Search Results

Search found 18695 results on 748 pages for 'query manipulation'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 387/748 | < Previous Page | 383 384 385 386 387 388 389 390 391 392 393 394  | Next Page >

  • Input array is longer than the number of columns in this table

    - by Adam
    I've recently started to use SQLite and began to integrate it into a C# project I'm working on. However, randomly my project will throw the exception: Input array is longer than the number of columns in this table I'm having a hard time trying the trace the problem because it seems to be thrown on a random basis. DataTable table = new DataTable(); //exception is thrown here table = Global.db.ExecuteQuery("SELECT * FROM vm_manager"); Some of the data that gets returned from this query is as follows: http://i.imgur.com/9rlLN.png If anyone has any advice, I'd be grateful. EDIT: I'm unable to show the execute query function as it resides inside a dll from the following sql lite wrapper http://www.codeproject.com/KB/database/cs_sqlitewrapper.aspx

    Read the article

  • C# and MySQL .NET Connector - Any way of preventing SQL Injection attacks in a generic class?

    - by John M
    My idea is to create some generic classes for Insert/Update/Select via a C# (3.5) Winforms app talking with a MySQL database via MySQL .NET Connector 6.2.2. For example: public void Insert(string strSQL) { if (this.OpenConnection() == true) { MySqlCommand cmd = new MySqlCommand(strSQL, connection); cmd.ExecuteNonQuery(); this.CloseConnection(); } } Then from anywhere in the program I can run a query with/without user input by just passing a SQL query string. Reading around on SO is starting to give me the indication that this may lead to SQL injection attacks (for any user-input values). Is there anyway of scrubbing the inputted strSQL or do I need to go and create individual parameterized queries in every method that needs to do a database function?

    Read the article

  • Expression Tree

    - by nettguy
    My understanding of expression tree is : Expression trees are in-memory representation of expression like arithmetic or boolean expression.The expressions are stored into the parsed tree.so we can easily transalate into any other language. Linq to SQL uses expression tree.Normally in LINQ to SQL query the compiler translates it into parsed expression trees.These are passed to Sql Server as T-SQL Statements.The Sql server executes the T-SQL query and sends down the result back.That is why when you execute LINQ to SQL you gets IQueryable<T> not IEnumetrable<T>.Because IQuerybale contains public IQueryable:IEnumerable { Type Element {get;} Expression Expression {get;} IQueryaleProvider Provider {get;} } Questions : Microsoft uses Expression trees to play with LINQ-to-Sql.What are the different ways can i use expression trees to boost my code. Apart from LINQ to SQL,Linq to amazon ,who used expression trees in their applications? Linq to Object return IEnumerable,Linq to SQL return IQueryable ,What does LINQ to XML return?

    Read the article

  • .Net opening and closing database connections

    - by Dan
    I designed the data access portion of our framework so that every time a business object needs to interact with the database it would have to open a connection, invoke the data access layer (to execute the query), and then close the connection. Then if it needed to run in a transaction it would open the connection, begin the transaction, invoke the data access layer (to execute the query) and then commit the transaction, close the transaction, and finally close the connection. I did it this way with the mindset of open late and close early... but what if I needed to call other BO's to submit data in a single transaction? Is there a better way to handle opening and closing connections as well as working with transactions? I'm a rookie in designing application architecture so I hope I'm not doing this wrongly... any help is appreciated.

