Search Results

Search found 7116 results on 285 pages for 'nested queries'.

Page 189/285 | < Previous Page | 185 186 187 188 189 190 191 192 193 194 195 196  | Next Page >

• SQL Injection with Plain-Vanilla NHibernate

  - by James D

  Hello, Plain-vanilla NHibernate setup, eg, no fluent NHibernate, no HQL, nothing except domain objects and NHibernate mapping files. I load objects via: _lightSabers = session.CreateCriteria(typeof(LightSaber)).List<LightSaber>(); I apply raw user input directly to one property on the "LightSaber" class: myLightSaber.NameTag = "Raw malicious text from user"; I then save the LightSaber: session.SaveOrUpdate(myLightSaber); Everything I've seen says that yes, under this situation you are immune to SQL injection, because of the way NHibernate parameterizes and escapes the queries under the hood. However, I'm also a relative NHibernate beginner so I wanted to double-check. *waves hand* these aren't the droids you're looking for. Thanks!

  Read the article

• MS Analysis Services OLAP API for Python

  - by Kaloyan Todorov

  I am looking for a way to connect to a MS Analysis Services OLAP cube, run MDX queries, and pull the results into Python. In other words, exactly what Excel does. Is there a solution in Python that would let me do that? Someone with a similar question going pointed to Django's ORM. As much as I like the framework, this is not what I am looking for. I am also not looking for a way to pull rows and aggregate them -- that's what Analysis Services is for in the first place. Ideas? Thanks.

  Read the article

• SSRS report combine data sources and generate csv

  - by Nithin

  I am new to ssrs. I have a report that gets data from two databases. I can create two datasets that connect to two different databases. The databases are third party and I cannot create stored procedures on the databases. My issue is that I have to combine the data from the two queries. Please help me with this issue or point me to locations where I can find answers. Thanks in advance.

  Read the article

• Lucene search taking TOOO long.

  - by Josh Handel

  I;m using Lucene.net (2.9.2.2) on a (currently) 70Gig index.. I can do a fairly complicated search and get all the document IDs back in 1 ~ 2 seconds.. But to actually load up all the hits (about 700 thousand in my test queries) takes 5+ minutes. We aren't using lucene for UI, this is a datastore between processes where we have hundreds of millions of pre-cached data elements, and the part I am working on exports a few specific fields from each found document. (ergo, pagination doesn't make since as this is an export between processes). My question is what is the best way to get all of the documents in a search result? currently I am using a custom collector that does a get on the document (with a MapFieldSelector) as its collecting.. I've also tried iterating through the list after the collector has finished.. but that was even worse. I'm open to ideas :-). Thanks in advance.

  Read the article

• SQL-query task, decision?

  - by Sirius Lampochkin

  There is a table of currencies rates in MS SQL Server 2005: ID | CURR | RATE | DATE 1   | USD   | 30      | 01.10.2010 3   | GBP   | 45      | 07.10.2010 5   | USD   | 31      | 08.10.2010 7   | GBP   | 46      | 09.10.2010 9   | USD   | 32      | 12.10.2010 11 | GBP   | 48      | 03.10.2010 Rate are updated in real time and there are more than 1 billion rows in the table. It needs to write a SQL-query, wich will provide latest rates per each currency. My decision is: SELECT c.[id],c.[curr],c.[rate],c.[date] FROM [curr_rate] c, (SELECT curr, MAX(date) AS rate_date FROM [curr_rate] GROUP BY curr) t WHERE c.date = t.rate_date AND c.curr = t.curr ORDER BY c.[curr] ASC Is it possible to write a query without sub-queries and join's with derived tables?

  Read the article

• Surgical slave reads for Ruby on Rails, mulitple databases.

