Search Results

Search found 32551 results on 1303 pages for 'sql authentication'.

Page 472/1303 | < Previous Page | 468 469 470 471 472 473 474 475 476 477 478 479  | Next Page >

  • Is adding indexes to a SQL Server ever a bad idea?

    - by Aerik
    We have a mid-size SQL Server based application that has no indexes defined. Not even on the the identity columns. I suggested to our moderately expensive application consultant that perhaps we might get better performance (particularly as our database grows) by creating some indexes on appropriate fields, and he said: "Indexes will significantly impact other areas of the application and customers should not create them under any circumstances." Anybody ever heard of anything like this? Are there ever circumstances where one should not create any indexes? I can see nothing special about this app - it's got int identity columns, then lots of string columns, bunch of relational tables but nothing special or weird that I can see. Thanks!

    Read the article

  • Can per-user randomized salts be replaced with iterative hashing?

    - by Chas Emerick
    In the process of building what I'd like to hope is a properly-architected authentication mechanism, I've come across a lot of materials that specify that: user passwords must be salted the salt used should be sufficiently random and generated per-user ...therefore, the salt must be stored with the user record in order to support verification of the user password I wholeheartedly agree with the first and second points, but it seems like there's an easy workaround for the latter. Instead of doing the equivalent of (pseudocode here): salt = random(); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword, salt); Why not use the hash of the username as the salt? This yields a domain of salts that is well-distributed, (roughly) random, and each individual salt is as complex as your salt function provides for. Even better, you don't have to store the salt in the database -- just regenerate it at authentication-time. More pseudocode: salt = hash(username); hashedPassword = hash(salt . password); storeUserRecord(username, hashedPassword); (Of course, hash in the examples above should be something reasonable, like SHA-512, or some other strong hash.) This seems reasonable to me given what (little) I know of crypto, but the fact that it's a simplification over widely-recommended practice makes me wonder whether there's some obvious reason I've gone astray that I'm not aware of.

    Read the article

  • Rails user authorization

    - by Zachary
    I am currently building a Rails app, and trying to figure out the best way to authenticate that a user owns whatever data object they are trying to edit. I already have an authentication system in place (restful-authentication), and I'm using a simple before_filter to make sure a user is logged in before they can reach certain areas of the website. However, I'm not sure the best way to handle a user trying to edit a specific piece of data - for example lets say users on my site can own Books, and they can edit the properties of the book (title, author, pages, etc), but they should only be able to do this for Books that -they- own. In my 'edit' method on the books controller I would have a find that only retrieved books owned by the current_user. However, if another user knew the id of the book, they could type in http://website.com/book/7/edit , and the controller would verify that they are logged in, then show the edit page for that book (seems to bypass the controller). What is the best way to handle this? Is it more of a Rails convention routing issue that I don't understand (being able to go straight to the edit page), or should I be adding in a before_find, before_save, before_update, etc callbacks to my model?

    Read the article

  • How do I correctly model data in SQL-based databases that have some columns in common, but also have

    - by Brandon Weiss
    For instance, let's say I have a User model. Users have things like logins, passwords, e-mail addresses, avatars, etc. But there are two types of Users that will be using this site, let's say Parents and Businesses. I need to store some different information for the Parents (e.g. childrens' names, domestic partner, salaries, etc.) than for the Businesses (e.g. industry, number of employees, etc.), but also some of it is the same, like logins and passwords. How do I correctly structure this in a SQL-based database? Thanks!

    Read the article

  • How is unautenticated site navigation handled in ASP.NET?

    - by Code Sherpa
    Hi. I am wondering how to do the following... I have a registration system. When the user successfully registers, he is then led down a series of data gathering pages (for his profile) and then, finally, ends on his profile's home page where he can start to use the site. All this happens without ever logging into the system so, he is unauthenticated and unconfirmed. My question is, how does this happen? How can I allow my user to be unauthenticated (and unconfirmed, but this I understand) and use all aspects of the Web site? The way I have things set up right now, my code should be doing this: case CreateProfileStatus.Success: //FormsAuthentication.SetAuthCookie(userName, false); Response.Redirect("NextPage.aspx", false); break; but, I am being redirected to the login page after registration which is not the result I want. This is what the relevant nodes in my web.config look like: <authentication mode="Forms"> <forms name=".AuthCookie" loginUrl="default.aspx" protection="All"/> </authentication> <authorization> <deny users="?"/> <allow roles="Administrators" /> </authorization> <anonymousIdentification enabled="true" cookieName=".ASPXANONYMOUS" cookieTimeout="100000" cookiePath="/" cookieRequireSSL="false" cookieSlidingExpiration="true" cookieProtection="Encryption" cookieless="UseCookies" domain="" /> When the user logs out after the registration and initial interaction with the site he will be required to log in upon return. At this point he must be authenticated but does not need to be confirmed for a period of time. Eventually, he will be reminded. So, how is this done? Thanks in advance.