    Read the article

  • SQL bottleneck, how to fix

    - by masfenix
    This is related to my previous thread: http://stackoverflow.com/questions/3069806/sql-query-takes-about-10-20-minutes However, I kinda figured out the problem. The problem (as described in the previous thread) is not the insert (while its still slow), the problem is looping through the data itself Consider the following code: Dim rs As DAO.Recordset Dim sngStart As Single, sngEnd As Single Dim sngElapsed As Single Set rs = CurrentDb().QueryDefs("select-all").OpenRecordset MsgBox "All records retreived" sngStart = Timer Do While Not rs.EOF rs.MoveNext Loop sngEnd = Timer sngElapsed = Format(sngEnd - sngStart, "Fixed") ' Elapsed time. MsgBox ("The query took " & sngElapsed _ & " seconds to run.") As you can see, this loop does NOTHING. You'd expect it to finish in seconds, however it takes about 857 seconds to run (or 15 minutes). I dont know why it is so slow. Maybe the lotusnotes sql driver? any other ideas? (java based solution, any other solution) What my goal is: To get all the data from remote server and insert into local access table

    Read the article

  • Any way to select without causing locking in MySQL?

    - by Shore
    Query: SELECT COUNT(online.account_id) cnt from online; But online table is also modified by an event, so frequently I can see lock by running show processlist. Is there any grammar in MySQL that can make select statement not causing locks? And I've forgotten to mention above that it's on a MySQL slave database. After I added into my.cnf:transaction-isolation = READ-UNCOMMITTED the slave will meet with error: Error 'Binary logging not possible. Message: Transaction level 'READ-UNCOMMITTED' in InnoDB is not safe for binlog mode 'STATEMENT'' on query So, is there a compatible way to do this?

    Read the article

  • Drag and drop: jQuery UI or Scriptaculous?

    - by jpartogi
    Dear all, I am in the middle of the road whether to use jQuery UI or Scriptaculous for drag and drop. I am using Ruby on Rails, and Scriptaculous support in Ruby on Rails is superb with the existence of scriptaculous_helper.rb. But I have already use jQuery for the ajax and DOM manipulation. I do not mind to use scriptaculous since we can use jQuery.noConflict() in the code. I also kind of get the impression that scriptaculous drag and drop is better than jQuery UI drag and drop based on the online demos. So back to the original question, which one would you recommend as a drag and drop library and which one do you think is better than the other? Scriptaculous or jQuery UI?

    Read the article

  • SQL GROUP BY - also SELECT not-constant columns

    - by Michal Kosek
    can someone please help me with this query? I have 2 tables in my database: log_visitors: -------------------- id | host_id log_access: -------------------- visitor | document | timestamp "log_access.visitor" links to "log_visitors.id" Currently, I'm using this query: SELECT log_visitors.host_id , MIM(log_access.timestamp) AS min_timestamp FROM log_access INNER JOIN log_visitors ON (log_access.visitor = log_visitors.id) GROUP BY log_visitors.host_id; to get "MIN(timestamp)" for each "host_id" in the database. HERE'S MY QUESTION: I also need to get "document" for that access with that timestamp... I can't simply add "log_access.document" into SELECT list, since it's not constant and I am not grouping by document... Any ideas?

    Read the article

  • MySQL Connection error in spring MVC

    - by nidhi
    i am working on spring MVC facing the following exception while connecting to my sql. Blocorg.springframework.jdbc.CannotGetJdbcConnectionException: Could not get JDBC Connection; nested exception is org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.) at org.springframework.jdbc.datasource.DataSourceUtils.getConnection(DataSourceUtils.java:80) at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:572) at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:636) at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:665) at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:673) at org.springframework.jdbc.core.JdbcTemplate.queryForObject(JdbcTemplate.java:728) at org.springframework.jdbc.core.JdbcTemplate.queryForObject(JdbcTemplate.java:744) at org.springframework.jdbc.core.JdbcTemplate.queryForInt(JdbcTemplate.java:775) at com.trackmeetings.dao.InboxDAOImpl.getNotificationsCount(InboxDAOImpl.java:51) at com.trackmeetings.service.InboxService.getNotificationsCount(InboxService.java:56) at com.trackmeetings.controller.HomePageController.getLogInUserDetails(HomePageController.java:80) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.springframework.web.bind.annotation.support.HandlerMethodInvoker.invokeHandlerMethod(HandlerMethodInvoker.java:175) at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.invokeHandlerMethod(AnnotationMethodHandlerAdapter.java:421) at org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter.handle(AnnotationMethodHandlerAdapter.java:409) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:774) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:719) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:560) at javax.servlet.http.HttpServlet.service(HttpServlet.java:710) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.trackmeetings.util.NoCacheFilter.doFilter(NoCacheFilter.java:56) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:680) Caused by: org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.) at org.apache.commons.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1225) at org.apache.commons.dbcp.BasicDataSource.getConnection(BasicDataSource.java:880) at org.springframework.jdbc.datasource.DataSourceUtils.doGetConnection(DataSourceUtils.java:111) at org.springframework.jdbc.datasource.DataSourceUtils.getConnection(DataSourceUtils.java:77) ... 38 more Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failurekquote how can i resolve this. please help,

