Search Results

Search found 53054 results on 2123 pages for 'sql sample database'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 118/2123 | < Previous Page | 114 115 116 117 118 119 120 121 122 123 124 125  | Next Page >

  • Parameterized SQL statements vs. very simple method

    - by Philipp G
    When I started to write the first SQL-Statements in my programs I felt quite comfortable with protecting myself against SQL-Injection with a very simple method that a colleague showed me. It replaced all single quotes with two single quotes. So for example there is a searchfield in which you can enter a customername to search in the customertable. If you would enter Peter's Barbershop The SELECT Statement would look like SELECT * FROM Customers WHERE Customername = 'Peter''s Barbershop' If now an attacker would insert this: ';DROP TABLE FOO; -- The statement would look like: SELECT * FROM Customers WHERE Customername = ''';DROP TABLE FOO;--' It would not drop any table, but search the customertable for the customername ';DROP TABLE FOO;-- which, I suppose, won't be found ;-) Now after a while of writing statements and protecting myself against SQL-Injection with this method, I read that many developers use parameterized statements, but I never read an article where "our" method was used. So definitely there is a good reason for it. What scenarios would parameterized statements cover but our method doesn't? What are the advantages of parameterized statements compared to our method? Thanks Philipp

    Read the article

  • SQL Server (2005) Linked Server Issue

    - by David.Chu.ca
    I have SQL Server 2005 with several linked server defined. One of them is a connection to an Oracle server and another one is an ODBC bridge to another server on a remote machine (ODBC server). Recently I tried to use the linked server to Oracle to update data with two large size tables by using several joints. The update query took too long time and finally there was exception thrown: Update O set value = l.value FROM OracleServer..schema.largesizeTable O Join localLargeSizeTable l on .... The problem is that after the exception, I realized that another linked server to ODBC was not working any more. I had to restart SQL server to get the ODBC linked server back. It looks that the linked server pool could be crashed if any of them failed(not like sandbox in Chrome for each tab and no impact on other tabs or Chrome application at all). I am not sure if my assumption is correct or not. Is this a known issue of SQL server 2005?

    Read the article

  • What are the Pros & Cons of using SQL Azure for existing apps on dedicated servers

    - by Mark Redman
    We currently own our own servers, and rent a rack in a datacentre. Looking at the pricing, scalabilty and SLAs for Azure SQL, I am thinking that it might be viable to only use Azure SQL but continue to use our existing applications on our own servers in a datacentres. This will enable us to not worry about the database and its infrastructure so we can concentrate on building an application server farm with disk storeage for files etc. Our application is quite big and has various windows services and parts of it used unmanaged libraries that may not be feasible in the cloud, so probably coulnt have everything in the Azure cloud. The pros: Reduced Total Cost of ownership (no database servers, no sql server licenses) The Cons: I guess there would be overhead in the transfer of data between the Azure Cloud and our datacentre (ie cloud may be in US and datacentre is in the UK) but would this overhead be usable?

    Read the article

  • SQL Server Efficiently dropping a group of rows with millions and millions of rows

    - by Net Citizen
    I recently asked this question: http://stackoverflow.com/questions/2519183/ms-sql-share-identity-seed-amongst-tables (Many people wondered why) I have the following layout of a table: Table: Stars starId bigint categoryId bigint starname varchar(200) But my problem is that I have millions and millions of rows. So when I want to delete stars from the table Stars it is too intense on SQL Server. I cannot use built in partitioning for 2005+ because I do not have an enterprise license. When I do delete though, I always delete a whole category Id at a time. I thought of doing a design like this: Table: Star_1 starId bigint CategoryId bigint constaint rock=1 starname varchar(200) Table: Star_2 starId bigint CategoryId bigint constaint rock=2 starname varchar(200) In this way I can delete a whole category and hence millions of rows in O(1) by doing a simple drop table. My question is, is it a problem to have hundreds of thousands of tables in your SQL Server? The drop in O(1) is extremely desirable to me. Maybe there's a completely different solution I'm not thinking of?

    Read the article

  • How to control order of assignment for new identity column in mssql ?

