Search Results

Search found 27337 results on 1094 pages for 't sql'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 997/1094 | < Previous Page | 993 994 995 996 997 998 999 1000 1001 1002 1003 1004  | Next Page >

  • Testing for security vulnerabilities on web applications

    - by Moak
    A lot of companies use CMS software that updates on the regular, often they are security fixes, implying that the previous version have security vulnerabilities. But most clients never upgrade this, or even the CMS has been modified so that an update would break the site. Are there sites that document these exploits, and instruct how to test for them? Or does this information not even get published? (in order not to have people try to exploit them) Also is there a generic php/js based check list to prevent hack attempts? I know about SQL injections and XSS, but I'm sure that there are more threats out there. Peace

    Read the article

  • Rails has_and_belongs_to_many join across 3 tables

    - by Birdman
    I have a three models: listing, category, and site. There is a many to many relationship between listing and site and there is a many to many relationship between listing and category. A listing thus belongs to one or more sites and one or more categories (a listing can appear on multiple sites and multiple categories). Given a site id and a category id, I want a set of all the listings. I understand how to get the listings from a site id (listings = site.listings) and how to get the listings from a category id (listings = category.listings), but how do I get the triple join of the set of listings from both a site id and category id? The sql would look something like (sit_id and cat_id are input): select l.name from listings l, categories_listings cl, listings_sites, ls where cl.category_id = cat_id and ls.site_id = sit_id and cl.listing_id = l.id and ls.listing_id = l.id Thanks in advance

    Read the article

  • Help Writing Input Data to Database With Wordpress Plugin

    - by HollerTrain
    Hi I am making a wordpress plugin where I need the Admin to enter data into a database table. I am able to install the db table when the Plugin is activated, however I can't figure out how to save the user input. I've asked on the WP forums but they're dead... Any experienced guru who can lend some guidance would be greatly appreciated. <?php /******************************************************************* * INSTALL DB TABLE - ONLY AT RUN TIME * *******************************************************************/ function ed_xml_install() { global $wpdb; $ed_xml_data = $wpdb->prefix . "ed_xml_data"; if($wpdb->get_var("SHOW TABLES LIKE '$ed_xml_data'") != $ed_xml_data) { $sql = "CREATE TABLE " . ed_xml_data . " ( id mediumint(9) NOT NULL AUTO_INCREMENT, name tinytext NOT NULL, address text NOT NULL, url VARCHAR(55) NOT NULL, phone bigint(11) DEFAULT '0' NOT NULL, UNIQUE KEY id (id) );"; require_once(ABSPATH . 'wp-admin/includes/upgrade.php'); dbDelta($sql); $name = "Example Business Name"; $address = "1234 Example Street"; $url = "http://www.google.com"; $phone = "523-3232-323232"; $insert = "INSERT INTO " . ed_xml_data . " (phone, name, address, url) " . "VALUES ('" . phone() . "','" . $wpdb->escape($name) . "','" . $wpdb->escape($address) . "', '" . $wpdb->escape($url) . "')"; $results = $wpdb->query( $insert ); } } //call the install hook register_activation_hook(__FILE__,'ed_xml_install'); /******************************************************************* * CREATE MENU, CREATE MENU CONTENT * *******************************************************************/ if ( is_admin() ){ /* place it under the ED menu */ //TODO $allowed_group = ''; /* Call the html code */ add_action('admin_menu', 'ed_xmlcreator_admin_menu'); function ed_xmlcreator_admin_menu() { add_options_page('ED XML Creator', 'ED XML Creator', 'administrator', 'ed_xml_creator', 'ed_xmlcreator_html_page'); } } /******************************************************************* * CONTENT OF MENU CONTENT * *******************************************************************/ function ed_xmlcreator_html_page() { <div> <h2>Editors Deal XML Options</h2> <p>Fill in the below information which will get passed to the .XML file.</p> <p>[<a href="" title="view XML file">view XML file</a>]</p> <form method="post" action="options.php"> <?php wp_nonce_field('update-options'); ?> <table width="510"> <!-- title --> <tr valign="top"> <th width="92" scope="row">Deal URL</th> <td width="406"> <input name="url" type="text" id="url" value="<?php echo get_option('url'); ?>" /> </td> </tr> <!-- description --> <tr valign="top"> <th width="92" scope="row">Deal Address</th> <td width="406"> <input name="address" type="text" id="address" value="<?php echo get_option('address'); ?>" /> </td> </tr> <!-- business name --> <tr valign="top"> <th width="92" scope="row">Business Phone</th> <td width="406"> <input name="phone" type="text" id="phone" value="<?php echo get_option('phone'); ?>" /> </td> </tr> <!-- address --> <tr valign="top"> <th width="92" scope="row">Business Name</th> <td width="406"> <input name="name" type="text" id="name" value="<?php echo get_option('name'); ?>" /> </td> </tr> </table> <input type="hidden" name="action" value="update" /> <input type="hidden" name="page_options" value="hello_world_data" /> <p> <input type="submit" value="<?php _e('Save Changes') ?>" /> </p> </form> </div> ?>

