Search Results

Search found 8267 results on 331 pages for 'insert'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 157/331 | < Previous Page | 153 154 155 156 157 158 159 160 161 162 163 164  | Next Page >

  • Does using the converting input from HTML forms into htmlentities protect attacks invoving JavaScrip

    - by racl101
    Hi everyone, I was wondering if converting POST input from an HTML form into html entities, (via the PHP function htmlentities() or using the FILTER_SANITIZE_SPECIAL_CHARS constant in tandem with the filter_input() PHP function ), will help defend against any attacks where a user attempts to insert any JavaScript code inside the form field or if there's any other PHP based function or tactic I should employ to create a safe HTML form experience? Sorry for the loaded run-on sentence question but that's the best I could word it in a hurry. Any responses would be greatly appreciated and thanks to all in advance. racl101

    Read the article

  • Restoring multiple database backups in a transaction

    - by Raghu Dodda
    I wrote a stored procedure that restores as set of the database backups. It takes two parameters - a source directory and a restore directory. The procedure looks for all .bak files in the source directory (recursively) and restores all the databases. The stored procedure works as expected, but it has one issue - if I uncomment the try-catch statements, the procedure terminates with the following error: error_number = 3013 error_severity = 16 error_state = 1 error_message = DATABASE is terminating abnormally. The weird part is sometimes (it is not consistent) the restore is done even if the error occurs. The procedure: create proc usp_restore_databases ( @source_directory varchar(1000), @restore_directory varchar(1000) ) as begin declare @number_of_backup_files int -- begin transaction -- begin try -- step 0: Initial validation if(right(@source_directory, 1) <> '\') set @source_directory = @source_directory + '\' if(right(@restore_directory, 1) <> '\') set @restore_directory = @restore_directory + '\' -- step 1: Put all the backup files in the specified directory in a table -- declare @backup_files table ( file_path varchar(1000)) declare @dos_command varchar(1000) set @dos_command = 'dir ' + '"' + @source_directory + '*.bak" /s/b' /* DEBUG */ print @dos_command insert into @backup_files(file_path) exec xp_cmdshell @dos_command delete from @backup_files where file_path IS NULL select @number_of_backup_files = count(1) from @backup_files /* DEBUG */ select * from @backup_files /* DEBUG */ print @number_of_backup_files -- step 2: restore each backup file -- declare backup_file_cursor cursor for select file_path from @backup_files open backup_file_cursor declare @index int; set @index = 0 while(@index < @number_of_backup_files) begin declare @backup_file_path varchar(1000) fetch next from backup_file_cursor into @backup_file_path /* DEBUG */ print @backup_file_path -- step 2a: parse the full backup file name to get the DB file name. declare @db_name varchar(100) set @db_name = right(@backup_file_path, charindex('\', reverse(@backup_file_path)) -1) -- still has the .bak extension /* DEBUG */ print @db_name set @db_name = left(@db_name, charindex('.', @db_name) -1) /* DEBUG */ print @db_name set @db_name = lower(@db_name) /* DEBUG */ print @db_name -- step 2b: find out the logical names of the mdf and ldf files declare @mdf_logical_name varchar(100), @ldf_logical_name varchar(100) declare @backup_file_contents table ( LogicalName nvarchar(128), PhysicalName nvarchar(260), [Type] char(1), FileGroupName nvarchar(128), [Size] numeric(20,0), [MaxSize] numeric(20,0), FileID bigint, CreateLSN numeric(25,0), DropLSN numeric(25,0) NULL, UniqueID uniqueidentifier, ReadOnlyLSN numeric(25,0) NULL, ReadWriteLSN numeric(25,0) NULL, BackupSizeInBytes bigint, SourceBlockSize int, FileGroupID int, LogGroupGUID uniqueidentifier NULL, DifferentialBaseLSN numeric(25,0) NULL, DifferentialBaseGUID uniqueidentifier, IsReadOnly bit, IsPresent bit ) insert into @backup_file_contents exec ('restore filelistonly from disk=' + '''' + @backup_file_path + '''') select @mdf_logical_name = LogicalName from @backup_file_contents where [Type] = 'D' select @ldf_logical_name = LogicalName from @backup_file_contents where [Type] = 'L' /* DEBUG */ print @mdf_logical_name + ', ' + @ldf_logical_name -- step 2c: restore declare @mdf_file_name varchar(1000), @ldf_file_name varchar(1000) set @mdf_file_name = @restore_directory + @db_name + '.mdf' set @ldf_file_name = @restore_directory + @db_name + '.ldf' /* DEBUG */ print 'mdf_logical_name = ' + @mdf_logical_name + '|' + 'ldf_logical_name = ' + @ldf_logical_name + '|' + 'db_name = ' + @db_name + '|' + 'backup_file_path = ' + @backup_file_path + '|' + 'restore_directory = ' + @restore_directory + '|' + 'mdf_file_name = ' + @mdf_file_name + '|' + 'ldf_file_name = ' + @ldf_file_name restore database @db_name from disk = @backup_file_path with move @mdf_logical_name to @mdf_file_name, move @ldf_logical_name to @ldf_file_name -- step 2d: iterate set @index = @index + 1 end close backup_file_cursor deallocate backup_file_cursor -- end try -- begin catch -- print error_message() -- rollback transaction -- return -- end catch -- -- commit transaction end Does anybody have any ideas why this might be happening? Another question: is the transaction code useful ? i.e., if there are 2 databases to be restored, will SQL Server undo the restore of one database if the second restore fails?