    Read the article

  • free sql script to get a list of countries, provinces/states and their cities.

    - by reggie
    I am working on a registration page for a php website as mysql as the backend database. I need a sql script to insert the list of countries with their associated provinces and the provinces with their associated cities. I need all the countries, provinces and cities all over the world which are related to each other. I can get the individual list of countries, provinces and cities but there is no list that relates them together.. any help appreciated.. thanks in advance.

    Read the article

  • How do you get average of sums in SQL (multi-level aggregation)?

    - by paxdiablo
    I have a simplified table xx as follows: rdate date rtime time rid integer rsub integer rval integer primary key on (rdate,rtime,rid,rsub) and I want to get the average (across all times) of the sums (across all ids) of the values. By way of a sample table, I have (with consecutive identical values blanked out for readability): rdate rtime rid rsub rval ------------------------------------- 2010-01-01 00.00.00 1 1 10 2 20 2 1 30 2 40 01.00.00 1 1 50 2 60 2 1 70 2 80 02.00.00 1 1 90 2 100 2010-01-02 00.00.00 1 1 999 I can get the sums I want with: select rdate,rtime,rid, sum(rval) as rsum from xx where rdate = '2010-06-01' group by rdate,rtime,rid which gives me: rdate rtime rid rsum ------------------------------- 2010-01-01 00.00.00 1 30 (10+20) 2 70 (30+40) 01.00.00 1 110 (50+60) 2 150 (70+80) 02.00.00 1 190 (90+100) as expected. Now what I want is the query that will also average those values across the time dimension, giving me: rdate rtime ravgsum ---------------------------- 2010-01-01 00.00.00 50 ((30+70)/2) 01.00.00 130 ((110+150)/2) 02.00.00 190 ((190)/1) I'm using DB2 for z/OS but I'd prefer standard SQL if possible.

    Read the article

  • Why does Sql Server recommends creating an index when it already exist?

    - by Pierre-Alain Vigeant
    I ran a very basic query against one of our table and I noticed that the execution plan query processor is recommending that we create an index on a column The query is SELECT SUM(DATALENGTH(Data)) FROM Item WHERE Namespace = 'http://some_url/some_namespace/' After running, I get the following message // The Query Processor estimates that implementing the following index could improve the query cost by 96.7211%. CREATE NONCLUSTERED INDEX [<Name of Missing Index, sysname,>] ON [dbo].[Item] ([Namespace]) My problem is that I already have such index on that column: CREATE NONCLUSTERED INDEX [IX_ItemNamespace] ON [dbo].[Item] ( [Namespace] ASC )WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, SORT_IN_TEMPDB = OFF, IGNORE_DUP_KEY = OFF, DROP_EXISTING = OFF, ONLINE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY] Why is Sql Server recommending me to create such index when it already exist?

    Read the article

  • Query data using LINQ to SQL and Entity Framework with foreign key? (Help me please)

    - by The Wind
    Hello! There is a problem I need help with your query on the data using LINQ to SQL and Entity Framework (I'm using Visual Studio 2010). My picure here: http://img.tamtay.vn/files/photo2/2010/5/28/10/962/4bff3a3b_1093f58f_untitled-1.gif I have three tables: tbl NewsDetails tblNewsCategories tblNewsInCategories (See screen 1 in my picture) Now, I want to retrieve records in the tblNewsDetails table, with condition: CategoryId=1, as the following results: (See screen 2 in my picture) But NewsID and CategoryId in tblNewsInCategories table is two foreign key, I do not see them and I do not know how to use them in your code. My code has errors: (See screen 3 in my picture) Please help me. Thanks! (I am a new member, should not have the right to insert images)

    Read the article

  • What might cause SQL error Cannot find the object "dbo.InspectionEvents" because it does not exist o

    - by mrtrombone
    Hi My ASP.Net app is periodically getting the error 'Cannot find the object dbo."XXXX" because it does not exist or you do not have permissions' when it tries to execute a specific stored procedure that writes to the database. I have seen a few forum posts about this issue but the strange thing is that the method works fine almost all of the time, just every now and then I see it in my error logs. Can anyone tell me why this might works Ok most of the time but occassionally fire the error? Application is C# using Enterprise Library 4.1 Data Access. Database is SQL Server 2005 Cheers

    Read the article

  • SQL - How can I apply a "semi-unique" constraint?