    - by alpav
    I have a table with CreateDate datetime field default(getdate()) that does not have any identity column. I would like to add identity(1,1) field that would reflect same order of existing records as CreateDate field (order by would give same results). How can I do that ? I guess if I create clustered key on CreateDate field and then add identity column it will work (not sure if it's guaranteed), is there a good/better way ? I am interested in sql 2005, but I guess the answer will be the same for sql 2008, sql 2000.

    Read the article

  • How do I create queries to SQL Server tables via Visual Studio when no knowledge about SQL nor Linq?

    - by Kent S. Clarkson
    Let´s be frank, my knowledge regarding SQL language is very low. Nevertheless, my boss gave me the task to build a database application using the following tools: SQL Server and Visual Studio 2008; C#. I use the VS DataSet as a local mirror of the SQL Server. And let´s be frank again, my understanding of the VS Query builder is also very small, I´m finding it quite confusing, actually. So no help to find from Query builder. And my knowledge of Linq is even lower... Perhaps I should mention that the deadline for the project is "aggressively" set, so I have no chance to learn enough about these things during the project. And I´m a bit stupid too, which is no help when it comes to challenges like this (on other occations it might be quite useful though) With these permissions, what should I do (except for killing myself or retire) to be able to query my tables in a sufficient way?

    Read the article

  • Case insensitive string compare in LINQ-to-SQL

    - by BlueMonkMN
    I've read that it's unwise to use ToUpper and ToLower to perform case-insensitive string comparisons, but I see no alternative when it comes to LINQ-to-SQL. The ignoreCase and CompareOptions arguments of String.Compare are ignored by LINQ-to-SQL (if you're using a case-sensitive database, you get a case-sensitive comparison even if you ask for a case-insensitive comparison). Is ToLower or ToUpper the best option here? Is one better than the other? I thought I read somewhere that ToUpper was better, but I don't know if that applies here. (I'm doing a lot of code reviews and everyone is using ToLower.) Dim s = From row In context.Table Where String.Compare(row.Name, "test", StringComparison.InvariantCultureIgnoreCase) = 0 This translates to an SQL query that simply compares row.Name with "test" and will not return "Test" and "TEST" on a case-sensitive database.

    Read the article

  • How can I search for numbers in a varchar column

    - by dave
    I've got a simple nvarchar(25) column in an SQL database table. Most of the time, this field should contain alphanumeric text. However, due to operator error, there are many instances where it contains only a number. Can I do a simple search in SQL to identify these cases? That is, determine which rows in the table contain only digits in this column. As an extension, could I also search for those column values which contain only digits and a space and/or slash. In other languages (eg. Perl, Java) a regular expression would resolve this quickly and easily. But I haven't been able to find the equivalent in SQL.

    Read the article

  • IS NULL doesn't work as expected in SQL Server 2000 with no Service Pack on it

    - by user306825
    The following batch executed on different instances of SQL Server 2000 illustrates the problem. select @@version create table a (a int) create table b (b int) insert into a(a) values (1) insert into a(a) values (2) insert into a(a) values (3) insert into b(b) values (1) insert into b(b) values (2) select * from a left outer join (select 1 as test, b from b) as j on j.b = a.a where j.test IS NULL drop table a drop table b Output 1: Microsoft SQL Server 2000 - 8.00.194 (Intel X86) Aug 6 2000 00:57:48 Copyright (c) 1988-2000 Microsoft Corporation Developer Edition on Windows NT 6.1 (Build 7600: ) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) a test b ----------- ----------- ----------- (0 row(s) affected) Output 2: Microsoft SQL Server 2000 - 8.00.2039 (Intel X86) May 3 2005 23:18:38 Copyright (c) 1988-2003 Microsoft Corporation Developer Edition on Windows NT 5.2 (Build 3790: Service Pack 2) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) (1 row(s) affected) a test b ----------- ----------- ----------- 3 NULL NULL (1 row(s) affected) If someone encounters the same problem - make sure you have the SP installed!

