Search Results

Search found 84007 results on 3361 pages for 'sql system table'.

Page 377/3361 | < Previous Page | 373 374 375 376 377 378 379 380 381 382 383 384  | Next Page >

• PHP - Using strcpsn() to protect against SQL injection?

  - by MichaelMitchell

  I am making a sort of form validation system and I need to check the SQL database to see if the username is already there. So, my question, is it effective to use a little if statement like this to protect against an attack? if (strcspn($string, "/\?!@#$%^&*()[]{}|:;<>,.\"\'-+=" == strlen($string)){ return true; } So essentially, if the string contains any of these characters, "/\?!@#$%^&*()[]{}|:;<>,.\"\'-+=", then the length will not equal that of the original $string. I am just wondering if this is sufficient to protect, or if there is more that I must do. Thanks.

  Read the article

• sql server db deployment script ignoring constraints etc until commit

  - by Daniel

  Hi all, I am planning on doing a database deployment script for sql server 2005. Currently we have a tool that will run all of the tables, foreign keys, indexes and then data, each of which is located in a separate file with a certain extension (eg. tab, .kci, .fky) and the tool just runs *.tab, *.kci, *.fky into the db etc. Could I possibly combine all of thse into one file and have them run ignoring referential integrity until they are all complete, I would turn it on before we started inserting test data. It is just unmanageable having to maintain 4 or 5 different types of scripts for one table. Are there any issues I should be aware of? Cheers

  Read the article

• PHP MySQL Syntax Error 'You have an error in your SQL syntax'

  - by Alec

  I cannot figure out the issue with my code here. I am trying to take info from the table, then subtract 1 second from Current_Time which looks like '2:00'. The problem is, I get: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Current_Time) VALUES('22')' at line 1" I don't even understand where it gets 22 from. Thanks, I really appreciate it. if (isset($_GET['id']) && isset($_GET['time'])) { mysql_select_db("aleckaza_pennyauction", $connection); $query = "SELECT Current_Time FROM Live_Auctions WHERE ID='1'"; $results = mysql_query($query) or die(mysql_error()); while ($row = mysql_fetch_array($results)) { $newTime = $row['Current_Time'] - 1; $query = "INSERT INTO Live_Auctions(Current_Time) VALUES('".$newTime."')"; $results = mysql_query($query) or die(mysql_error()); } }

  Read the article

• Database Engine not appearing in SQL Server listing

  - by Jonn

  I don't know if I'm searching for the wrong queries in google but I can't seem to find an answer to this. I have SQL Server 2008 installed in my pc and according to services.msc, I've got 2 database engines running: SQLEXPRESS (probably one that came along with Visual Studio) and MSSQLSERVER. When I try to connect only SQLEXPRESS is visible in the Server Name drop down list. I tried to explicitly state MSSQLSERVER by typing in MYPCNAME\MSSQLSERVER Didn't work. The best solution I could find in the internet was to enable stuff at Configuration Manager. Didn't work either (although I did find that TCP/VIA and all other options were disabled for MSSQLSERVER). Anyone have any other ideas on what I should try next or probably something that I overlooked?

  Read the article

• How do I generate optimized SQL with my (added) partial methods on LINQ entities

  - by Ra

  Let's say I have a Person table with a FirstName and LastName column. I extended the Person LINQ entity class with a get property "FullName", that concatenates the first and last names. A LINQ query like: from person... select fullName where id = x generates SQL selecting all Patient columns, since FullName is evaluated after firing the query. I would like to limit the select clause to only the 2 columns required. This is a simple example, but the limitation it shows is that I cannot isolate my business/formatting rules but have to embed them in the LINQ query, so they're not reusable (since it is in the select part) or I need select both columns separately, and then concatenate them higher up in the data or business layer with static helper methods. Any ideas for a clean design using the entity partial classes or extensions? Thanks

  Read the article

• Use a SELECT to Print a Bunch of INSERT INTOs

  - by Mikecancook

  I have a bunch of records I want to move to another database and I just want to create a bunch of inserts that I can copy and paste. I've seen someone do this before but I can't figure it out. I'm not getting the escapes right. It's something like this where 'Code', 'Description' and 'Absent' are the columns I want from the table. SELECT 'INSERT INTO AttendanceCodes (Code, Description, Absent) VALUES (' + Code + ',' + Description + ',' + Absent')' FROM AttendanceCodes The end result should be a slew of INSERTS with the correct values like this: INSERT INTO AttendanceCodes (Code, Description, Absent) VALUES ('A','Unverified Absence','UA')

  Read the article

• What SQL ORM may i use to replace this old code

  - by acidzombie24

  Sorry since this question is specific to my problem. While learning reflections i did a mini SQL ORM in a week then minor tweaks while using it for another week. Since it has very little work put into it, its really only compatibility with sqlite. I havent had problems with the code so far but i would like to port it to something that supports TSQL or MySql. The example code is here which is outdated but has the most used functions in my class. What library can i port that code over too with the smallest about of pain. Note that it must support foreign keys.