    Read the article

  • As our favorite imperative languages gain functional constructs, should loops be considered a code s

    - by Michael Buen
    In allusion to Dare Obasanjo's impressions on Map, Reduce, Filter (Functional Programming in C# 3.0: How Map/Reduce/Filter can Rock your World) "With these three building blocks, you could replace the majority of the procedural for loops in your application with a single line of code. C# 3.0 doesn't just stop there." Should we increasingly use them instead of loops? And should be having loops(instead of those three building blocks of data manipulation) be one of the metrics for coding horrors on code reviews? And why? [NOTE] I'm not advocating fully functional programming on those codes that could be simply translated to loops(e.g. tail recursions) Asking for politer term. Considering that the phrase "code smell" is not so diplomatic, I posted another question http://stackoverflow.com/questions/432492/whats-the-politer-word-for-code-smell about the right word for "code smell", er.. utterly bad code. Should that phrase have a place in our programming parlance?

    Read the article

  • Problems in php coding

    - by anwar
    Hi there everyone im new to PHP and Joomla and I have developed a component in Joomla but my code is giving me errors. I have tried to solve the problem but I’am unable to solve it. So can anyone suggest me what is the problem with my code? Thanks in advance. Here are my two files: 1st view.html.php defined('_JEXEC') or die('=;)'); jimport('joomla.application.component.view'); class namnamViewlistrestaurant extends JView { function display($tpl = null) { $item = 'item'; RestUser::RestrictDirectAccess(); //-- Custom css JHTML::stylesheet( 'style.css', 'components/com_namnam/assets/css/' ); $cuisine=Lookups::getLookup('cuisine'); $lists['cuisine'] = JHTML::_('select.genericlist', $cuisine, 'idcuisine[]', 'class="inputbox" size="7"', 'value', 'text', $item->idcuisine); $category=Lookups::getLookup('restcategory'); $lists['category'] = JHTML::_('select.genericlist', $category, 'idcategory[]', 'class="inputbox" multiple="multiple" size="7"', 'value', 'text', $item->idcategory); $items = & $this->get('Data'); $pagination =& $this->get('Pagination'); $lists = & $this->get('List'); $this->assignRef('items', $items); $this->assignRef('pagination', $pagination); $this->assignRef('lists', $lists); parent::display($tpl); }//function }//class And 2nd is listrestaurant.php defined('_JEXEC') or die('=;)'); jimport('joomla.application.component.model'); class namnamModellistrestaurant extends JModel { var $_data; var $_total = null; var $_pagination = null; function __construct() { parent::__construct(); global $mainframe, $option; $limit = $mainframe->getUserStateFromRequest( 'global.list.limit', 'limit', $mainframe->getCfg('list_limit'), 'int' ); $limitstart = $mainframe->getUserStateFromRequest( $option.'.limitstart', 'limitstart', 0, 'int' ); $limitstart = ($limit != 0 ? (floor($limitstart / $limit) * $limit) : 0); $this->setState('limit', $limit); $this->setState('limitstart', $limitstart); } function _buildQuery() { $where = array(); $where[]=" idowner=".RestUser::getUserID()." "; if ($this->search) { $where[] = 'LOWER(name) LIKE \''. $this->search. '\''; } $where =( count($where) ) ? ' WHERE ' . implode( ' AND ', $where ) : ''; $orderby = ''; #_ECR_MAT_FILTER_MODEL1_ if (($this->filter_order) && ($this->filter_order_Dir)) { $orderby = ' ORDER BY '. $this->filter_order .' '. $this->filter_order_Dir; } $this->_query = ' SELECT *' . ' FROM #__namnam_restaurants ' . $where . $orderby ; return $this->_query; } function