    Read the article

  • MySQL function: Rotate old entries to archive table

    - by confiq
    Hi, I'm looking for the function that will take rows older then X days and put it in archive table... Was thinking to make function so it will be easer to execute... something like CREATE TABLE archive_NUMBER_OF_WEEK (...); INSERT INTO archive_NUMBER_OF_WEEK SELECT * FROM content WHERE DATE < X days; DELETE * FROM content WHERE DATE < X days RENAME TABLE content TO content_backup, content_temp TO content; Will post when I finish it :)

    Read the article

  • Why empty String is treated as null in oracle?

    - by GK
    We are using empty string in DB2 database for some business logic. but when the same record tried to insert into the Oracle it throws some not null property references to null value error. that is oracle treats empty string as null. So i am wondering why it is like that. and if there is a requirement of storing empty string how to do that on oracle?

    Read the article

  • Notification in case of data changes in SQL and Oralce

    - by user171523
    I am in the process of building a system where i need to notify a Window Service a .net based application in case of any change in the DB table (Insert , Update , Delete). I know this can be done with the ADO.NET Events in SQL. Is there any common solution for Oracle and SQL which can provide this kind of notifications. This needs to happen as and when the update happens on real time basis.

    Read the article

  • PHP and MySql trouble

    - by Espen Arnoy
    I am having trouble making this seemingly simple MySql query work. Can anyone spot the problem? <?php include "config.php"; $offerid = $_POST["offerid"]; $ip = $_SERVER["REMOTE_ADDR"]; mysql_query("INSERT INTO voted (offerid,ip) VALUES (".$offerid.",".$ip.")"); ?>

    Read the article

  • paypal ipn working but stopping at 'thank you' page.

