Search Results

Search found 38739 results on 1550 pages for 'sql security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 155/1550 | < Previous Page | 151 152 153 154 155 156 157 158 159 160 161 162  | Next Page >

  • doublechecking: no db-wide 'unicode switch' for sql server in the foreseeable future, i.e. like Orac

    - by user72150
    Hi all, I believe I know the answer to this question, but wanted to confirm: Question Does Sql server (or will it in the foreseeable future), offer a database-wide "unicode switch" which says "store all characters in unicode (UTF-16, UCS-2, etc)", i.e. like Oracle. The Context Our application has provided "CJK" (Chinese-Japanese-Korean) support for years--using Oracle as the db store. Recently folks have been asking for the same support in sql server. We store our db schema definition in xml and generate the vendor-specific definitions (oracle, sql server) using vendor-specific xsl. We can make the change easily. The problem is for upgrades. Generated scripts would need to change the column types for 100+ columns from varchar to nvarchar, varchar(max) to nvarchar(max), etc. These changes require dropping and recreating indexes and foreign keys if the any indexes/fk's exist on the column. Non-trivial. Risky. DB-wide character encodings for us would eliminate programming changes. (I.e. we would not to change the column types from varchar to nvarchar; sql server would correctly store unicode data in varchar columns). I had thought that eventually sql server would "see the light" and allow storing unicode in varchar/clob columns. Evidently not yet. Recap So just to triple check: does mssql offer a database-wide switch for character encoding? Will it in SQL2008R3? or 2010? thanks, bill

    Read the article

  • Migrating From SQL Server Server 7 To 2005, What should I get excited about?

    - by Jon P
    The company I work for has decided to join the 21st century and upgrade our main database cluster from SQL Server 7 to SQL Server 2005. As a web developer what new whiz-bang features of SQL Server 2005 should I get excited about or get to know? Currently I'm mainly writing CRUD style queries, pretty much exclusively using Stored Procdures for a mixed ASP.net and Classic ASP environment.

    Read the article

  • It's intellisense for SQL Server

    - by Nick Harrison
    It's intellisense for SQL Server Anyone who has ever worked with me, heard me speak, or read any of writings knows that I am a HUGE fan of Reflector.    By extension,  I am a big fan of Red - Gate   I have recently begun exploring some of their other offerings and came across this jewel. SQL Prompt is a plug in for Visual Studio and SQL Server Management Studio.    It provides several tools to make dealing with SQL a little easier for your friendly neighborhood developer. When you a query window in a database, the plugin kicks in and gathers the metadata for the database that you are in.    As you type a query, you get handy feedback like a list of tables after you type select.    You can select one of the tables, specify * and then tab to expand the select clause to include all of the columns from the selected table.    As you are building up the where clause, you are prompted by the names of columns in the selected tables. If you spend any time writing ad hoc queries or building stored procedures by hand, this can save you substantial time. If you are learning a new data model, this can greatly cut down on your frustration level. The other really cool thing here is Format SQL.   I have searched all over the place for a really good SQL formatter.    Badly formatted  SQL is so much harder to read than well formatted SQL.   Unfortunately, management studio offers no support for keeping your SQL well formatted.    There are many tools available to format your SQL.   Some work better than others.    Some don't work that well at all.   Most will give you some measure of control over how the formatted SQL looks.    SQL Prompt produces good results and is easy to configure. Sadly no tool is perfect, and what would we be without a wish list.    There are some features that I would like to see: Make it easier to paste SQL in and out of code.    Strip off string builder, etc Automate replacing hard coded values with bind variables or parameters In addition to reformatting SQL, which is a huge refactor, support for other SQL refactors would be nice.    Convert join to sub query and vice versa come to mind Wish list a side, this is a wonderful tool that easily saves me an hour or more on most weeks.

    Read the article

  • How can you become a competent web application security expert without breaking the law?

    - by hal10001
    I find this to be equivalent to undercover police officers who join a gang, do drugs and break the law as a last resort in order to enforce it. To be a competent security expert, I feel hacking has to be a constant hands-on effort. Yet, that requires finding exploits, testing them on live applications, and being able to demonstrate those exploits with confidence. For those that consider themselves "experts" in Web application security, what did you do to learn the art without actually breaking the law? Or, is this the gray area that nobody likes to talk about because you have to bend the law to its limits?

    Read the article

  • How do I get security updates for restricted/partner packages?

    - by laramichaels
    I want to perform just security updates on Ubuntu 12.04 LTS, keeping the rest of the system unchanged. I need to do this from the command line, no the GUI update manager. I have implemented the solution described here, which seems to work great for this purpose. I merely substituted 'precise' for 'lucid' given that I am on 12.04. My question is: by using apt pinning as described in that answer, will I still receive security updates for packages distributed through the "other" repositories - partner, restricted, multiverse, etc? Or will it only get me updates for the packages in the "core" distribution? thanks! ~l

    Read the article

  • Is this sufficient to prevent query injection while using SQL Server?