  Read the article

• Sum up values in SQL once all values are available

  - by James Brown

  I have events flowing into a MySQL database and I need to group and sum the events to transactions and store away into another table. The data looks like: +----+---------+------+-------+ | id | transid | code | value | +----+---------+------+-------+ | 1 | 1 | b | 12 | | 2 | 1 | i | 23 | | 3 | 2 | b | 34 | | 4 | 1 | e | 45 | | 5 | 3 | b | 56 | | 6 | 2 | i | 67 | | 7 | 2 | e | 78 | | 8 | 3 | i | 89 | | 9 | 3 | i | 90 | +----+---------+------+-------+ The events arrive in batches and I would like to create the transaction by summing up the values for each transid, like: select transid, sum(value) from eventtable group by transid; but only after all the events for that transid have arrived. That is determined by the event with the code e (b for the beginning, e for the end and i for varying amount of intermediates). Being a novice in SQL, how could I implement the requirement for the existance of the end code before the summing?

  Read the article

• How to Deal with SET ANSI_NULLS ON or OFF ?

  - by Shantanu Gupta

  I want to call this procedure that sends one value that can be NULL or any int value. SELECT DomainName, DomainCode FROM Tags.tblDomain WHERE SubDomainId =@SubDomainId I simply want to use this single query rather than what i m doing right now in below given code. I searched for this how could i do this then i got this Link. According to this I have to set ANSI_NULLS OFF I am not able to set this inside this procedure before executing my sql query and then reset it again after doing this. ALTER PROCEDURE [Tags].[spOnlineTest_SubDomainSelect] @SubDomainId INT AS BEGIN -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. SET NOCOUNT ON; -- Insert statements for procedure here IF @SubDomainId IS NULL SELECT DomainName, DomainCode FROM Tags.tblDomain WHERE SubDomainId IS NULL ELSE SELECT DomainName, DomainCode FROM Tags.tblDomain WHERE SubDomainId =@SubDomainId END What will be the better practice to do deal with ANSI_NULLS or Using If Else

  Read the article

• Linq to SQL and Realtime Data

  - by Jeremy

  I have an application that needs to constantly (every 50ms), call to an MVC action, and pickup/drop off data. I am using Linq to SQL and MVC because of how simple they are to implement, and I know that they aren't perfect when it comes to performance, but it works relatively well, but the best speed I can get with my current approach is 200ms (without requests overlapping). Each call to the site will create a new instance of the datacontext, query/insert it and return that data. Is there a way to have the datacontext static, but submitchanges say every 5 seconds, so that i am pretty much hitting an in-memory version of the data?

  Read the article

• SQL Analysis Services - Dimension attributes with a "many" cardinality

  - by MonkeyBrother

  I am creating a cube with the following tables: Customer CustomerID, Name Customer Rep CustomerID, RepID Rep RepID, Name The important thing here is that there is a many to many relationship between Reps and Customers. I want to be able to ask the question "How much sales for customers working with rep 'A'?" In the data source view i set up the relationships between both customerid columns and both repid columns. I set up the rep attribute in the dimension builder and when I try to build the cube I get this error: Errors in the high-level relationship engine. the 'Rep' table that is required for a join cannot be reached based on the relationships in the data source view.

  Read the article

• Large strings: Text files or SQL DB?

  - by Tommo

  I am coding a forum system using PHP. I am currently storing a threads ID, title, author, views and other attributes in an SQL database and then storing the thread body (the HTML and BBcode) in text files inside a folder named after the thread ID. In practise it's really simple to grab the database values then just grab the thread body from the text file, but I was wondering if this is the 'proper way'? I have personally no problems doing this but if it turns out it is massively inefficient and I should instead store both the thread body HTML and BBcode in the database instead then I will change. However, to me it seems wrong to store such a (very possibly) huge string of multi-line text along with lots of different characters in a database - I was taught that databases are more for short field 'values' rather than website content. I would just like a definitive answer to this because it's been bugging me for ages as to wherever I’ve been doing it properly. Does anyone know how popular forum systems store threads?

  Read the article

• Should i really use integer primary IDs [sql]

  - by arthurprs

  For example, i always generate an auto-increment field for the users table, but i also specifies an UNIQUE index on their usernames. There is situations that i first need to get the userId for a given username and then execute the desired query. Or use a JOIN in the desired query. It's 2 trips to the database or a JOIN vs. a varchar index The above is just an example There is a real performance benefit on INT over small VARCHAR indexes? Thanks in advance!