  - by Daniel

  Greetings, I'm currently working on a multiple database rails application. I want to off load the SELECT queries on to the slave databases for only SOME of the databases or specific models. The issue is that in places, we swap out the current database connection and put in a different one for a short time; to load fixtures or to handle sharding. Does anyone have any recommendations on a ruby gem that 1. will split select/(sql writes) with a considerable amount of control. We want to handle just some models and we are looking for a neat surgical fix. 2. does not monkey around with activerecord. 3. is still being maintained. TIA -daniel

  Read the article

• C# and MySQL .NET Connector - Any way of preventing SQL Injection attacks in a generic class?

  - by John M

  My idea is to create some generic classes for Insert/Update/Select via a C# (3.5) Winforms app talking with a MySQL database via MySQL .NET Connector 6.2.2. For example: public void Insert(string strSQL) { if (this.OpenConnection() == true) { MySqlCommand cmd = new MySqlCommand(strSQL, connection); cmd.ExecuteNonQuery(); this.CloseConnection(); } } Then from anywhere in the program I can run a query with/without user input by just passing a SQL query string. Reading around on SO is starting to give me the indication that this may lead to SQL injection attacks (for any user-input values). Is there anyway of scrubbing the inputted strSQL or do I need to go and create individual parameterized queries in every method that needs to do a database function?

  Read the article

• Hibernate Subquery and DetachedCriteria

  - by dawez

  I have created a DetachedCriteria that is retrieving estates that have the isApproved and isPublished set to true. It is defined in this way: DetachedCriteria activePublishedCriteria = DetachedCriteria.forClass(Estate.class) .add(Restrictions.eq("isApproved", true)) .add(Restrictions.eq("isPublished", true)) .setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY); I would like to reuse this criteria in some of the queries. In this case I would like to replace the isApproved and isPublished restrictions with the DetachedCriteria Criteria criteria = getSession().createCriteria(Estate.class) .createAlias("city", "c") .add(Restrictions.eq("c.id", cityID)) // the following 2 lines should be use the DetachedCriteria .add(Restrictions.eq("isApproved", true)) .add(Restrictions.eq("isPublished", true)) .setProjection(Projections.rowCount()); return (Integer) criteria.list().get(0); Is there a way to do this ? Tried to use .add.Subqueries.geAll(.... But cannot make it work properly. I could not find proper documentation on the Subqueries in Hibernate. Tips are welcomed.

  Read the article

• custom MSSQL driver

  - by hoodoos

  I had a crazy thought about writing my own MSSQL driver to make it work something like non-blocking http client, so it won't be thread thirsty and could handle lots of db queries within one thread. I tried to look over google for some guidelines about implementing MSSQL client protocol, but found none really, where do those guys get information about it when they write own implementations for PHP or python? I need a really low level to be documented so I can implement all phases of working with a connection through sockets. And would be really nice to have a an example in c# langauge. :)

  Read the article

• iPhone facebook connect FQL Query to get Profile URL.

  - by user306641

  Hai. I am using Face book Connect FQL Queries to extract my profile photo url that is src_big,src_small URL. But i am always getting the empty array in below delegate (void)request:(FBRequest*)request didLoad:(id)result My FQL query is. NSString* fql = [NSString stringWithFormat:@"SELECT src_big,src_small FROM photo WHERE pid IN (SELECT cover_pid FROM album WHERE owner =%lld AND name ='Profile Pictures')", session.uid]; NSDictionary* params = [NSDictionary dictionaryWithObject:fql forKey:@"query"]; [[FBRequest requestWithDelegate:self] call:@"facebook.fql.query" params:params]; But - (void)request:(FBRequest*)request didLoad:(id)result always return the empty result. Can any one please correct me if there any mistake.