    - by Tarique Imam
    I am using the code for controller(CODEIGNITER): function paypal_tran(){ if (empty($_GET['action'])){ $_GET['action'] = 'process';} if($this-uri-segment ( 3 )){ $action=$this-uri-segment ( 3 ); } else{ $action='process'; } $ammount=39.99; $this-lenders_model-paypal_process($action,$this_script,$ammount); $this-load-view('view_paypal_tran'); } function ipn(){ if ($this->paypal_class->validate_ipn()) { $data = array( 'fname'=> 'fname', /* insert the user id */ 'lname'=>'lname' ); //$this->db->insert('ajax_test',$data); // For this example, we'll just email ourselves ALL the data. $subject = 'Instant Payment Notification - Recieved Payment'; $to = '[email protected]'; // your email $body = "An instant payment notification was successfully recieved\n"; $body .= "from ".$p->ipn_data['payer_email']." on ".date('m/d/Y'); $body .= " at ".date('g:i A')."\n\nDetails:\n"; foreach ($this->paypal_class->ipn_data as $key => $value) { $body .= "\n$key: $value"; } mail($to, $subject, $body); } } function success() { $this->load->view('paypal_succ_view'); } AND this is my model: function paypal_process($action,$this_script,$ammount){ switch ($action) { case 'process': // Process and order... // There should be no output at this point. To process the POST data, // the submit_paypal_post() function will output all the HTML tags which // contains a FORM which is submited instantaneously using the BODY onload // attribute. In other words, don't echo or printf anything when you're // going to be calling the submit_paypal_post() function. // This is where you would have your form validation and all that jazz. // You would take your POST vars and load them into the class like below, // only using the POST values instead of constant string expressions. // For example, after ensureing all the POST variables from your custom // order form are valid, you might have: // // $p->add_field('first_name', $_POST['first_name']); // $p->add_field('last_name', $_POST['last_name']); $this->paypal_class->add_field('business', '[email protected]'); $this->paypal_class->add_field('return', $this_script.'/success'); $this->paypal_class->add_field('cancel_return', $this_script.'/cancel'); $this->paypal_class->add_field('notify_url', $this_script.'/ipn'); $this->paypal_class->add_field('item_name', 'Lenders Account for one month'); $this->paypal_class->add_field('amount', $ammount); $this->paypal_class->submit_paypal_post(); // submit the fields to paypal $this->paypal_class->dump_fields(); // for debugging, output a table of all the fields break; PROBLEM IS IPN IS NOT WORKING. THE HIDDEN FIELD HAS VALUE FOR REDIRECT TO IPN, BUT NOT WORKING!!PLS HELP

    Read the article

  • How to declare a variable in SQL Server and use it in the same Stored Procedure

    - by Nicklas
    Im trying to get the value from BrandID in one table and add it to another table. But I can't get it to work. Anybody know how to do it right? CREATE PROCEDURE AddBrand AS DECLARE @BrandName nvarchar(50), @CategoryID int, @BrandID int SELECT @BrandID = BrandID FROM tblBrand WHERE BrandName = @BrandName INSERT INTO tblBrandinCategory (CategoryID, BrandID) VALUES (@CategoryID, @BrandID) RETURN

    Read the article

  • boost multi_index_container and erase performance

    - by rjoshi
    I have a boost multi_index_container declared as below which is indexed by hash_unique id(unsigned long) and hash_non_unique transaction id(long). Insertion and retrieval of elements is fast but when I delete elements, it is much slower. I was expecting it to be constant time as key is hashed. e.g To erase elements from container for 10,000 elements, it takes around 2.53927016 seconds for 15,000 elements, it takes around 7.137100068 seconds for 20,000 elements, it takes around 21.391720757 seconds Is it something I am missing or is it expected behavior? class Session { public: Session() { //increment unique id static unsigned long counter = 0; boost::mutex::scoped_lock guard(mx); counter++; m_nId = counter; } unsigned long GetId() { return m_nId; } long GetTransactionHandle(){ return m_nTransactionHandle; } .... private: unsigned long m_nId; long m_nTransactionHandle; boost::mutext mx; .... }; typedef multi_index_container< Session*, indexed_by< hashed_unique< mem_fun<Session,unsigned long,&Session::GetId> >, hashed_non_unique< mem_fun<Session,unsigned long,&Session::GetTransactionHandle> > > //end indexed_by > SessionContainer; typedef SessionContainer::nth_index<0>::type SessionById; int main() { ... SessionContainer container; SessionById *pSessionIdView = &get<0>(container); unsigned counter = atoi(argv[1]); vector<Session*> vSes(counter); //insert for(unsigned i = 0; i < counter; i++) { Session *pSes = new Session(); container.insert(pSes); vSes.push_back(pSes); } timespec ts; lock_settime(CLOCK_PROCESS_CPUTIME_ID, &ts); //erase for(unsigned i = 0; i < counter; i++) { pSessionIdView->erase(vSes[i]->getId()); delete vSes[i]; } lock_gettime(CLOCK_PROCESS_CPUTIME_ID, &ts); std::cout << "Total time taken for erase:" << ts.tv_sec << "." << ts.tv_nsec << "\n"; return (EXIST_SUCCESS); }

