update timeusernew set user_name="blahblah" ; where assoc_id > 3000would normally be done within a form, and the user that is making the update will not necessarily know about the protected data rule stored in the DBC, which is also keeping the user from changing anything with a value over 5000. If I change the command window code to:
update timeusernew set user_name="blahblah" ; where assoc_id > 3000 and assoc_id < 5000then what I'm doing is putting the security logic on the end-user side of things, which I am trying to avoid.