    Read the article

  • Rails ActiveRecord- has_many through and belongs_to a related model

    - by Nick
    I have 3 models sites, user_favorites and users. Relevant relationships: class Site < ActiveRecord::Base has_many :users, :through => :user_favorites class UserFavorite < ActiveRecord::Base belongs_to :user, :counter_cache => true belongs_to :site end class User < ActiveRecord:Base has_many :user_favorites has_many :sites, :through => :user_favorites All of that works just fine. I'd like to add a new attribute to the Site model to indicate which user created it. I don't believe this constitutes a has_and_belongs_to_many scenario. A site has many users through user_favorites but I want it to belong to a single user reflecting the owner/creator. I'm wondering what the ORM best practice is for this. SQL wise I'd just use different joins depending on what I was trying to query with a created_by FK in Site. Sorry if I'm missing something basic here. Thanks

    Read the article

  • POS Desktop Application using DB or Localfiles ? using WPF

    - by Panindra
    I am planning to build a POS Application for my shop. I have enough knowledge to build the application using DB and also using local files( system.IO - binary files ) to store and access the data for my application. But , i have no deployment experience and confused in choosing data storing option. Database using MDF may be good option ( may ease plenty of coding ) but i don't want to have SQL server on my desktop. as i am using WPF for building , my concern is that my application may get slow due to server response and design rendering of WPF. Then i tried to use only local data (binary files) to store the data and retrive using class and objects. but this coding is taking lot of time , so in the middle of the process i struck in the dilemma of going back to Database . Please help , for performance wise whic one is better . and in Practical World ,in professional applications which one is widely using .. please give suggestions ..

    Read the article

  • I have this broken php upload script

    - by Anders Kitson
    I have this script for uploading a image and content from a form, it works in one project but not the other. I have spent a good few hours trying to debug it, I am hoping someone could point out the issue I might be having. Where there are comments is where I have tried to debug. The first error I got was the "echo invalid file" at the beginning of the last comment. With these specific areas commented out the upload name and type that I am supposed to be grabbing from the form is not being echoed, I am thinking this is where the error is occurring, but can't quite seem to find it. Thanks. <?php include("../includes/connect.php"); /* if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 2000000)) { */ if ($_FILES["file"]["error"] > 0) { echo "Return Code: " . $_FILES["file"]["error"] . "<br />"; } else { echo "Upload: " . $_FILES["file"]["name"] . "<br />"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />"; echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />"; /* GRAB FORM DATA */ $title = $_POST['title']; $date = $_POST['date']; $content = $_POST['content']; $imageName1 = $_FILES["file"]["name"]; echo $title; echo "<br/>"; echo $date; echo "<br/>"; echo $content; echo "<br/>"; echo $imageName1; $sql = "INSERT INTO blog (title,date,content,image)VALUES( \"$title\", \"$date\", \"$content\", \"$imageName1\" )"; $results = mysql_query($sql)or die(mysql_error()); echo "<br/>"; if (file_exists("../images/blog/" . $_FILES["file"]["name"])) { echo $_FILES["file"]["name"] . " already exists. "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "../images/blog/" . $_FILES["file"]["name"]); echo "Stored in: " . "../images/blog/" . $_FILES["file"]["name"]; } } /* } else { echo "Invalid file" . "<br/>"; echo "Type: " . $_FILES["file"]["type"] . "<br />"; } */ //lets create a thumbnail of this uploaded image. /* $fileName = $_FILES["file"]["name"]; createThumb($fileName,310,"../images/blog/thumbs/"); function createThumb($thisFileName, $thisThumbWidth, $thisThumbDest){ $thisOriginalFilePath = "../images/blog/". $thisFileName; list($width, $height) = getimagesize($thisOriginalFilePath); $imgRatio =$width/$height; $thisThumbHeight = $thisThumbWidth/$imgRatio; $thumb = imagecreatetruecolor($thisThumbWidth,$thisThumbHeight); $source = imagecreatefromjpeg($thisOriginalFilePath); imagecopyresampled($thumb, $source, 0, 0, 0, 0, $thisThumbWidth,$thisThumbHeight, $width, $height); $newFileName = $thisThumbDest.$thisFileName; imagejpeg($thumb,$newFileName, 80); echo "<p><img src=\"$newFileName\" /></p>"; //header("location: http://www.google.ca"); } */ ?>