  Read the article

• Oracle - pl sql selecting from SYS_REFCURSOR

  - by Einstein

  I have a function that returns a SYS_REFCURSOR that has a single row but multiple columns. What I'm looking to do is to be able to have a SQL query that has nested sub-queries using the column values returned in the SYS_REFCURSOR. Alternative ideas such as types, etc would be appreciated. Code below is me writing on-the-fly and hasn't been validated for syntax. --Oracle function CREATE DummyFunction(dummyValue AS NUMBER) RETURN SYS_REFCURSOR IS RETURN_DATA SYS_REFCURSOR; BEGIN OPEN RETURN_DATA SELECT TO_CHAR(dummyValue) || 'A' AS ColumnA ,TO_CHAR(dummyValue) || 'B' AS ColumnB FROM DUAL; RETURN RETURN_DATA; END; --sample query with sub-queries; does not work SELECT SELECT ColumnA FROM DummyFunction(1) FROM DUAL AS ColumnA ,SELECT ColumnB FROM DummyFunction(1) FROM DUAL AS ColumnB FROM DUAL;

  Read the article

• Would like help with LOGON Trigger

  - by Risho

  I've created a logon trigger in MS SQL that needs to check dm_exec_sessions for a login. This login is the user listed in the connection string and has owner right to the database. If the login is verified, I need it to update a specific table and send an email. So far I've done just the following piece and it disabled my web site. The error I get is: "Logon failed for login 'dev' due to trigger execution. Changed database context to 'mydatabase'. Changed language setting to us_english." Any idea what I did wrong? Thanks, Risho CREATE TRIGGER TDY_Assets_Notification ON ALL SERVER WITH EXECUTE AS 'dev' FOR LOGON AS BEGIN IF ORIGINAL_LOGIN()='dev' AND (SELECT COUNT(*) FROM sys.dm_exec_sessions WHERE is_user_process = 1 AND original_login_name = 'dev') > 1 UPDATE Assets_TDY SET Suspense = 1, Warning = 1 WHERE (Date_Returned IS NULL) AND (GETDATE() >= DATEADD(day, 3, Date_Return)) END

  Read the article

• FreeText Query is slow - includes TOP and Order By

  - by Eric P

  The Product table has 700K records in it. The query: SELECT TOP 1 ID, Name FROM Product WHERE contains(Name, '"White Dress"') ORDER BY DateMadeNew desc takes about 1 minute to run. There is an non-clustered index on DateMadeNew and FreeText index on Name. If I remove TOP 1 or Order By - it takes less then 1 second to run. Here is the link to execution plan. http://screencast.com/t/ZDczMzg5N Looks like FullTextMatch has over 400K executions. Why is this happening? How can it be made faster?

  Read the article

• sql query with alias name

  - by Ranjana

  i have a table with this columns--- Or orgid ispaid validity noofthingstoTake 1 yes 2010-06-05 20 2 yes 2010-06-09 7 i have used this query(to join two more tableS): select distinct B.RequirementID,A.OrganizationID from Organization A,RequirementsDetailsforOrganization B,validityorgdet F where A.OrganizationID=B.OrganizationID and F.orgid=A.OrganizationID and F.ispaid=1 and F.validity>=GETDATE() and F.noofthingstoTake> ?? but i dont know how to check the (noofthingstaken) over here. it should not exceed 20. im passing this query from my code behind page to the Sql. how to get the query excute to check it should not exceed the noofthingstaken pls help me out....????

  Read the article

• GUID not being generated automatically when db.submitchanges()

  - by BlindingDawn

  I have a couple of tables I ported over to a new database. Everything is exactly the same from the legacy one to the new one. The back-end code that submits the user generated data to the database is also the same. When I submit changes to the database, all of the submitted information populates the correct columns but the column that stores the GUID populates with all 0's. When I enter in the columns manually using SQL Server Management Studio, the GUID gets populated as it does in the legacy version. Am I missing something?

  Read the article

• Is this SQL select code following good practice?

  - by acidzombie24

  I am using sqlite and will port to mysql (5) later. I wanted to know if I am doing something I shouldnt be doing. I tried purposely to design so I'll compare to 0 instead of 1 (I changed hasApproved to NotApproved to do this, not a big deal and I haven't written any code). I was told I never need to write a subquery but I do here. My Votes table is just id, ip, postid (I don't think I can write that subquery as a join instead?) and that's pretty much all that is on my mind. Naming conventions I don't really care about since the tables are created via reflection and is all over the place. select id, name, body, upvotes, downvotes, (select 1 from UpVotes where IPAddr=? AND post=Post.id) as myup, (select 1 from DownVotes where IPAddr=@0 AND post=Post.id) as mydown from Post where flag = '0' limit ?, ?"