    Read the article

  • Python: Cannot concatenate str and NoneType objects

    - by Chase Higgins
    sql = """ INSERT INTO [SCHOOLINFO] VALUES( '""" + self.accountNo + """', '""" + self.altName + """', '""" + self.address1 + """', '""" + self.address2 + """', '""" + self.city + """', '""" + self.state + """', '""" + self.zipCode + """', '""" + self.phone1 + """', '""" + self.phone2 + """', '""" + self.fax + """', '""" + self.contactName + """', '""" + self.contactEmail + """', '""" + self.prize_id + """', '""" + self.shipping + """', '""" + self.chairTempPass + """', '""" + self.studentCount + """' ) """; I have the following code and Python keeps throwing the error that it cannon concatenate strings and nonetype objects. The thing is I have verified every variable here is in fact a string and is not null. I have been stuck on this for quite some time today, and any help would be greatly appreciated.

    Read the article

  • NHibernate MySQL Mapping Set Column Type

    - by LnDCobra
    In my MySQL database, I have the following column type. Field | Type | Null | ---------------------------------- Column_priv | set('Select','Insert','Update','References') | No | And I cannot figure out what to map this to. Can anyone tell me how I can map this to something?

    Read the article

  • Where to put default-servlet-handler in Spring MVC configuration

    - by gigadot
    In my web.xml, the default servlet mapping, i.e. /, is mapped to Spring dispatcher. In my Spring dispatcher configuration, I have DefaultAnnotationHandlerMapping, ControllerClassNameHandlerMapping and AnnotationMethodHandlerAdapter which allows me to map url to controllers either by its class name or its @Requestmapping annotation. However, there are some static resources under the web root which I also want spring dispatcher to serve using default servlet. According to Spring documentation, this can be done using <mvc:default-servlet-handler/> tag. In the configuration below, there are 4 candidate locations that I marked which are possible to insert this tag. Inserting the tag in different location causes the dispatcher to behave differently as following : Case 1 : If I insert it at location 1, the dispatcher will no longer be able to handle mapping by the @RequestMapping and controller class name but it will be serving the static content normally. Cas 2, 3 : It will be able to handle mapping by the @RequestMapping and controller class name as well as serving the static content if other mapping cannot be done successfully. Case 4 : It will not be able to serve the static contents. Therefore, Case 2 and 3 are desirable .According to Spring documentation, this tag configures a handler which precedence order is given to lowest so why the position matters? and Which is the best position to put this tag? <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd"> <context:annotation-config/> <context:component-scan base-package="webapp.controller"/> <!-- Location 1 --> <!-- Enable annotation-based controllers using @Controller annotations --> <bean id="annotationUrlMapping" class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping"/> <!-- Location 2 --> <bean id="controllerClassNameHandlerMapping" class="org.springframework.web.servlet.mvc.support.ControllerClassNameHandlerMapping"/> <!-- Location 3 --> <bean id="annotationMethodHandlerAdapter" class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter"/> <!-- Location 4 --> <mvc:default-servlet-handler/> <!-- All views are JSPs loaded from /WEB-INF/jsp --> <bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/> <property name="prefix" value="/WEB-INF/jsp/"/> <property name="suffix" value=".jsp"/> </bean> </beans>

    Read the article

  • Login and Redirect

    - by xRobot
    This is my login views: def login(request): redirect_to = request.REQUEST.get("next") if request.method == 'POST': formL = LoginForm(data=request.POST) if formL.is_valid(): if not redirect_to or '//' in redirect_to or ' ' in redirect_to: redirect_to = "/blogs/" from django.contrib.auth import login login(request, formL.get_user()) if request.session.test_cookie_worked(): request.session.delete_test_cookie() return HttpResponseRedirect(redirect_to) else: formL = LoginForm(request) request.session.set_test_cookie() return render_to_response('blogs.html', { 'formL': formL, }, context_instance=RequestContext(request)) login = never_cache(login) When I go, for example, to example.com/myblog/ then I have been redirect to example.com/accounts/login/?next=/myblog/ but when I insert user and psw for login then I have been redirect to /blogs/ and not /myblog/ Why ?