  Read the article

• Django : json serialize a queryset which uses defer() or only()

  - by PlanetUnknown

  Now I've been using json serializer and it works great. I had to modify my queries where I started using the only() & defer() filters, like so - retObj = OBJModel.objects.defer("create_dt").filter(loged_in_dt__gte=dtStart) After I've done the above, suddenly the json serializer is returning empty fields - {"pk": 19047, "model": "OBJModel_deferred_create_dt", "fields": {}} If I remove the defer(), the serializer gives all the data correctly. import json from django.utils import simplejson from django.core import serializers json_serializer = serializers.get_serializer("json")() retObj = OBJModel.objects.defer("create_dt").filter(loged_in_dt__gte=dtStart) json_serializer.serialize(retObj, ensure_ascii=False) I've scratched my head on this for a while now. Any insight would be great. NOTE : I am using django 1.1

  Read the article

• Array of previous weeks

  - by azz0r

  Hello, I am trying to create an array of weeks for users to select to view stats week on week. What I'm looking for is an array that has the timestamp of week start (monday 00.00 to sunday 11.59) that I can then use in MYSQL queries. Has anyone got an code that might assist? I was thinking of doing something like: $number_of_weeks = 4; $week_array = array(); foreach ($number_of_weeks as $week) { $number_of_weeks--; $value = $number_of_weeks * 604800; $StartOfLastWeek = 6 + date("w",mktime()); $week_array[$number_of_week]['start'] = date('Y-m-d', strtotime("-$StartOfLastWeek day"), $value); $week_array[$number_of_week]['end'] = date('Y-m-d', strtotime("-$StartOfLastWeek day"), $value+ 604800); }

  Read the article

• SQL Select Permissions

  - by Brandi

  I have a database that I need to connect to and select from. I have an SQL Login, let's call it myusername. When I use the following, no SELECT permission shows up: SELECT * FROM fn_my_permissions ('dbo.mytable', 'OBJECT') GO Several times I tried things like: USE mydatabase GO GRANT SELECT TO myusername GO GRANT SELECT ON DATABASE::mydatabase TO myusername GO GRANT SELECT ON mytable TO myusername GO It says the queries execute successfully, but there is never any difference in the first query. What simple thing am I missing to grant database level select permissions. As a note, I made double sure it was the correct user, correct database, and I have already tried granting table level select permissions. So far I keep getting the error: SELECT permission denied on object 'mytable', database 'mydatabase', schema 'dbo'. Any ideas what I'm missing? Thanks in advance.

  Read the article

• Database on the fly with scripting languages

  - by afilatun

  I have a set of .csv files that I want to process. It would be far easier to process it with SQL queries. I wonder if there is some way to load a .csv file and use SQL language to look into it with a scripting language like python or ruby. Loading it with something similar to ActiveRecord would be awesome. The problem is that I don't want to have to run a database somewhere prior to running my script. I souldn't have additionnal installations needed outside of the scripting language and some modules. My question is which language and what modules should I use for this task. I looked around and can't find anything that suits my need. Is it even possible?

  Read the article

• Using MySQL as data source in Microsoft SQL Server Analysis Services

  - by coldilocks

  Hi, I have installed the latest .net connector (http://www.mysql.com/downloads/connector/net/), I can add MySQL databases as Data Sources, I can even browse through the data from Business Intelligence Studio. The problem is that I CANNOT create a datasource view, or if I do create one without tables, trying to add them after the fact gives me the same error. Specifically it looks like the data source view wizard tries to submit queries against the MySQL database using square brackets/braces, and the query bombs. I get an error message like: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[my_db].[cheatType]' at line 2 So, in summary, has anyone been able to create a data source view using MySQL tables and, if so, can they please show me how this can be done. Thanks for any help!

  Read the article

• mysql partitioning

  - by Yang

  just want to verify that database partition is implemented only at the database level, when we query a partitioned table, we still do our normal query, nothing special with our queries, the optimization is performed automatically when parsing the query, is that correct? e.g. we have a table called 'address' with a column called 'country_code' and 'city'. so if i want to get all the addresses in New York, US, normally i wound do something like this: select * from address where country_code = 'US' and city = 'New York' if now the table is partitioned by 'country_code', and i know that now the query will only be executed on the partition which contains country_code = US. My question is do I need to explicitly specify the partition to query in my sql statement? or i still use the previous statement and the db server will optimize it automatically? Thanks in advance!