getData() { if (empty($this->_data)) { $query = $this->_buildQuery(); $this->_data = $this->_getList($query, $this->getState('limitstart'), $this->getState('limit')); } return $this->_data; } function getList() { // table ordering $lists['order_Dir'] = $this->filter_order_Dir; $lists['order'] = $this->filter_order; // search filter $lists['search']= $this->search; return $lists; } function getTotal() { // Load the content if it doesn't already exist if (empty($this->_total)) { $query = $this->_buildQuery(); $this->_total = $this->_getListCount($query); } return $this->_total; } function getPagination() { // Load the content if it doesn't already exist if (empty($this->_pagination)) { jimport('joomla.html.pagination'); $this->_pagination = new JPagination($this->getTotal(), $this->getState('limitstart'), $this->getState('limit') ); } return $this->_pagination; } }//class And the errors are: Notice: Trying to get property of non-object in C:\wamp\www\namnam.com\components\com_namnam\views\listrestaurant\view.html.php on line 26 Notice: Trying to get property of non-object in C:\wamp\www\namnam.com\components\com_namnam\views\listrestaurant\view.html.php on line 29 Notice: Undefined property: namnamModellistrestaurant::$search in C:\wamp\www\namnam.com\components\com_namnam\models\listrestaurant.php on line 38 Notice: Undefined property: namnamModellistrestaurant::$filter_order in C:\wamp\www\namnam.com\components\com_namnam\models\listrestaurant.php on line 48 Notice: Undefined property: namnamModellistrestaurant::$search in C:\wamp\www\namnam.com\components\com_namnam\models\listrestaurant.php on line 38 Notice: Undefined property: namnamModellistrestaurant::$filter_order in C:\wamp\www\namnam.com\components\com_namnam\models\listrestaurant.php on line 48 Notice: Undefined property: namnamModellistrestaurant::$filter_order_Dir in C:\wamp\www\namnam.com\components\com_namnam\models\listrestaurant.php on line 76 Notice: Undefined property: namnamModellistrestaurant::$filter_order in C:\wamp\www\namnam.com\components\com_namnam\models\listrestaurant.php on line 77 Notice: Undefined property: namnamModellistrestaurant::$search in C:\wamp\www\namnam.com\components\com_namnam\models\listrestaurant.php on line 80

    Read the article

  • apostrophe issue with ajax post to php

    - by Ahmet vardar
    hi there, i am posting data with jquery ajax to php but if input has ' inside, data wont be posted. I tried encodeURIComponent but wont work. any idea on this ? thanks EDIT: my code var name = $("input#name_add").val(); name = encodeURIComponent(name); $.post("function.php", { name: name }, function(data) { //codes }); $query = "UPDATE `table` SET name = '" . stripslashes($_POST['name']) . "' WHERE ID = '$id'"; $result = mysql_query($query); if ($result){ print "ok"; }

    Read the article

  • Rows in their own columns depending on their date and symbolized by 'x'

    - by Chandradyani
    Dear All, please help me since I'm newbie in SQL Server. I have a select query that currently produces the following results: DoctorName Team Visit date dr. As A 5 dr. Sc A 4 dr. Gh B 6 dr. Nd C 31 dr As A 7 Using the following query: SELECT d.DoctorName, t.TeamName, ca.VisitDate FROM cActivity AS ca INNER JOIN doctor AS d ON ca.DoctorId = d.Id INNER JOIN team AS t ON ca.TeamId = t.Id WHERE ca.VisitDate BETWEEN '1/1/2010' AND '1/31/2010' I want to produce the following: DoctorName Team 1 2 3 4 5 6 7 ... 31 Visited dr. As A x x ... 2 times dr. Sc A x ... 1 times dr. Gh B x ... 1 times dr. Nd C ... X 1 times

    Read the article

  • Only some windows shell commands work via ruby?