    - by Derek Adair
    Hi, I have recently taken on a project in which I need to integrate with PHP/SQL Server. I am looking for the quickest and easiest function to prevent SQL injection on SQL Server as I prefer MySQL and do not anticipate many more SQL Server related projects. Is this function sufficient? $someVal = mssql_escape($_POST['someVal']); $query = "INSERT INTO tblName SET field = $someVal"; mssql_execute($query); function mssql_escape($str) { return str_replace("'", "''", $str); } If not, what additional steps should I take?

    Read the article

  • How can I best geocode a table of addresses in SQL Server?

    - by ess
    I've got a SQL Server 2008 table with addresses. I've got some C# code that can individually geocode the addresses. I've got a Google Maps API for geocoding. Now I'm trying to figure out the most efficient way to use these resources. I could write a console app that manually updates the tables using my C# library, but the data I have is updated periodically. I will be performing an import routine of some sort and I'm thinking it would be 'simplest' to perform the geocoding as the import occurs. I'm not so strong on SQL Server capabilities, so I'm looking for advice. I've considered letting the import call an assembly I create that would be referenced in SQL Server, but read that Sql Server 2008 has made it virtually impossible to reference your own DLL. So my next guess is having the import call a web service to pass in the address and update the table with the results, but I've not had much luck in finding info on this method. Any advice?

    Read the article

  • SQL Azure Data Sync

    - by kaleidoscope
    The Microsoft Sync Framework Power Pack for SQL Azure contains a series of components that improve the experience of synchronizing with SQL Azure. This includes runtime components that optimize performance and simplify the process of synchronizing with the cloud. SQL Azure Data Sync allows developers and DBA's to: · Link existing on-premises data stores to SQL Azure. · Create new applications in Windows Azure without abandoning existing on-premises applications. · Extend on-premises data to remote offices, retail stores and mobile workers via the cloud. · Take Windows Azure and SQL Azure based web application offline to provide an “Outlook like” cached-mode experience. The Microsoft Sync Framework Power Pack for SQL Azure is comprised of the following: · SqlAzureSyncProvider · Sql Azure Offline Visual Studio Plug-In · SQL Azure Data Sync Tool for SQL Server · New SQL Azure Events Automated Provisioning Geeta

    Read the article

  • Are all "Important security updates", updates to already installed packages?

    - by Omnicomment
    I'm running 12.04, and I've never downloaded any drivers for the installation of any peripheral devices. Yet, I noticed a fair few "Important security updates" involving drivers/utilities for HP devices/software. I understand if the default installation of Ubuntu came with a set of drivers for these devices - and the update manager, having noticed that they live on my system, went and found newer versions, but still - given I don't use any devices - I'm either forced to download an irrelevant update, sift through the updates to check applicability, or turn off Update Manager altogether: none of which are desirable. First; the obvious - can someone confirm that the list of "Important security updates" on the server that Update manager connects to, is not actually populated with every patch ever written (i.e. for all Ubuntu packages regardless of whether they're installed or not)? Unlikely, but..

    Read the article

  • Windows 8 with LiveID login authenticates as Guest to remote SQl Server

    - by Tim Long
    I have a network where several users are using Office Accounting 2009 in multi-user client/server mode. OA is built on SQL Server. One PC acts as the 'server' and has the SQl Server instance, the others have only the application installed and no SQL instance, all of the apps connect remotely to the SQL instance on the 'server'. I'm using the term 'server' loosely here, it is just a normal workstation that happens to be designated as the server and runs the SQL instance. There is no NT domain, all user accounts are local accounts. The way that OA works in multi-user mode is that each user is required to have a local account with the same username and password on both the client and 'server' PCs. This has been working well, no along comes Windows 8. I use my 'Microsoft Account' aka LiveID to log into Windows 8. Office Accounting runs fine and attempts to connect to the database, but fails, 'you do not have permission to perform this operation'. In the SQL logs, I get this error: 2012-10-28 17:54:01.32 Logon Error: 18456, Severity: 14, State: 11. 2012-10-28 17:54:01.32 Logon Login failed for user 'SERVER\Guest'. Reason: Token-based server access validation failed with an infrastructure SERVER is the hostname of the server. So it seems to be authenticating as 'Guest'?? To verify this, I enabled the Guest account on the 'server' PC and then added Guest as an allowed user within Office Accounting (this simply creates the user in SQL and gives it an appropriate database role). Sure enough, My Windows 8 PC was then able to connect to the database when using Office Accounting. Clearly, having users authenticate as 'Guest' stinks from a security and auditing standpoint. So what I need are some ideas for how to work around this. I've tried switching the Windows 8 PC to a 'local account' and that works too, but requires giving up significant functionality on the Windows 8 PC. What I really need is a way to force the Windows 8 PC to use a specific set of credentials when connecting to the remote SQL instance. Office Accounting takes the logged in username, which is my LiveID and doesn't correspond to any Windows user name. Anyone solved this issue?