  Read the article

• Probability distribution for sms answer delays

  - by Thomas Ahle

  I'm writing an app using sms as communication. I have chosen to subscribe to an sms-gateway, which provides me with an API for doing so. The API has functions for sending as well as pulling new messages. It does however not have any kind of push functionality. In order to do my queries most efficient, I'm seeking data on how long time people wait before they answer a text message - as a probability function. Extra info: The application is interactive (as can be), so I suppose the times will be pretty similar to real life human-human communication. I don't believe differences in personal style will play a big impact on the right times and frequencies to query, so average data should be fine.

  Read the article

• Automating WebTrends analysis

  - by tridium

  Every week I access server logs processed by WebTrends (for about 7 profiles) and copy ad clickthrough and visitor information into Excel spreadsheets. A lot of it is just accessing certain sections and finding the right title and then copying the unique visitor information. I tried using WebTrends' built-in query tool but that is really poorly done (only uses a drag-and-drop system instead of text-based) and it has a maximum number of parameters and maximum length of queries to query with. As far as I know, the tools in WebTrends are not suitable to my purpose of automating the entire web metrics gathering process. I've gotten access to the raw server logs, but it seems redundant to parse that given that they are already being processed by WebTrends. To me it seems very scriptable, but how would I go about doing that? Is screen-scraping an option?

  Read the article

• Profiling statements inside a User-Defined Function

  - by Craig Walker

  I'm trying to use SQL Server Profiler (2005) to track down some application performance problems. One of the calls being made is to a table-valued user-defined function. This function wraps a select that joins several tables together. In SQL Server Profiler, the call to the UDF is logged. However, the select that underlies the UDF isn't being logged at all. Because of this, I'm not getting useful data on which tables & indexes are being hit. I'd like to feed this info into the Database Tuning Advisor for some indexing advice. Is there any way (short of unwrapping the queries themselves) to log the tables called by UDFs in Profiler?

  Read the article

• combining two select statements to return one result

  - by DalivDali

  I need to combine the results for two select queries from two view tables, from which I am performing calculations. Perhaps there is an easier way to perform a query using if...else - any pointers? Essentially I need to divide everything by 'ar.time_ratio' under the condition in sql query 1, and ignore that for query 2. SELECT gs.traffic_date, gs.domain_group, gs.clicks/ar.time_ratio as 'Scaled_clicks', gs.visitors/ar.time_ratio as 'scaled_visitors', gs.revenue/ar.time_ratio as 'scaled_revenue', (gs.revenue/gs.clicks)/ar.time_ratio as 'scaled_average_cpc', (gs.clicks)/(gs.visitors)/ar.time_ratio as 'scaled_ctr', gs.average_rpm/ar.time_ratio as 'scaled_rpm', (((gs.revenue)/(gs.visitors))/ar.time_ratio)*1000 as "Ecpm" FROM group_stats gs, v_active_ratio ar WHERE ar.group_id=gs.domain_group and SELECT gs.traffic_date, gs.domain_group, gs.clicks, gs.visitors, gs.revenue, (gs.revenue/gs.clicks) as 'average_cpc', (gs.clicks)/(gs.visitors) as 'average_ctr', gs.average_rpm, ((gs.revenue)/(gs.visitors))*1000 as "Ecpm" FROM group_stats gs, v_active_ratio ar where not ar.group_id=gs.domain_group