    Read the article

  • Efficient persistent storage for simple id to table of values map for java

    - by wds
    I need to store some data that follows the simple pattern of mapping an "id" to a full table (with multiple rows) of several columns (i.e. some integer values [u, v, w]). The size of one of these tables would be a couple of KB. Basically what I need is to store a persistent cache of some intermediary results. This could quite easily be implemented as simple sql, but there's a couple of problems, namely I need to compress the size of this structure on disk as much as possible. (because of amount of values I'm storing) Also, it's not transactional, I just need to write once and simply read the contents of the entire table, so a relational DB isn't actually a very good fit. I was wondering if anyone had any good suggestions? For some reason I can't seem to come up with something decent atm. Especially something with an API in java would be nice.

    Read the article

  • Unable to execute an oracle update statement within perl

    - by Gunnlaugur
    I have a problem in a perl script that I'm writing. When I run the script it hangs after prepare(). I've tried to run the update statement from SQL Developer and it works fine. I've also tried to print out all parameters and they are correct. What am I missing here? my $upd = 'update ngs.pp_subscr_data set address=?, city=?, postalcode=?, kennitala=?, email=?, firstname=?, lastname=?, last_upd=systimestamp where snb=?'; my $s = $dbh->prepare ($upd) || exitError(-9802, 'Couldn\'t prepare update statement.'); $s->execute($addr, $city, $pcode, $ktala, $email, $fname, $lname, $snb) Thanks.

    Read the article

  • Proper abstraction of the database tier in a 3 tier system?

    - by Earlz
    Hello, I am creating a 3 tier application. Basically it goes Client - (through optional server to be a thin-client) - Business Logic - Database Layer And basically making it so that there is never any skipping around. As such, I want for all of the SQL queries and such to be in the Database Layer. Well, now I'm a bit confused. I made a few static classes to start off the database tier but what should I do for the database connections? Should I just create a new database connection anytime I enter the Database Layer or would that be wasteful? Does Connection.Open() take time whenever you have a ConnectionPool? To me, it just feels wrong for the Business tier to have to pass in a IdbConnection object to the Database tier. It seems like the Database tier should handle all of that DB-specific code. What do you think? How can I do it the proper way while staying practical?

    Read the article

  • Variable collation with MySQL stored function?

    - by Chad Johnson
    I want to do something like this in a stored procedure: IF case_sensitive = FALSE THEN SET search_collation = "utf8_unicode_ci"; ELSE SET search_collation = "utf8_bin"; END IF; INSERT INTO TABLE1 (field1, field2) SELECT * FROM TABLE 2 WHERE some_field LIKE '%rarf%' collate search_collation; However, when I do this, I get ERROR 1273 (HY000): Unknown collation: 'search_collation' Also, if I do what's suggested at http://stackoverflow.com/questions/1680850/mysql-stored-procedures-use-a-variable-as-the-database-name-in-a-cursor-declara/2070021#2070021 I get Dynamic SQL is not allowed in stored function or trigger How can I use a dynamic collation?