    Read the article

  • How can I stop SQL Server Management Studio replacing 'SELECT *' with the column list ?

    - by Ben McIntyre
    SQL Server Mgmt Studio is driving me crazy. If I create a view and SELECT '*' from a table, it's all OK and I can save the view. Looking at the SQL for the view (eg.by scripting a CREATE) reveals that the 'SELECT *' really is saved to the view's SQL. But as soon as I reopen the view using the GUI (right click modify), SELECT * is replaced with a column list of all the columns in the table. How can I stop Management Studio from doing this ? I want my 'SELECT *' to remain just that. Perhaps it's just the difficulty of googling 'SELECT *' that prevented me from finding anything remotely relevant to this (i did put it in double quotes). Please, I am highly experienced in Transact-SQL, so please DON'T give me a lecture on why I shouldn't be using SELECT *. I know all the pros and cons and I do use it at times. It's a language feature, and like all language features can be used for good or evil (I emphatically do NOT agree that it is never appropriate to use it). Edit: I'm giving Marc the answer, since it seems it is not possible to turn this behaviour off. Problem is considered closed. I note that Enterprise Manager did no similar thing. The workaround is to either edit SQL as text, or go to a product other than Managment Studio. Or constantly edit out the column list and replace the * every time you edit a view. Sigh.

    Read the article

  • Are there commercially deployed and used .NET CAS (Code Access Security) based applications?

    - by Dinis Cruz
    I've seen a couple threads here on SO that ask about what CAS is and how to use it.My specific is specifically focused on real-world usages of CAS. For example: DotNetNuke did some efforts in the past to be able to run under Medium Trust: is that still true? what is the % of DNN that run in partial trust (i.e. not full trust)? what & of DNN modules run in partial trust?) Sharepoint defaults to a Partially-Trusted environment on dlls executed from the bin folder: How many 'commercially' available WebParts can run in this bin folder (without changing the policy)? The key here is to be able to point to CAS success stories, so that other companies feel that they should also invest in writing CAS-enabled apps

    Read the article

  • How to convert lots of database file from MSSQL 2000 to MSSQL 2005?

    - by Tech
    Hi all, I am moving the SQL Server from MSSQL 2000 to MSSQL 2005, and I found the article in the web like this: http://www.aspfree.com/c/a/MS-SQL-Server/Moving-Data-from-SQL-Server-2000-to-SQL-Server-2005/ It works, but the problem is, it only move database one by one. Because I have so many database, is there any easy way to do so? or is there provides any batches / untitlty allow me to do so? thz u.

    Read the article

  • How to learn what the industry standards/expectations are, particularly with security?

    - by Aerovistae
    For instance, I was making my first mobile web-application about a year ago, and half-way through, someone pointed me to jQuery Mobile. Obviously this induced a total revolution in my app. Rewrote everything. Now, if you're in the field long enough, maybe that seems like common knowledge, but I was totally new to it. But this set me wondering: there are so many libraries and extensions and frameworks. This seems particularly crucial in the category of security. I'm afraid I'm going to find myself doing something in a professional setting eventually (I'm still a student) and someone's going to walk over and be like, My god, you're trying to secure user data that way? Don't you know about the Gordon-Wokker crypto-magic-hash-algorithms library? Without it you may as well go plaintext. How do you know what the best ways are to maximize security? Especially if you're trying to develop something on your own...

    Read the article

  • Peforming an Audit for SQL Server 2008

    - by Nai
    Hi all, Do you guys have any good step by step type links for performing an SQL Server 2008 Performance Audit? I know Brad McGehee has written extensively on this but for SQL Server 2005 over at http://www.sql-server-performance.com. But are any such articles for SQL Server 2008? Thanks!

    Read the article

  • SQL 2008 R2 Clustering options

    - by JacksOrBetter99
    I am looking to setup SQL 2008 R2 clustering on Windows Server 2008 R2. Can someone give me some options available for installing SQL Server clustering or best practices? I thought SQL had clustering built in, but after doing research, it looks like you first have to install Windows clustering and then install SQL on top of that.

    Read the article

  • How to convert lots of database file from MSSQL 2000 to MSSQL 2005?

    - by Tech
    Hi all, I am moving the SQL Server from MSSQL 2000 to MSSQL 2005, and I found the article in the web like this: http://www.aspfree.com/c/a/MS-SQL-Server/Moving-Data-from-SQL-Server-2000-to-SQL-Server-2005/ It works, but the problem is, it only move database one by one. Because I have so many database, is there any easy way to do so? or is there provides any batches / untitlty allow me to do so? thz u.