    Read the article

  • Text viewing in a delimited space

    - by Maurizio Reginelli
    I need to visualize a text into a delimited space. If I add a simple TextBlock I have a problem: when the text is longer than the available space, it is cropped at the end. I tried to insert the TextBlock inside a Viewbox: this solution works for a text longer than the available space, but increase the size of the text when it is shorter. Is there a way to reduce the size of the text only when it is longer than the available space?

    Read the article

  • Formating Contents in RSS

    - by shoaibmohammed
    Hi, I'm making a RSS 2.0 feed powered by PHP & MySQL. I would like to know how to make simple formatting in the contents like Line Breaks, Bold, Italics, Links, Images. When I try to insert a <br> in the database for a newline, the feed reader is displaying it as Invalid Feed. Please help Thanks

    Read the article

  • How to designing a generic databse whos layout may change over time?

    - by mawg
    Here's a tricky one - how do I programatically create and interrogate a database who's contents I can't really foresee? I am implementing a generic input form system. The user can create PHP forms with a WYSIWYG layout and use them for any purpose he wishes. He can also query the input. So, we have three stages: a form is designed and generated. This is a one-off procedure, although the form can be edited later. This designs the database. someone or several people make use of the form - say for daily sales reports, stock keeping, payroll, etc. Their input to the forms is written to the database. others, maybe management, can query the database and generate reports. Since these forms are generic, I can't predict the database structure - other than to say that it will reflect HTML form fields and consist of a the data input from collection of edit boxes, memos, radio buttons and the like. Questions and remarks: A) how can I best structure the database, in terms of tables and columns? What about primary keys? My first thought was to use the control name to identify each column, then I realized that the user can edit the form and rename, so that maybe "name" becomes "employee" or "wages" becomes ":salary". I am leaning towards a unique number for each. B) how best to key the rows? I was thinking of a timestamp to allow me to query and a column for the row Id from A) C) I have to handle column rename/insert/delete. Foe deletion, I am unsure whether to delete the data from the database. Even if the user is not inputting it from the form any more he may wish to query what was previously entered. Or there may be some legal requirements to retain the data. Any gotchas in column rename/insert/delete? D) For the querying, I can have my PHP interrogate the database to get column names and generate a form with a list where each entry has a database column name, a checkbox to say if it should be used in the query and, based on column type, some selection criteria. That ought to be enough to build searches like "position = 'senior salesman' and salary 50k". E) I probably have to generate some fancy charts - graphs, histograms, pie charts, etc for query results of numerical data over time. I need to find some good FOSS PHP for this. F) What else have I forgotten? This all seems very tricky to me, but I am database n00b - maybe it is simple to you gurus?

    Read the article

  • how to ignore already checked checkboxes in vb.net / asp.net ?

    - by user559800
    If i have 3 asp.net checkboxes in my asp.net webform namely : CheckBox1, Checkbox2, Checkbox3 and a textbox namely textbox1 If Checkbox1.text ="1" Checkbox2.text ="2" Checkbox3.text ="3" I WANT : if checkbox1 is already checked ... if checkbox is remain checked and even after i check checkbox2 and checkbox3 then the output in textbox would be 2,3 ..... by ignoring already checked checkbox text ... LOGIC I WANT : Ignore already check checkboxes and insert recent checkbox text to textbox1 as comma seperated string ... How to do that ?

    Read the article

  • IBM Informix using spatial datablade

    - by changed
    I need to use IBM Informix for my project where I have point coordinates and I need to find which points are present in query rectangular region. Informix has spatial datablade module with ST_POINT and ST_POLYGON data objects. I know how to create, insert and create r-tree index on tables with such objects. But problem is how to do a SELECT statement, something which list all the points in a particular rectangular region.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 153 154 155 156 157 158 159 160 161 162 163 164  | Next Page >