    Read the article

  • PHP/Mysql issues

    - by queryne
    Php/my sql newbie question. I have a database I've imported into my local phpmyadmin. However it seems I can't access it from my a php application. The connection string seems right and when i try to authenticate user credentials to access database information, no problems. However authenticate everyone and knows when i put in fake credentials. Still it won't pull any other information from the database. For instance, once a users login they should see something like, "Hello username"... that kind of thing. At this point I see "Hello" without the username. Any ideas what i might be missing?

    Read the article

  • Windows Phone7 Development: Selecting target SDK(OS) version

    - by JibW
    I am a bit confusing in selecting the target version in Windows phone7 Application development. In my Windows phone7 app I need to use a light weight relational DB Which didn't introduce with version 7.0 but SQL CE with 7.1 version. The problem is if I select the target version as 7.1, then the devices which came up with windows phone7 OS 7.0 will not be able to install this. But I heard that all the devices that came with windows phone7 OS version 7.0 is upgradable for windows OS version 7.1 for free. If this is the case then if I select the development SDK version as 7.1, then will all the windows phone7 devices be able to install this? Like to know which will be the best Target version in this case to select, before I start developing. Any guidance/ Idea is highly appreciated. Thanks...

    Read the article

  • SubSonic isn't generating MySql foreign key tables

    - by keith
    I two tables within a MySql 5.1.34 database. When using SubSonic to generate the DAL, the foreign-key relationship doesn't get scripted, ie; I have no Parent.ChildCollection object. Looking inside the generated DAL Parent class shows the following; //no foreign key tables defined (0) I have tried SubSonic 2.1 and 2.2, and various MySql 5 versions. I must be doing something wrong procedurally - any help would be greatly appreciated. This has always just worked 'out-the-box' when using MS-SQL. TABLE `parent` ( `ParentId` INT(11) NOT NULL AUTO_INCREMENT, `SomeData` VARCHAR(25) DEFAULT NULL, PRIMARY KEY (`ParentId`) ) ENGINE=INNODB DEFAULT CHARSET=latin1; TABLE `child` ( `ChildId` INT(11) NOT NULL AUTO_INCREMENT, `ParentId` INT(11) NOT NULL, `SomeData` VARCHAR(25) DEFAULT NULL, PRIMARY KEY (`ChildId`), KEY `FK_child` (`ParentId`), CONSTRAINT `FK_child` FOREIGN KEY (`ParentId`) REFERENCES `parent` (`ParentId`) ) ENGINE=INNODB DEFAULT CHARSET=latin1;

    Read the article

  • How to sanitize log messages in Log4j to save them in database

    - by Rafael
    Hello, I'm trying to save log messages to a central database. In order to do this, I configured the following Appender in log4j's xml configuration: <appender name="DB" class="org.apache.log4j.jdbc.JDBCAppender"> <param name="URL" value="jdbc:postgresql://localhost/logging_test" /> <param name="user" value="test_user" /> <param name="password" value="test_password" /> <param name="sql" value="INSERT INTO log_messages ( log_level, message, log_date ) VALUES ( '%p', '%m', '%d{yyyy-MM-dd HH:mm:ss}' )" /> </appender> This works fine, except some of the messages contain ', and then the appender fails. Is there an easy way to do this?

    Read the article

  • I need to generate credit card surrogates (tokens) that are format preserving.

    - by jammer59
    For an eCommerce application I need to take a credit card and use the real card for passing through to a payment gateway but I need to store, and return to the transaction initiator, a surrogate that is format preserving. Specifically, this means: 1) The number of digits in the surrogate is the same as the real card number (PAN). 2) The issuer type part of the card -- the initial 1,2 or 4 digits remains the same in the surrogate as in the original PAN. 3) The final 4 digits of the surrogate remain the same (for customer service purposes.) 4) The surrogate passes the Luhn mod10 check for a syntactially valid credit card. I can readily handle requirements 1-3 but #4 has me completely stumped! The final implementation will be either t-sql or c#. Any ideas?

