Search Results

Search found 36788 results on 1472 pages for 'sql 2008'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 248/1472 | < Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >

  • SQL Injection on INSERT

    - by freddy
    Hi, I'm currently testing Vulnerabiltys to SQL Injections for my companys application as an it-trainee. So I found, that the application is indeed vulnerable to injections because I can alter some of the insert statements. So I altered the insert Statement to this: INSERT INTO tablename( column, column1, column2, column3, column4,column5, column6, column7, column8 ) VALUES ( 10965972, 185796154, 25, 23,2023, '', CURRENT_DATE, 'v0201100', 18); DELETE * FROM tablename;-- , 2023,'a', CURRENT_DATE, 'v0201100', 18 ) I thought this should be a correct statement, but the MySQL Server returned this Error: MySQL Error: 1064 (You have an error in your SQL syntax;[...] Would be nice if somebody could help and tell my why the syntax is wrong... Thanks for your help :-)

    Read the article

  • connecting c# to sql-server

    - by every_answer_gets_a_point
    i am using this example to connect c# to sql server. can you please tell me what i have to include in order to be able to use sqlconnection? it must be something like: using Sqlconnection; ??? string connectionString = @"Data Source=.\SQLEXPRESS;AttachDbFilename=""C:\SQL Server 2000 Sample Databases\NORTHWND.MDF"";Integrated Security=True;Connect Timeout=30;User Instance=True"; SqlConnection sqlCon = new SqlConnection(connectionString); sqlCon.Open(); string commandString = "SELECT * FROM Customers"; SqlCommand sqlCmd = new SqlCommand(commandString, sqlCon); SqlDataReader dataReader = sqlCmd.ExecuteReader(); while (dataReader.Read()) { Console.WriteLine(String.Format("{0} {1}", dataReader["CompanyName"], dataReader["ContactName"])); } dataReader.Close(); sqlCon.Close();

    Read the article

  • How to migrate large amounts of data from old database to new

    - by adam0101
    I need to move a huge amount of data from a couple tables in an old database to a couple different tables in a new database. The databases are SQL Server 2005 and are on the same box and sql server instance. I was told that if I try to do it all in one shot that the transaction log would fill up. Is there a way to disable the transaction log per table? If not, what is a good method for doing this? Would a cursor do it? This is just a one-time conversion.

    Read the article

  • A column insert or update conflicts with a rule imposed by a previous CREATE RULE statement.

    - by Ronnie Chester Lynwood
    hello. im working on a online game. i got some problems with inserting new data to table. im getting 2010-4-8 2:14, *** 37000, 513, [Microsoft][ODBC SQL Server Driver][SQL Server]A column insert or update conflicts with a rule imposed by a previous CREATE RULE statement. The statement was terminated. The conflict occurred in database 'KN_online', table 'ACCOUNT_CHAR', column 'strAccountID'., 261 NationSelect*** this error in logs. what does this means? how can i fix this? i've tried to delete RULE for my DB but I'm unable to delete RULE. im getting the rule 'dbo.unallowedchars' cannot be dropped because it is bounded to one or more clumn. I set all permissions right but its still not working.. thanks..

    Read the article

  • Dynamic table design (common lookup table), need a nice query to get the values

    - by Swoosh
    sql2005 This is my simplified example: (in reality there are 40+ tables in here, I only showed 2) I got a table called tb_modules, with 3 columns (id, description, tablename as varchar): 1, UserType, tb_usertype 2, Religion, tb_religion (Last column is actually the name of a different table) I got an other table that looks like this: tb_value (columns:id, tb_modules_ID, usertype_OR_religion_ID) values: 1111, 1, 45 1112, 1, 55 1113, 2, 123 1114, 2, 234 so, I mean 45, 55, 123, 234 are usertype OR religion ID's (45, 55 usertype, 123, 234 religion ID`s) Don't judge, I didn't design the database Question How can I make a select, showing * from tb_value, plus one column That one column would be TITLE from the tb_usertype or RELIGIONNAME from the tb_religion table I would like to make a general thing. Was thinking initially about maybe a SQL function that returns a string, but I think I would need dynamic SQL, which is not ok in a function. Anyone a better idea ?

    Read the article

  • SQL 2005 w/ C# optimal "Paging"

    - by David Murdoch
    When creating a record "grid" with custom paging what is the best/optimal way to query the total number of records as well as the records start-end using C#? SQL to return paged record set: SELECT Some, Columns, Here FROM ( SELECT ROW_NUMBER() OVER (ORDER BY Column ASC) AS RowId, * FROM Records WHERE (...) ) AS tbl WHERE ((RowId > @Offset) AND (RowId <= (@Offset + @PageSize)) ) SQL to count total number of records: SELECT COUNT(*) FROM Records WHERE (...) Right now, I make two trips to the server: one for getting the records, and the other for counting the total number of records. What is/are the best way(s) to combine these queries to avoid multiple DB trips?

