifting for them. Having to persuade management that they should no longer be able to connect the database to MS Access and make changes that way will usually put an end to that pure model, though. :)
Allowing PHBs direct access to company data is a nasty thing. They become like some users who "know Excel". They are now just as knowledgeable as someone who's been doing this for years. I've actually heard one say something akin to: "Damn it, I can write Excel formulas. I know very well that an new function on the web site could be written in less than a day, if you'd just get off you a$$ and do it."
Geoff
--
The unfacts, did we have them, are too imprecisely few to warrant our certitude.