    Read the article

  • Best way to gather, then import data into drupal?

    - by Frank
    I am building my first database driven website with Drupal and I have a few questions. I am currently populating a google docs excel spreadsheet with all of the data I want to eventually be able to query from the website (after it's imported). Is this the best way to start? If this is not the best way to start what would you recommend? My plan is to populate the spreadsheet then import it as a csv into the mysql db via the CCK Node. I've seen two ways to do this. http://drupal.org/node/133705 (importing data into CCK nodes) http://drupal.org/node/237574 (Inserting data using spreadsheet/csv instead of SQL insert statements) Basically my question(s) is what is the best way to gather, then import data into drupal? Thanks in advance for any help, suggestions.

    Read the article

  • Getting the final value to this MySQL query...

    - by Jack W-H
    I've got my database set up with three tables - code, tags, and code_tags for tagging posts. This will be the SQL query processed when a post is submitted. Each tag is sliced up by PHP and individually inserted using these queries. INSERT IGNORE INTO tags (tag) VALUES ('$tags[1]'); SELECT tags.id FROM tags WHERE tag = '$tags[1]' ORDER BY id DESC LIMIT 1; INSERT INTO code_tags (code_id, tag_id) VALUES ($codeid, WHAT_GOES_HERE?) The WHAT_GOES_HERE? value at the end is what I need to know. It needs to be the ID of the tag that the second query fetched. How can I put that ID into the third query? I hope I explained that correctly. I'll rephrase if necessary.

    Read the article

  • MySQL parameter resource error

    - by Derek
    Here is my error: Warning: mysql_query() expects parameter 2 to be resource, null given... This refers to line 23 of my code which is: $result = mysql_query($sql, $connection) My entire query code looks like this: $query = "SELECT * from users WHERE userid='".intval( $_SESSION['SESS_USERID'] )."'"; $result = mysql_query($query, $connection) or die ("Couldn't perform query $query <br />".mysql_error()); $row = mysql_fetch_array($result); I don't have a clue what has happpened here. All I wanted to do was to have the value of the users 'fullname' displayed in the header section of my web page. So I am outputting this code immediately after to try and achieve this: echo 'Hello '; echo $row['fullname']; Before this change, I had it working perfectly, where the session variable of fullname was echoed $_SESSION['SESS_NAME']. However, because my user can update their information (including their name), I wanted the name displayed in the header to be updated accordingly, and not displaying the session value.

    Read the article

  • Mysql replace() function, help with query (what chars do I escape?)

    - by jyoseph
    I am trying to update an old cms where images were stored in /images/editor/, they are now stored in a bucket on amazon s3. I'm trying to update the database using mysql replace. I've done this in the past with replacing simple words, but now Mysql is reporting an error, I suspect because this is more than a simple word: UPDATE contents SET desc = replace(desc, '/images/editor/', 'http://s3.amazonaws.com/my_bucket/editor/') Do I need to escape the : or slashes? I've tried escaping it with a '\' to no avail. Can someone get me pointed in the right direction? Thanks! Edit Here's the error I am getting, nothing too telling error : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'desc = replace(desc, '/images/editor', 'http://s3.amazonaws.com/app_navigator/ed' at line 1

    Read the article

  • How to find date ranges in records with consecutive dates and duplicate data

    - by alan s
    There's probably any easy solution for this, but I can't see it. I have a table with consecutive dates and often duplicate associated data for several of these consecutive dates: Date Col1 Col2 5/13/2010 1 A 5/14/2010 1 A 5/15/2010 2 B 5/16/2010 1 A 5/17/2010 1 A 5/18/2010 3 C 5/19/2010 3 C 5/20/2010 3 C Using MS T-SQL, I wish to find the start and end dates for each run of distinct Col1 and Col2 values: StartDate EndDate Col1 Col2 5/13/2010 5/14/2010 1 A 5/15/2010 5/15/2010 2 B 5/16/2010 5/17/2010 1 A 5/18/2010 5/20/2010 3 C Assumptions: There are never any missing dates. Col1 and Col2 are not null. Any ideas - preferably that don't use cursors? Many thanks, -alan

    Read the article

  • MySQL Conventions?