  Read the article

• Using one sqlconnection/sqlcommand through 2 DB-bound methods

  - by dotnetdev

  I have a class with a method which gets data from a database through a SELECT stored proc. This method uses a SqlDbReader by returning ExecuteReader() on a SqlCommand. The connection and everything is made in this method, with fields (such as connection string) set as class level fields. I now need to populate an array based on the results of this query (so the columns of each row will go into the array with its own index). However, this query will not select all of the data from one table which is involved. I can write the queries to get what I need, but how can I use one connection throughout the class? If I instantiate the connection object and call Open() in the constructor, I get an exception @ runtime. I'm hoping for something like this: // At class level: sqlconn.Open(); // sqlcommand set up Method() { // Fire stored proc // Insert results in a collection } Method2() { // Pass same collection in (use same one), // Add new row columns into same collection } How can I do this with strict performance in mind? Thanks

  Read the article

• How to pass the parameter in SQL query from PowerShell

  - by Zshava

  I have this code in PowerShell, that executes SQL query for UPDATE table: $Connection=new-object data.sqlclient.sqlconnection "server=server;database=mydb;trusted_connection=true;" $Connection.open() For( $i = 0; $i -le $ActID.Length; $i ++ ){ $cmd = New-Object System.Data.SqlClient.SqlCommand $cmd.Connection = $Connection $cmd.CommandText = " update Table set Note = @PATH " $cmd.Parameters.Add("@PATH", $ActID[$i].Values) | Out-Null $cmd.ExecuteNonQuery() } I try to update table with variable defined in this string: $cmd.Parameters.Add("@PATH", $ActID[$i].Values) | Out-Null But when i try to execute script, error log says that there is no value passed in $ActID[$i] Is there other methods to pass parameters (variables) in powershell queries?

  Read the article

• MySql select by column value. Separeta operator for columns.

  - by andy

  Hi all, i have a mysql table like this +-----+---------+-----------+-----------------+-------+ | id | item_id | item_type | field_name | data | +-----+---------+-----------+-----------------+-------+ | 258 | 54 | page | field_interests | 1 | | 257 | 54 | page | field_interests | 0 | | 256 | 54 | page | field_author | value | +-----+---------+-----------+-----------------+-------+ And, I need build query like this SELECT * FROM table WHERE `field_name`='field_author' AND `field_author.data` LIKE '%jo%' AND `field_name`='field_interests' AND `field_interests.data`='0' AND `field_name`='field_interests' AND `field_interests.data`='1' This is sample query. MySql can't do queries like that. I mean than SELECT * FROM table WHERE name='jonn' AND name='marry' will return 0 rows. Cant anybody help me. Thanks.

  Read the article

• Subsonic linq using activerecord very slow compared to simplerepository

  - by skiik

  Anyone know anything about why linq queries are about 6 times slower when querying using active record vs simplerepository? The below code runs 6 times slower than when i query the data using a simple repository. This code is executed 1000 times in a loop Thanks in advance string ret = ""; // if (plan == null) { plan =VOUCHER_PLAN.SingleOrDefault(x => x.TENDER_TYPE == tenderType); } if (plan == null) throw new InvalidOperationException("voucher type does not exist." + tenderType); seq = plan.VOUCHER_SEQUENCES.First(); int i = seq.CURRENT_NUMBER; seq.CURRENT_NUMBER += seq.STEP; seq.Save();

  Read the article

• Using LINQ to query database through a proxy server of some kind?

  - by Mustafakidd

  Hey All Sorry for using (perhaps) the wrong lingo, but my question may be clearer if you view this diagram as you read it. http://dl.dropbox.com/u/13256/DIAGRAM.PNG Our client is requiring us to adhere to the server configuration (poorly) diagrammed in the above image. The web server is accessible over port 80 and is where our web application is hosted - a second firewall permits this web server to access a second server which in turn is the only server permitted to access the database server. My question is: How do I deploy a web application that uses LINQ-to-SQL in this environment? Is there a way to proxy my LINQ queries through the app server so that the database connection goes through that server? This is uncharted territory for me, as we always have had access to the DB server directly from our web server in the past. Any help is appreciated. Thanks Mustafa

  Read the article

< Previous Page | 185 186 187 188 189 190 191 192 193 194 195 196  | Next Page >