    - by Sanarothe
    Hi. I'm trying to use a script to control my power options since XP doesn't give you an intuitive way to change CPU Frequency options. Here's my script so far: meh = `cmd.exe /C POWERCFG.EXE /QUERY Portable/Laptop` puts "" puts meh case input when 1 then system('cmd.exe /C POWERCFG.EXE /CHANGE Portable/Laptop /processor-throttle-ac NONE') when 2 then system('cmd.exe /C POWERCFG.EXE /CHANGE Portable/Laptop /processor-throttle-ac ADAPTIVE') when 3 then `cmd.exe /C POWERCFG.EXE /CHANGE Portable/Laptop /processor-throttle-ac CONSTANT` end The problem is that the changes simply don't take place. If I run the same commands directly into a cmd.exe prompt, they work. It's very strange, but nothing works after the initial powercfg query. I feel like I'm missing something incredibly obvious. How can I get the above script to run correctly?

    Read the article

  • How to properly use Gearman with my PHP application?

    - by luckytaxi
    For now I just want to use Gearman for background processing. For example, I need to email a recipient that they have a private message waiting for them once the sender submits their message into the DB. I assume I can run the worker/client and server on my primary server but I have no problems offloading some of the tasks to a different web server. Anyways, my question is how do I handle multiple "functions?" Let's say I need a job that handles the email portion and a job to handle image manipulation. Can I have multiple functions in the worker? I've followed a couple of examples I found online but each example only shows one function being initialized. Do I have to start up multiple "workers" to handle multiple functions?

    Read the article

  • Possible apache/mysql/php wrapper?

    - by MrStatic
    I was tasked with writing a smallish program for data input and manipulation. My language of choice happens to be PHP. I have written out the program/site it all works fine is easily portable and everything but have one question. Is there anyway to wrap up apache/mysql/php into a bundle of one exe? I know of MoWes Portable and other options but I am looking to basically wrap everything up into a single exe without much fuss to the end user. My target users are very low on the computer savvy scale. I am trying to avoid a batch file for launching and don't really want them able to shutdown one part on accident and not another (IE shut off mysql but leave apache on).

    Read the article

  • how to convert datetime to string in linqtosql?

    - by kwon
    I am using linqtosql and inside of linq query, I tried to convert datetime type column to string like 'dd-MM-yy'. However, I got error as following : NotSupportedException: Method 'System.String ToString(System.String)' has no supported translation to SQL. following is my linq query : from ffv in Flo_flowsheet_values where ffv.Flowsheet_key == 2489 && ffv.Variable_key == 70010558 && ffv.Status == 'A' && ffv.Column_time >= DateTime.ParseExact("2010-06-13 00:00", "yyyy-MM-dd HH:mm", null) && ffv.Column_time <= DateTime.ParseExact("2010-06-13 22:59", "yyyy-MM-dd HH:mm", null) select new { ColumnTime = ffv.Column_time ,ColumnTimeForXCategory = ffv.Column_time.Value.ToString("dd-MM-yy") ***====> this statement invoke error*** ,BTValue = Convert.ToDouble( ffv.Value) } what is problem? Thanks in advance

    Read the article

  • Sql server table can be queried but not updated

    - by Nigel
    i have a table which was always updatable before, but then suddenly i can no longer update the any of the columns in the table. i can still query the whole table and the results come back very fast, but the moment i try to update a column in the table, the update query simply stalls and does nothing. i tried using select req_transactionUOW from master..syslockinfo where req_spid = -2 to see if some orphaned transaction was locking the table, but it returns no results. i can't seems to find signs of my table being locked, but simply cannot update it. any clues as to how to fix the table or whatever state it is in?

