Earlier in this chapter, we mentioned that Access 2010 has trusted and not trusted macro actions. As you might recall from Chapter 2, the Trust Center settings in the Access Options dialog box control whether Access disables certain content in your database. If your database is not trusted, Access might silently disable any potentially malicious macros or Visual Basic for Applications (VBA) code depending upon the Trust Center settings you enabled or disabled. So, what exactly is a malicious macro? In Microsoft’s terms, a malicious macro runs an action that could potentially do harm to your computer or files, such as deleting a file.
Access 2010 separates client macro actions into two categories—those that will run in any database, even in a database that is not trusted (trusted macros), and those that can run only in a database that is trusted (not trusted macros). Note that if you select Enable All Macros in the Trust Center Macro Settings section (not recommended by Microsoft), Access treats all macro actions as trusted even when the database is not trusted. (In Chapter 21, you’ll learn that all web macro actions are trusted.)
Note
If you are in a corporate network environment, you should check with your IT department to determine whether your company has established guidelines concerning enabling content in Access databases.
Access 2010 recognizes 27 client macro actions as potentially unsafe to run in a database that is not trusted. Seven of the actions are not trusted only when you select certain arguments. Table 20-1 lists the client macro actions that Access will run only when the database is trusted. The Comments column lists special cases that depend on the arguments you choose or an alternative trusted method you can use.
Table 20-1. Macro Actions That Are Not Trusted
Comments | |
|---|---|
CloseWindow | Setting the Save argument to Prompt is trusted. |
CopyObject | |
DeleteObject | |
Echo | |
ImportExportData | |
ImportExportSpreadsheet | |
ImportExportText | |
ImportSharePointList | |
OpenForm | Setting the View argument to Design or Layout is not trusted. |
OpenQuery | Setting the View argument to Design is not trusted. |
OpenReport | Setting the View argument to Print, Design, or Layout is not trusted. |
OpenSharePointList | |
OpenSharePointRecycleBin | |
OpenTable | Setting the View argument to Design is not trusted. |
OpenVisualBasicModule | |
PrintOut | |
QuitAccess | Setting the Options argument to Prompt is trusted. |
RenameObject | |
RunApplication | |
RunMenuCommand | Commands that affect objects in Design or Layout view are not trusted. |
RunSavedImportExport | |
RunSQL | |
SaveObject | |
SendKeys | |
SetValue | Use the trusted SetProperty action instead of SetValue to change the Enabled, Visible, Locked, Left, Top, Width, Height, Fore Color, Back Color, and Caption properties of forms, reports, or controls. |
SetWarnings | |
ShowToolbar |
Inside Out: Using Older Macro Action Names
In Access 2010, some macro actions from previous versions of Access have been renamed. For example, the TransferText macro action is now named ImportExportText, and the MsgBox action is now named MessageBox. If you open a database created in an earlier version of Access in Access 2010, you’ll see the new macro action name displayed on the macro design surface. If you type the older macro name in the Add New Action combo box and press Enter, Access displays the action on the macro design surface. However, you’ll note that Access displays the new action name on the action block. Your existing macros created in previous versions will run in Access 2010, but you should use the new action names when designing new macros. See Article 6 on the companion CD for a list of older macro names and their new equivalents in Access 2010.
Note that when you select a client macro action or argument that is not trusted, Access displays an exclamation mark in the upper-left corner of the action block on the macro design surface. Access also displays an exclamation mark to the left of any untrusted action names displayed in the Action Catalog, as shown in Figure 20-27. When you’re designing your macros, you can use these visual aides to easily see whether any of your client macro actions will not run in a database that is not trusted.