    Read the article

  • SQL Server indexed view matching of views with joins not working

    - by usr
    Does anyone have experience of when SQL Servr 2008 R2 is able to automatically match indexed view (also known as materialized views) that contain joins to a query? for example the view select dbo.Orders.Date, dbo.OrderDetails.ProductID from dbo.OrderDetails join dbo.Orders on dbo.OrderDetails.OrderID = dbo.Orders.ID cannot be automatically matched to the same exact query. When I select directly from this view ith (noexpand) I actually get a much faster query plan that does a scan on the clustered index of the indexed view. Can I get SQL Server to do this matching automatically? I have quite a few queries and views... I am on enterprise edition of SQL Server 2008 R2.

    Read the article

  • SQL Server 2008, not enough disk space

    - by snorlaks
    Hello, I'm executing sql query on my database. I have SQL Server 2008 installed on my D harddrive which has 55 GB free space. I have also C drive which has sth like 150 MB free (right now). While executing that query on quite a big table (16 GB) I have an error: An error occurred while executing batch. Error message is: Not enough disk space. I would like to know if there is any possibility that I can make SQL Server to use D drive instead of C Or maybe there is any other problem with what I'm doing ? Thanks for help

    Read the article

  • C++ Access to SQL Server from Linux

    - by Meloun
    I need to write some data to SQL Server database from Linux in c++. I found this sqlapi.com But I think, at first ODBC driver has to be installed an has to work. I folowed this adminlife.net/allgemein/mssql-zugriff-unter-debian-etch-mit-unixodbc-und-freetds/ or this http://b.gil.megiteam.pl/2009/11/linux-odbc-to-mssql/ But it didnt work, the port 1433 seems to be closed ($ sudo nmap -PN -sU -p 1433 192.168.56.101 - port "filtered") isql -v sqlexpress sa - wait with no response or get "couldn't connect to sql" From other PC with Windows I have no problem to write data in SQL Server, so server should be right configured to remote access. any idea?

    Read the article

  • SQL - Joining multiple records to one record

    - by ho
    I've got a SQL Server database with the the following tables: Client (ClientID, ClientName) SalesAgent (AgentID, AgentName) Item (ItemID, Description) Purchase (PurchaseID, ClientID, Price) PurchaseSalesAgent (PurchaseID, AgentID) Each purchase is only ever one item to one client but there can have been multiple agents involved. I want to return the following list of columns: ClientName, Description, Price, Agents Where Agents is the names of all the agents involved in the purchase. Either as a comma separated list or as multiple columns with one agent in each. I'm looking for a way that's compatible with SQL Server 2000 but I'd also be interested in if there's a better way of doing it in SQL Server 2008.

    Read the article

  • SQL Express as a main DB

    - by JD
    Hi everyone, Does anyone out there use SQL Express 2008 R2 in a production environment? I am looking at hosting a Windows VPS as a server for a client software product I have developed. Clients connect to the server, send their data to a service running on the server, and the service updates the database. I'm trying to keep running costs down, and whilst I have a license for SQL Developer I obviously can't use this in a production environment. Would it be wise/possible to use SQL Express 2008, and if so why/why not? Thanks, JD

    Read the article

  • SQL Not Exists in this Query - is it possible

    - by jason barry
    This is my script - it simply looks for the image file associated to a person record. Now the error will display if there is NO .jpg evident when the query runs. Msg 4860, Level 16, State 1, Line 1 Cannot bulk load. The file "C:\Dev\ClientServices\Defence\RAN\Shore\Config\Photos\002054.2009469432270600.001.jpg" does not exist. Is there a way to write this query to 'IF not exists then set id_number = '002054.2009469432270427.001' - so it wil always display this photo for any records without a picture. ALTER procedure [dbo].[as_ngn_sp_REP_PH108_photo] (@PMKEYS nvarchar(50)) AS ---exec [as_ngn_sp_REP_PH108_photo] '8550733' SET NOCOUNT ON DECLARE @PATH AS NVARCHAR(255) DECLARE @ID_NUMBER NVARCHAR(27) DECLARE @SQL AS NVARCHAR(MAX) EXEC DB_GET_DB_SETTING'STAFF PICTURE FILE LOCATION', 0, @PATH OUTPUT IF RIGHT(@PATH,1) <> '\' SET @PATH = @PATH + '\' SELECT @ID_NUMBER = ID_NUMBER FROM aView_person WHERE EXTRA_CODE_1 = @PMKEYS SET @PATH = @PATH + @ID_NUMBER + '.jpg' SET @SQL = 'SELECT ''Picture1'' [Picture], BulkColumn FROM OPENROWSET(Bulk ''' + REPLACE(@PATH,'''','''''') + ''', SINGLE_BLOB) AS RAN' EXEC SP_EXECUTESQL @SQL

    Read the article

  • How to do a batch update?