    Read the article

  • Would security be comprimised if I install a gui (e.g. zPanel) for LAMP?

    - by Kirk
    I am an Ubuntu/Linux noob. There are many questions I have regarding the use of my system as a server. First and foremost is security. I want to install a simple GUI (zPanel appears the most user friendly) that will allow others to log into the server and database with ease, similar to a hosting service, though my intent is for the development of one site. Upon looking at the instructions of numerous GUI's, they require installation as root. This makes me uneasy, as my thoughts spiral to the possibilities of the developers creating the elusive 'back-door', thereby giving them root access to my entire system. Am I just being paranoid or is that theoretically possible? If it is possible, what steps are necessary to ensure security?

    Read the article

  • How to upgrade to SQL 2008

    - by picflight
    What is the difference between SQL2008 and SQL2008 R2? Should I unintall SQL 2005 and install SQL 2008 Web Edition? Or Should I upgrade the SQL 2005 to SQL 2008 Web Edition? I will also need to make sure the Logins are transferred over as many of my web applications have a Login on SQL2005 server.

    Read the article

  • SQL Server service broker reporting as off when I have written a query to turn it on

    - by dotnetdev
    I have made a small ASP.NET website. It uses sqlcachedependency The SQL Server Service Broker for the current database is not enabled, and as a result query notifications are not supported. Please enable the Service Broker for this database if you wish to use notifications. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.InvalidOperationException: The SQL Server Service Broker for the current database is not enabled, and as a result query notifications are not supported. Please enable the Service Broker for this database if you wish to use notifications. Source Error: Line 12: System.Data.SqlClient.SqlDependency.Start(connString); This is the erroneous line in my global.asax. However, in sql server (2005), I enabled service broker like so (I connect and run the SQL Server service when I debug my site): ALTER DATABASE mynewdatabase SET ENABLE_BROKER with rollback immediate And this was successful. What am I missing? I am trying to use sql caching dependency and have followed all procedures. Thanks

    Read the article

  • What are the security implications of running untrusted code on my server?

    - by rahmu
    I would like to set up an app that allows users to send their code and execute it on my server. The thought of running untrusted code makes me cringe, so I am trying to set up an exhaustive list of security threats that should be addressed. I am assuming I should strip down certain features of the language executed, like file access or (maybe) networking. I also come across terms like sandboxing or chroot. I know what they mean, but how should I actually use them? In short: What security threats should I address before allowing users to run their code on my machine, and how do I do it?

    Read the article

  • Using IF in T-SQL weakens or breaks execution plan caching?

    - by AnthonyWJones
    It has been suggest to me that the use of IF statements in t-SQL batches is detrimental to performance. I'm trying to find some confirmation of this assertion. I'm using SQL Server 2005 and 2008. The assertion is that with the following batch:- IF @parameter = 0 BEGIN SELECT ... something END ELSE BEGIN SELECT ... something else END SQL Server cannot re-use the execution plan generated because the next execution may need a different branch. This implies that SQL Server will eliminate one branch entirely from execution plan on the basis that for the current execution it can already determine which branch is needed. Is this really true? In addition what happens in this case:- IF EXISTS (SELECT ....) BEGIN SELECT ... something END ELSE BEGIN SELECT ... something else END where it's not possible to determine in advance which branch will be executed?

    Read the article

  • Deployment of SQL Server: installing a second instance?

    - by Workshop Alex
    Simple problem. I'm working on a Delphi 2007/WIN32 application which now uses MS Access as simple data store. I have to modify it to support SQL Server Express, which is easy. These modifications are working so the application can be deployed using either SQL Server or MS Access. (Whatever the user prefers.) I did consider deploying the whole application together with the SQL Compact but this is not practicak. Using SQL Server Express 2008 instead of 2005 is an option, but also has a few nasty side-effects which we don't want to resolve for now. The problem is deploying the whole project. The installation with SQL Server would need a quiet installation so the user won't notice it. SQL Server is mentioned in the documentation so they know it's there. We just don't want to bother them with technical issues. In most cases, such an installation will go just fine. But what if the user already has an SQL Server (2005) installation which is used for something else? Personally, I would prefer to just install a second instance of SQL Server on their system so it won't conflict with the other installation. (Thus, if they uninstall the other app, the SQL instance will just stay installed.) While SQL Server 2005 and 2008 can be installed on the same system simply by using two different names for the instance, I wonder if it's also possible to install SQL Server 2005 twice on a single system to get two instances. And if possible, how?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 151 152 153 154 155 156 157 158 159 160 161 162  | Next Page >