    - by Erin Drummond
    Hi, I have a (simplified) table consisting of three columns: id INT PRIMARY KEY NOT NULL AUTO_INCREMENT, foreignID INT NOT NULL, name VARCHAR NOT NULL Basically, I would like to add a constraint (at the database level rather than at the application level) where it only possible for one unique 'name' to exist per foreignID. For example, given the data (id, foreignid, name): 1,1,Name1 2,1,Name2 3,1,Name3 4,2,Name1 5,2,Name2 I want the constraint to fail if the user tries to insert another 'Name3' under foreignId 1, but succeed if the user tries to insert 'Name3' under foreignId 2. For this reason I cannot simply make the whole column UNIQUE. I am having difficulty coming up with a SQL expression to achieve this, can anybody help me? Thanks

    Read the article

  • What C#/SQL Server feature did someone show you that made you say Wow!

    - by Randy Minder
    It's late Friday afternoon, and my mind is checking out for the week. So I thought I'd ask a light-hearted, interesting, question. Yesterday a co-worker showed me how he managed to save quite a bit of code and improve code reuse through the use of an anonymous delegate and the use of the Action function. My first thought was, "Wow, I had no idea you could do that!". I'm curious what sort of things someone showed you, either in c# or SQL Server, that made you stop and think, "Wow!". Randy

    Read the article

  • How can I subsample data from a time series with LINQ to SQL?

    - by Chris Farmer
    I have a database table full of time points and experimental values at those time points. I need to retrieve the values for an experiment and create a thumbnail image showing an XY plot of its data. Because the actual data set for each experiment is potentially 100,000 data points and my image is only 100 pixels wide, I want to sample the data before creating the image. My current query (which retrieves all the data without sampling) is something simple like this: var points = from p in db.DataPoints where p.ExperimentId == myExperimentId orderby p.Time select new { X = p.Time, Y = p.Value } So, how can I best take every nth point from my result set in a LINQ to SQL query?

    Read the article

  • What's the fastest way to check the availability of a SQL Server server?

    - by mwolfe02
    I have an MS Access program in use in multiple locations. It connects to MS SQL Server tables, but the server name is different in each location. I am looking for the fastest way to test for the existence of a server. The code I am currently using looks like this: ShellWait "sc \\" & ServerName & " qdescription MSSQLSERVER > " & Qt(fn) FNum = FreeFile() Open fn For Input As #FNum Line Input #FNum, Result Close #FNum Kill fn If InStr(Result, "SUCCESS") Then ... ShellWait: executes a shell command and waits for it to finish Qt: wraps a string in double quotes fn: temporary filename variable I run the above code against a list of server names (of which only one is normally available). The code takes about one second if the server is available and takes about 8 seconds for each server that is unavailable. I'd like to get both of these lower, if possible, but especially the fail case as this one happens most often.

    Read the article

  • How do I check if a SQL Server 2005 TEXT column is not null or empty using LINQ To Entities?

    - by emzero
    Hi there guys I'm new to LINQ and I'm trying to check whether a TEXT column is null or empty (as String.IsNullOrEmpty). from c in ... ... select new { c.Id, HasBio = !String.IsNullOrEmpty(c.bio) } Trying to use the above query produces an SqlException: Argument data type text is invalid for argument 1 of len function. The SQL generated is similar to the following: CASE WHEN ( NOT (([Extent2].[bio] IS NULL) OR (( CAST(LEN([Extent2].[bio]) AS int)) = 0))) THEN cast(1 as bit) WHEN (([Extent2].[bio] IS NULL) OR (( CAST(LEN([Extent2].[bio]) AS int)) = 0)) THEN cast(0 as bit) END AS [C1] LEN is not applicable to TEXT columns. I know DATALENGTH should be used for them... How can I force LINQ to produce such thing? Or any other workaround to test if a text column is null or empty??? Thanks!