    - by chobo2
    Hi I am wondering is there a way to do batch updating? I am using ms sql server 2005. I saw away with the sqlDataAdaptor but it seems like you have to first the select statement with it, then fill some dataset and make changes to dataset. Now I am using linq to sql to do the select so I want to try to keep it that way. However it is too slow to do massive updates. So is there away that I can keep my linq to sql(for the select part) but using something different to do the mass update? Thanks

    Read the article

  • Composite primary keys in N-M relation or not?

    - by BerggreenDK
    Lets say we have 3 tables (actually I have 2 at the moment, but this example might illustrate the thought better): [Person] ID: int, primary key Name: nvarchar(xx) [Group] ID: int, primary key Name: nvarchar(xx) [Role] ID: int, primary key Name: nvarchar(xx) [PersonGroupRole] Person_ID: int, PRIMARY COMPOSITE OR NOT? Group_ID: int, PRIMARY COMPOSITE OR NOT? Role_ID: int, PRIMARY COMPOSITE OR NOT? Should any of the 3 ID's in the relation PersonGroupRole be marked as PRIMARY key or should they all 3 be combined into one composite?? whats the real benefit of doing it or not? I can join anyways as far as I know, so Person JOIN PersonGroupRole JOIN Group gives me which persons are in which Groups etc. I will be using LINQ/C#/.NET on top of SQL-express and SQL-server, so if there is any reasons regarding language/SQL that might make the choice more clear, thats the platform I ask about. Looking forward to see what answers pops up, as I have thought of these primary keys/indexes many times when making combined ones.

    Read the article

  • sql server 2008, not enough disc space

    - by snorlaks
    Hello, Im executing sql query on my database. I have sql server 2008 installed on my D harddrive which has 55 GB free space. I have also C drive which has sth like 150 MB free (right now). While executing that query on quite a big table (16 GB) I have an error: An error occurred while executing batch. Error message is: Not enough disc space. I would like to know if there is any possibility that I can make Sql server to use D drive instead of C Or maybe there is any other problem with what Im doing ? Thanks for help

    Read the article

  • What are good alternatives to SQL (the language)?

    - by Brendan Long
    I occasionally hear things about how SQL sucks and it's not a good language, but I never really hear much about alternatives to it. So, are other good languages that serve the same purpose (database access) and what makes them better than SQL? Are there any good databases that use this alternative language? EDIT: I'm familiar with SQL and use it all the time. I don't have a problem with it, I'm just interested in any alternatives that might exist, and why people like them better. I'm also not looking for alternative kinds of databases (the NoSQL movement), just different ways of accessing databases.

    Read the article

  • How to save an order (permutation) in an sql db

    - by Bendlas
    I have a tree structure in an sql table like so: CREATE TABLE containers ( container_id serial NOT NULL PRIMARY KEY, parent integer REFERENCES containers (container_id)) Now i want to define an ordering between nodes with the same parent. I Have thought of adding a node_index column, to ORDER BY, but that seem suboptimal, since that involves modifying the index of a lot of nodes when modifying the stucture. That could include adding, removing, reordering or moving nodes from some subtree to another. Is there a sql datatype for an ordered sequence, or an efficient way to emulate one? Doesn't need to be fully standard sql, I just need a solution for mssql and hopefully postgresql EDIT To make it clear, the ordering is arbitrary. Actually, the user will be able to drag'n'drop tree nodes in the GUI

    Read the article

  • SQL Server column level security

    - by user46372
    I think I need some pointers on security in SQL Server. I'm trying to restrict some of our end users from getting access to certain columns (i.e. SSN) on a table. I thought I could just use column level security to restrict access to the columns. That successfully prevented users from accessing the table directly, but I was surprised that they could still get to those columns through a view that accessed that table. I followed the tips here: http://www.mssqltips.com/sqlservertip/2124/filtering-sql-server-columns-using-column-level-permissions/ Those were very helpful, but when I created a view at the end, the intern was able to access that column by default I've read that views are the best way to accomplish this, but I really don't want to go through and change all of the views and the legacy front-end application. I would rather just restrict it once on the table and if a view tries to access that column it would just fail. Is that possible or am I misunderstanding how security works in SQL Server?