  Read the article

• strange SQL Server attach database error

  - by George2

  Hello everyone, I am using SQL Server 2008 Enterprise with VSTS 2008, and I am developing a simple web application using ASP.Net and Forms Authentication. When I am using the configuration tool/menu of VSTS of my ASP.Net project (I want to use this tool to manually add some Forms authentication users), I met with the following error (SqlException), Trying to attach file D:\Projects\MyTest\App_Data\aspnetdb.mdf to automatically named database failed. It may be caused by existing the same name database, or may be caused by specified file can not be opened or caused by the specified file exists in UNC share. In my computer, there is no aspnetdb.mdf under dir D:\Projects\MyTest\App_Data, and I have used aspnet_regsql to generate database successfully before I run the configuration tool. Why there is such error? How to fix it? thanks in advance, George

  Read the article

• LINQ 2 SQL Insert Error

  - by Refracted Paladin

  I have the below LINQ method that I use to create the empty EmploymentPLan. After that I simply UPDATE. For some reason this works perfectly for myself but for my users they are getting the following error -- The target table 'dbo.tblEmploymentPrevocServices' of the DML statement cannot have any enabled triggers if the statement contains an OUTPUT clause without INTO clause. This application is a WinForm app that connects to a local SQL 2005 Express database. public static Guid InsertEmptyEmploymentPlan(int planID, string user) { using (var context = MatrixDataContext.Create()) { var empPlan = new tblEmploymentQuestionnaire { PlanID = planID, InsertDate = DateTime.Now, InsertUser = user, tblEmploymentJobDevelopmetService = new tblEmploymentJobDevelopmetService(), tblEmploymentPrevocService = new tblEmploymentPrevocService() }; context.tblEmploymentQuestionnaires.InsertOnSubmit(empPlan); context.SubmitChanges(); return empPlan.EmploymentQuestionnaireID; } }

  Read the article

• Mixing LINQ to SQL with properties of objects in a generic list

  - by BPotocki

  I am trying to accomplish something like this query: var query = from a in DatabaseTable where listOfObjects.Any(x => x.Id == a.Id) select a; Basically, I want to filter the results where a.Id equals a property of one of the objects in the generic list "listOfObjects". I'm getting the error "Local sequence cannot be used in LINQ to SQL implementation of query operators except the Contains() operator." Any ideas on how to filter this in an easily readable way using "contains" or another method? Thanks in advance.

  Read the article

• What is the most efficient way to read many bytes from SQL Server using SqlDataReader (C#)

  - by eccentric

  Hi everybody! What is the most efficient way to read bytes (8-16 K) from SQL Server using SqlDataReader. It seems I know 2 ways: byte[] buffer = new byte[4096]; MemoryStream stream = new MemoryStream(); long l, dataOffset = 0; while ((l = reader.GetBytes(columnIndex, dataOffset, buffer, 0, buffer.Length)) > 0) { stream.Write(buffer, 0, buffer.Length); dataOffset += l; } and reader.GetSqlBinary(columnIndex).Value The data type is IMAGE

  Read the article

• Separating data from the UI code with Linq to SQL entities

  - by Sir Psycho

  If it's important to keep data access 'away' from business and presentation layers, what alternatives or approaches can I take so that my LINQ to SQL entities can stay in the data access layer? So far I seem to be simply duplicating the classes produced by sqlmetal, and passing those object around instead simply to keep the two layers appart. For example, I have a table in my DB called Books. If a user is creating a new book via the UI, the Book class generated by sqlmetal seems like a perfect fit although I'm tightly coupling my design by doing so.

  Read the article

• Improve SQL strategy - denormalize in object-children-images case

  - by fesja

  Hi, I have a Tour object which has many Place objects. For the list of tours, I want to show some info of the tour, the number of places of the tour, and three Place's images. Right one my SQL queries are (i'm using Doctrine with Symfony on MySQL) get Tour get Tour 1 places get Tour 2 places get Tour 3 places ... get Tour n places If I have a three Tour list, it's not so bad; but I'm sure it can get bad if I do a 10-20 tour-list. So, thinking on how to improve the queries I've thought of several measures: Having a place count cache Storing the urls of three images on a new tour field. The problem with 2. is that if I change the image, I have to check all the tours to update that image for another one. What solution do you think is best to scale the system in a near future? Any other suggestion. thanks!

  Read the article

< Previous Page | 373 374 375 376 377 378 379 380 381 382 383 384  | Next Page >