    Read the article

  • Bing search api . colon in xml

    - by nicky
    i am trying to parse bing search xml but whenever i try to access xml element there is colon in every elemet which gives error Parse error: syntax error, unexpected ':' in / here is my php code foreach($searchresponse->web:Web->web:Results as $result) { printf(" \n%s", $result->web:Description); } here is bing xml response <SearchResponse Version="2.2"> - <Query> <SearchTerms>ipl</SearchTerms> </Query> - <web:Web> <web:Total>2430000</web:Total> <web:Offset>0</web:Offset> - <web:Results> - <web:WebResult> <web:Title>Indian Premier League | IPLT20</web:Title> what is the meaning of colon in xml tags.

    Read the article

  • SQL Server Mutliple Joins Taxing CPU

    - by durilai
    I have a stored procedure on SQL server 2005. It is pulling from a Table function, and has two joins. When the query is run using a load test it kills the CPU 100% across all 16 cores! I have determined that removing one of the joins makes the query run fine, but both taxes the CPU. Select SKey From dbo.tfnGetLatest(@ID) a left join [STAGING].dbo.RefSrvc b on a.LID = b.ESIID left join [STAGING].dbo.RefSrvc c on a.EID = c.ESIID Any help is appreciated, note the join is happening on the same table in a different database on the same server.

    Read the article

  • HQL : LEFT OUTER JOIN

    - by Parama
    Hi all, I have two tables and respective classes in java.The mapping in the HBM.xml is as follows : The query in the HBM.xml is as follows : from Reports as rep left join rep.parts as parts I am getting the following exception while executing the code : May 19, 2010 10:47:04 AM org.hibernate.util.JDBCExceptionReporter logExceptions WARNING: SQL Error: 904, SQLState: 42000 May 19, 2010 10:47:04 AM org.hibernate.util.JDBCExceptionReporter logExceptions SEVERE: ORA-00904: "REPORTS0_"."PARTNO": invalid identifier org.hibernate.exception.SQLGrammarException: could not execute query at org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:67) at org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:43) at org.hibernate.loader.Loader.doList(Loader.java:2223) at org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2104) at org.hibernate.loader.Loader.list(Loader.java:2099) at org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:378) at org.hibernate.hql.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:338) at org.hibernate.engine.query.HQLQueryPlan.performList(HQLQueryPlan.java:172) at org.hibernate.impl.SessionImpl.list(SessionImpl.java:1121) at org.hibernate.impl.QueryImpl.list(QueryImpl.java:79) at com.hcl.spring.db.sample.dao.ItemDAOImpl.loadItems(ItemDAOImpl.java:43) at com.hcl.spring.db.sample.service.ItemServiceImpl.loadItems(ItemServiceImpl.java:20) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:304) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204) at $Proxy3.loadItems(Unknown Source) at com.hcl.spring.db.sample.Main.loadItems(Main.java:40) at com.hcl.spring.db.sample.Main.main(Main.java:19) Caused by: java.sql.SQLException: ORA-00904: "REPORTS0_"."PARTNO": invalid identifier at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:331) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:288) at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:743) at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:216) at oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:799) at oracle.jdbc.driver.OracleStatement.executeMaybeDescribe(OracleStatement.java:1038) at oracle.jdbc.driver.T4CPreparedStatement.executeMaybeDescribe(T4CPreparedStatement.java:839) at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1133) at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3285) at oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3329) at org.hibernate.jdbc.AbstractBatcher.getResultSet(AbstractBatcher.java:186) at org.hibernate.loader.Loader.getResultSet(Loader.java:1787) at org.hibernate.loader.Loader.doQuery(Loader.java:674) at org.hibernate.loader.Loader.doQueryAndInitializeNonLazyCollections(Loader.java:236) at org.hibernate.loader.Loader.doList(Loader.java:2220) ... 22 more Do request your help on the same.