    Read the article

  • Can MySQL / SQL's short hand of "Using" be used without saying "Inner Join" ?

    - by Jian Lin
    The following 2 statements are to join using gifts.giftID = sentgifts.giftID: mysql> select * from gifts, sentgifts using (giftID); ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'using (giftID)' at line 1 and the second one: mysql> select * from gifts INNER JOIN sentgifts using (giftID); +--------+------------+----------------+---------------------+--------+------------+--------+------+---------------------+ | giftID | name | filename | effectiveTime | sentID | whenSent | fromID | toID | trytryWhen | +--------+------------+----------------+---------------------+--------+------------+--------+------+---------------------+ | 2 | teddy bear | bear.jpg | 2010-04-24 04:36:03 | 4 | 2010-04-24 | NULL | 111 | 2010-04-24 03:10:42 | | 6 | beer | beer_glass.png | 2010-04-24 05:18:12 | 5 | 2010-03-03 | 11 | 22 | 2010-03-03 00:00:00 | | 6 | beer | beer_glass.png | 2010-04-24 05:18:12 | 6 | 2010-04-24 | 11 | 222 | 2010-04-24 03:54:49 | | 6 | beer | beer_glass.png | 2010-04-24 05:18:12 | 7 | 2010-04-24 | 1 | 2 | 2010-04-24 03:58:45 | +--------+------------+----------------+---------------------+--------+------------+--------+------+---------------------+ 4 rows in set (0.00 sec) Can the first statement also use the "using" shorthand? It seems that when it is used then the word "Inner Join" must be specified... but the first statement is actually an inner join?

    Read the article

  • How can I build my SQL query from these tables?

    - by vee
    Hi All, I'm thinking of building query from these 2 tables (on SQL Server 2008). I have 2 tables as shown below: Table 1 MemberId . MemberName . Percentage . Amount1 00000001 AAA 1.0 100 00000002 BBB 1.2 800 00000003 ZZZ 1.0 700 Table 2 MemberId . MemberName . Percentage . Amount2 00000002 BBB 1.5 500 00000002 BBB 1.6 100 00000002 BBB 1.6 150 The result I want is MemberId . MemberName . Percentage . Amount . NettAmount 00000001 AAA 1.0 100 100 00000002 BBB 1.2 800 50 <-- 800-(500+100+150) 00000002 BBB 1.5 500 500 00000002 BBB 1.6 650 650 00000003 ZZZ 1.0 700 700 50 comes from 800 in Table1 minus sum of Amount2 in table2 for MemberID=00000002 Plz someone help me to build the query to reach this result. Thank you in advance.

    Read the article

  • Login code sample which has been hacked via SQL Injection, although mysql_real_escape_string...

    - by artmania
    Hi friends, I use CodeIgniter, and having trouble with hacking :( is it possible to make SQL Injection to the login code below: function process_login() { $username = mysql_real_escape_string($this->input->post('username')); $password = mysql_real_escape_string(MD5($this->input->post('password'))); //Check user table $query = $this->db->getwhere('users', array('username'=>$username, 'password'=>$password)); if ($query->num_rows() > 0) { // success login data Am I using the mysql_real_escape_string wrong? or what? Appreciate helps!

    Read the article

  • Update specific rows in LINQ to SQL result set.

    - by davemackey
    I have a page with a form on it and needs a range of dates. Thus I've placed a number of textboxes on the page into which users can type dates. When the user clicks the save button I want to trigger a LINQ update to the SQL Server...all the rows already exist, so I'm just updating existing data. How can I do this? For example, lets say my table looks like this: Column Names: Description dateValue Column Values: Birthdate 1/1/1990 Anniversary 1/10/1992 Death 1/1/1993 I want to do something like this: hupdate.Description("Birthdate").dateValue = TextBox1.Text hupdate.Description("Anniversary").dateValue = TextBox2.Text hupdate.Description("Death").dateValue = TextBox3.Text hconfig.SubmitChanges() Is there a way to do this with LINQ?