    - by Moe
    Hi There, I just moved my website to a new server (Shared to VPS) I expected errors, and the only error that is really puzzling me is this SQL statement. echo mysql_query("SELECT COUNT(*) FROM users_online_now") This returns nothing! And if I try the mysql_num_rows, it returns mysql_num_rows(): supplied argument is not a valid MySQL result resource.. If I query another table though eg: echo mysql_query("SELECT COUNT(*) FROM users") It works fine. I'm guessing it's something to do with the naming of the table? It worked fine on my previous host, is there some setting I should modify?

    Read the article

  • Difference in select for update of ... in Oracle Database 10g and 11g

    - by sax
    Hi, I found out that Oracle Database 10g and 11g treat the following PL/SQL block differently (I am using scott schema for convenience): DECLARE v_ename bonus.ename%TYPE; BEGIN SELECT b.ename INTO v_ename FROM bonus b JOIN emp e ON b.ename = e.ename JOIN dept d ON d.deptno = e.deptno WHERE b.ename = 'Scott' FOR UPDATE OF b.ename; END; / While in 10g (10.2) this code ends successfully (well NO_DATA_FOUND exception is raised but that is expected), in 11g (11.2) it raises exception "column ambiguously defined". And that is definitely not expected. It seems like it does not take into account table alias because I found out that when I change the column in FOR UPDATE OF e.empno (also does not work) to e.mgr (which is unique) it starts working. So is this some error in 11g? Any thoughts?

    Read the article

  • Filter rows from Cursor so they don't show up in ListView

    - by Richard
    I have a Cursor that returns rows I use with a SimpleCursorAdapter to populate a ListView. I would like to filter some of the rows so they don't get displayed in my ListView. I use the data from the rows elsewhere in my Activity so I don't want to change my SQL to filter them with a WHERE clause. What is the best way to keep a row from being displaying in my ListView? Ideally I would check a column in my row and then only add rows to the ListView that satisfy a condition.

    Read the article

  • Run Oracle Procedure just to lock row, without returning a resultset

    - by Pascal
    I want to run a procedure to force a row lock on a row, but I don't want to return a result set to the client, nor do I actually want to update anything. Below is the proc: CREATE OR REPLACE PROCEDURE SP_LOCK_Row (IDRow IN INTEGER) IS BEGIN SELECT * FROM TBLTable WHERE IDRow = IDRow FOR UPDATE; END; The problem is that I keep getting the error: PLS-00428: an INTO clause is expected in this SELECT statement. Is there a way for me to lock the row without actually having to return a result set back to the client? The SQL Server equivalent is: CREATE PROCEDURE dbo.SP_LOCK_Row( @IDRow INT) AS SELECT * FROM dbo.TBLTable WITH (UPDLOCK, ROWLOCK) WHERE IDRow = @IDRow Tks

    Read the article

  • ASP Classic Named Parameter in Paramaterized Query: Must declare the scalar variable

    - by My Alter Ego
    I'm trying to write a parameterized query in ASP Classic, and it's starting to feel like i'm beating my head against a wall. I'm getting the following error: Must declare the scalar variable "@something". I would swear that is what the hello line does, but maybe i'm missing something... <% OPTION EXPLICIT %> <!-- #include file="../common/adovbs.inc" --> <% Response.Buffer=false dim conn,connectionString,cmd,sql,rs,parm connectionString = "Provider=SQLOLEDB.1;Integrated Security=SSPI;Data Source=.\sqlexpress;Initial Catalog=stuff" set conn = server.CreateObject("adodb.connection") conn.Open(connectionString) set cmd = server.CreateObject("adodb.command") set cmd.ActiveConnection = conn cmd.CommandType = adCmdText cmd.CommandText = "select @something" cmd.NamedParameters = true cmd.Prepared = true set parm = cmd.CreateParameter("@something",advarchar,adParamInput,255,"Hello") call cmd.Parameters.append(parm) set rs = cmd.Execute if not rs.eof then Response.Write rs(0) end if %>

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 993 994 995 996 997 998 999 1000 1001 1002 1003 1004  | Next Page >