    Read the article

  • Fetch users,logins and permissions and update the same

    - by user1490099
    Can any one please help me by giving a query or an idea which helps me? I am looking for a query which returns the users and logins in a sql server 2008 r2 instance. If some one has added/updated a user/permissions in next day- if we run a script it should revert all the changes to the previous day status. Let me give you an example On Wednesday the database security is fine On Thursday someone goes into the SQL instance and changes several database user security settings. This creates lots of problems. On Wednesday if we run a script on the SQL instance and it should reset the database user security back to what it was on Wednesday. Someone please help me in this regard, Its very urgent..............Please..........

    Read the article

  • Problem accessing MICROSOFT##SSEE database (Error: 18456, Severity: 14, State: 16.)

    - by Philipp Schmid
    After an unexpected server shutdown due to a power failure, I can no longer connect to the internal windows database MICROSOFT##SSEE which is hosting Central Admin for my SBS 2008 server. The log shows: Error: 18456, Severity: 14, State: 16. Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. [CLIENT: <named pipe>] I've tried to connect using the SQL Management studio (connecting to .pipemssql$microsoft##sseesqlquery) but no luck. The SQL Server Configuration Manager doesn't show a entry for 'Protocols for MICROSOFT##SSEE' (but shows it for 2 other database hosted on the same SQL server 2005 Express edition. I have tried to restore the master.ldf and mastlog.log files from a backup, but the issue persists.

    Read the article

  • Creating a test database with copied data *and* its own data

    - by Jordan Reiter
    I'd like to create a test database that each day is refreshed with data from the production database. BUT, I'd like to be able to create records in the test database and retain them rather than having them be overwritten. I'm wondering if there is a simple straightforward way to do this. Both databases run on the same server, so apparently that rules out replication? For clarification, here is what I would like to happen: Test database is created with production data I create some test records that I want to keep running on the test server (basically so I can have example records that I can play with) Next day, the database is completely refreshed, but the records I created that day are retained. Records that were untouched that day are replaced with records from the production database. The complication is if a record in the production database is deleted, I want it to be deleted on the test database too, so I do want to get rid of records in the test database that no longer exist in the production database, unless those records were created within the test database. Seems like the only way to do this would be to have some sort of table storing metadata about the records being created? So for example, something like this: CREATE TABLE MetaDataRecords ( id integer not null primary key auto_increment, tablename varchar(100), action char(1), pk varchar(100) ); DELETE FROM testdb.users WHERE NOT EXISTS (SELECT * from proddb.users WHERE proddb.users.id=testdb.users.id) AND NOT EXISTS (SELECT * from testdb.MetaDataRecords WHERE testdb.MetaDataRecords.pk=testdb.users.pk AND testdb.MetaDataRecords.action='C' AND testdb.MetaDataRecords.tablename='users' );

    Read the article

  • Problem accessing MICROSOFT##SSEE database (Error: 18456, Severity: 14, State: 16.)

    - by Philipp Schmid
    After an unexpected server shutdown due to a power failure, I can no longer connect to the internal windows database MICROSOFT##SSEE which is hosting Central Admin for my SBS 2008 server. The log shows: Error: 18456, Severity: 14, State: 16. Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. [CLIENT: <named pipe>] I've tried to connect using the SQL Management studio (connecting to .pipemssql$microsoft##sseesqlquery) but no luck. The SQL Server Configuration Manager doesn't show a entry for 'Protocols for MICROSOFT##SSEE' (but shows it for 2 other database hosted on the same SQL server 2005 Express edition. I have tried to restore the master.ldf and mastlog.log files from a backup, but the issue persists.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 114 115 116 117 118 119 120 121 122 123 124 125  | Next Page >