    Read the article

  • In SQL, in what situation do we want to Index a field in a table, or 2 fields in a table at the same

    - by Jian Lin
    In SQL, it is obvious that whenever we want to do a search on millions of record, say CustomerID in a Transactios table, then we want to add an index for CustomerID. Is another situation we want to add an index to a field when we need to do inner join or outer join using that field as a criteria? Such as Inner join on t1.custumerID = t2.customerID. Then if we don't have an index on customerID on both tables, we are looking at O(n^2) because we need to loop through the 2 tables sequentially. If we have index on customerID on both tables, then it becomes O( (log n) ^ 2 ) and it is much faster. Any other situation where we want to add an index to a field in a table? What about adding index for 2 fields combined in a table. That is, one index, for 2 fields together?

    Read the article

  • For SQL select returning more than 1 value, how are they sorted when Id is GUID?

    - by Chris F
    I'm wondering how MSSQL orders data that is returned from a query and the Id columns of the respective tables are all of type uniqueidentifier. I'm using NHibernate GuidComb when creating all of the GUIDs and do things like: Sheet sheet = sheetRepository.Get(_SheetGuid_); // has many lines items IList<SheetLineItem> lineItems = sheet.LineItems; I'm just trying to figure out how they'll be ordered when I do something like: foreach (SheetLineItem lineItem in lineItems) I can't see to find a good article on the way GUIDs are compared by SQL when being ordered, if that's what's happening.

    Read the article

  • How can I make an SQL statement that finds unassociated records?

    - by William Calleja
    I have two tables as follows: tblCountry (countryID, countryCode) tblProjectCountry(ProjectID, countryID) The tblCountry table is a list of all countries with their codes and the tblProjectCountry table associates certain countries with certain projects. I need an SQL statement that gives me a list of the countries with their country code that do NOT have an associated record in the tblProjectCountry table. so far I got to here: SELECT tblCountry.countryID, tblCountry.countryCode FROM tblProjectCountry INNER JOIN tblCountry ON tblProjectCountry.countryID = tblCountry.countryID WHERE (SELECT COUNT(ProjectID) FROM tblProjectCountry WHERE (ProjectID = 1) AND (countryID = tblCountry.countryID)) = 0 The above statement parses as correct but doesn't give the exact result I'm looking for. Can anyone help?

    Read the article

  • [Sql-Server]what data type to use for password salt and hash values and what length?

    - by Pandiya Chendur
    I am generating salt and hash values from my passwords by using, string salt = CreateSalt(TxtPassword.Text.Length); string hash = CreatePasswordHash(TxtPassword.Text, salt); private static string CreateSalt(int size) { //Generate a cryptographic random number. RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] buff = new byte[size]; rng.GetBytes(buff); // Return a Base64 string representation of the random number. return Convert.ToBase64String(buff); } private static string CreatePasswordHash(string pwd, string salt) { string saltAndPwd = String.Concat(pwd, salt); string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile( saltAndPwd, "sha1"); return hashedPwd; } What datatype you would suggest for storing these values in sql server? Any suggestion... Salt:9GsPWpFD Hash:E778AF0DC5F2953A00B35B35D80F6262CDBB8567

    Read the article

  • IIS Restrict Access to Directory for table of users

    - by Dave
    I am trying to restrict access to files in a directory and it's sub directories based user rights. My user rights are stored in an MS SQL database in a custom format, however it is easy to query the list of users with rights to this directory. I need to know how to apply this to a web config on the server to authenticate against a query of a database table to determine if the username is authenticated and allowed to view the file. Of course if they are not they should be blocked / given a 404. I am using IIS and ASP.Net MVC3 with a form based security as opposed to the built in roles and responsibilities that was custom made for us and that works great. There are over 10k users tied to this non-Active Directory authentication so I am not planning to change my authentication type so please don't go there. It is not my decision on the choice of platform, or I would have gone with a LAMP server and been done with this. Edit 11-13-2012 @ 8:57a: In the web config can you put the result of an SQL query?

    Read the article

  • Is SQL server the best DB for Storing and comparing images in database for a small ecommerce applica

    - by iecut
    I have been trying to create a small e-commerce web based application using MS Dot Net framework. The application will let the user allow to store the image of their product that they want to sell or purchase, then they will have the option to upload the image of a particular product and compare that image with the similar images in the database. So my two main concerns are: - Is MS SQL a good option to store and compare the images. - Is the any other better database that can do the same work with less complexity of work and that is also easy to integrate with MS dot net framework.

    Read the article

< Previous Page | 468 469 470 471 472 473 474 475 476 477 478 479  | Next Page >