    Read the article

  • Prevent SQL Injection in Dynamic column names

    - by Mr Shoubs
    I can't get away without writing some dynamic sql conditions in a part of my system (using Postgres). My question is how best to avoid SQL Injection with the method I am currently using. EDIT (Reasoning): There are many of columns in a number of tables (a number which grows (only) and is maintained elsewhere). I need a method of allowing the user to decide which (predefined) column they want to query (and if necessary apply string functions to). The query itself is far too complex for the user to write themselves, nor do they have access to the db. There are 1000's of users with varying requirements and I need to remain as flexible as possible - I shouldn't have to revisit the code unless the main query needs to change - Also, there is no way of knowing what conditions the user will need to use. I have objects (received via web service) that generates a condition (the generation method is below - it isn't perfect yet) for some large sql queries. The _FieldName is user editable (parameter name was, but it didn't need to be) and I am worried it could be an attack vector. I put double quotes (see quoted identifier) around the field name in an attempt to sanitize the string, this way it can never be a key word. I could also look up the field name against a list of fields, but it would be difficult to maintain on a timely basis. Unfortunately the user must enter the condition criteria, I am sure there must be more I can add to the sanatize method? and does quoting the column name make it safe? (my limited testing seems to think so). an example built condition would be "AND upper(brandloaded.make) like 'O%' and upper(brandloaded.make) not like 'OTHERBRAND'" ... Any help or suggestions are appreciated. Public Function GetCondition() As String Dim sb As New Text.StringBuilder 'put quote around the table name in an attempt to prevent some sql injection 'http://www.postgresql.org/docs/8.2/static/sql-syntax-lexical.html sb.AppendFormat(" {0} ""{1}"" ", _LogicOperator.ToString, _FieldName) Select Case _ConditionOperator Case ConditionOperatorOptions.Equals sb.Append(" = ") ... End Select sb.AppendFormat(" {0} ", Me.UniqueParameterName) 'for parameter Return Me.Sanitize(sb) End Function Private Function Sanitize(ByVal sb As Text.StringBuilder) As String 'compare against a similar blacklist mentioned here: http://forums.asp.net/t/1254125.aspx sb.Replace(";", "") sb.Replace("'", "") sb.Replace("\", "") sb.Replace(Chr(8), "") Return sb.ToString End Function Public ReadOnly Property UniqueParameterName() As String Get Return String.Concat(":" _UniqueIdentifier) End Get End Property

    Read the article

  • Problem with truncation of floating point values in DBSlayer.

    - by chrisdew
    When I run a query through DBslayer http://code.nytimes.com/projects/dbslayer the floating point results are truncated to a total of six digits (plus decimal point and negative sign when needed). { ... "lat":52.2228,"lng":-2.19906, ... } When I run the same query in MySQL, the results are as expected. | 52.22280884 | -2.19906425 | Firstly, am I correct in identifying DBSlayer as the cause of this effect? (Or the JSON library it uses, etc.) Secondly, is this floating point precision configurable within DBSlayer? Thanks, Chris. P.S. Ubuntu 9.10, x86_64 Path: . URL: http://dbslayer.googlecode.com/svn/trunk Repository Root: http://dbslayer.googlecode.com/svn Repository UUID: 5df2be84-4748-0410-afd4-f777a056bd0c Revision: 65 Node Kind: directory Schedule: normal Last Changed Author: dgottfrid Last Changed Rev: 65 Last Changed Date: 2008-03-28 22:52:46 +0000 (Fri, 28 Mar 2008)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 383 384 385 386 387 388 389 390 391 392 393 394  | Next Page >