    Read the article

  • Why won't this SQL CAST work?

    - by Kev
    I have a nvarchar(50) column in a SQL Server 2000 table defined as follows: TaskID nvarchar(50) NULL I need to fill this column with some random SQL Unique Identifiers (I am unable to change the column type to uniqueidentifier). I tried this: UPDATE TaskData SET TaskID = CAST(NEWID() AS nvarchar) but I got the following error: Msg 8115, Level 16, State 2, Line 1 Arithmetic overflow error converting expression to data type nvarchar. I also tried: UPDATE TaskData SET TaskID = CAST(NEWID() AS nvarchar(50)) but then got this error: Msg 8152, Level 16, State 6, Line 1 String or binary data would be truncated. I don't understand why this doesn't work but this does: DECLARE @TaskID nvarchar(50) SET @TaskID = CAST(NEW() AS nvarchar(50)) I also tried CONVERT(nvarchar, NEWID()) and CONVERT(nvarchar(50), NEWID()) but got the same errors.

    Read the article

  • "Cleanly" Deploying an ASP.NET Application with LINQ to SQL Server

    - by Bob Kaufman
    In my development environment, my SQL Server is PHILIP\SQLEXPRESS. In testing, it's ANNIE, and the live environment will have a third name yet to be determined. I would have assumed that updating the following statement in web.config would have been enough: <add name="MyConnectionString"providerName="System.Data.SqlClient" connectionString="Data Source=PHILIP\SQLEXPRESS;Initial Catalog=MyDtabase;Integrated Security=True" /> When using SqlConnection, SqlCommand, SqlDataReader and friends, that's all it took. Using LINQ, it doesn't seem to work that nicely. I see the servername repeated in my .dbml file as well as in Settings.settings. After changing it in all of those places, I get it to work. However if I'm doing a few deployments per day during testing, I want to avoid this regimen. My question is: is there a programmatic solution for LINQ to SQL that will allow me to specify the connection string once, preferably in web.config, and get everybody else to refer to it?

    Read the article

  • Why does SQL Server keep throwing exceptions?

    - by Augusto Càzares
    I have my project in .NET that uses a database in SQL Server. I'm using Linq-to-SQL, sometimes when the project throws me an exception (Constraint) in a part of the project this same error keeps showing in other part of the project when I do another thing with the database. Like when I do an insertion and I had before an exception on delete the insertion throws me the delete exception, and it remains this way until I close and open again the project. My major problem is when this happen in my online project, this error in my project causes me problems in the project I'm testing online (I use the same database). I don't know if this exception is on the memory or something but its have been causing me a lot of headaches.

    Read the article

  • How can I load a sql "dump" file into sql alchemy

    - by JudoWill
    I have a large sql dump file ... with multiple CREATE TABLE and INSERT INTO statements. Is there any way to load these all into a SQLAlchemy sqlite database at once. I plan to use the introspected ORM from sqlsoup after I've created the tables. However, when I use the engine.execute() method it complains: sqlite3.Warning: You can only execute one statement at a time. Is there a way to work around this issue. Perhaps splitting the file with a regexp or some kind of parser, but I don't know enough SQL to get all of the cases for the regexp. Any help would be greatly appreciated. Will EDIT: Since this seems important ... The dump file was created with a MySQL database and so it has quite a few commands/syntax that sqlite3 does not understand correctly.

    Read the article

  • Export products and variants from SQL Server

    - by mickyjtwin
    I have a SQL Server DB that has a table of products, and another table which contains a list of the sku variants of each product if it has one. I want to export all the products and their SKU's into excel. At the moment, I have a helper SQL function which performs the subquery against a product_id and concatenates all the SKU's into a comma-delimited string, e.g: Product Code, Name, SKUs 111 P1 77, 22, 11 Is there an easier way to do this, so that each SKU is a row which the associated product code as well, i.e: Product Code, Name, SKUs 111 P1 77 111 P1 22 111 P1 11

    Read the article

  • Raw SQL sent to SQL Server from .NET on stored procedure call

    - by Jeff Meatball Yang
    Is there a way to get the raw text that is sent to SQL Server, as seen in SQL Profiler, from the ADO.NET call? using(SqlConnection conn = new SqlConnection(connString)) { SqlCommand cmd = conn.CreateCommand(); cmd.CommandType = CommandType.StoredProcedure; cmd.CommandText = "GetSomeData"; cmd.Parameters.Add("@id").Value = someId; cmd.Parameters.Add("@someOtherParam").Value = "hello"; conn.Open(); SqlDataReader dr = cmd.ExecuteReader(); // this sends up the call: exec GetSomeData @id=24, @someOtherParam='hello' // how can I capture that and write it to debug? Debug.Write("exec GetSomeData @id=24, @someOtherParam='hello'"); }

    Read the article

  • Why prefix sql function names?

    - by AaronLS
    What is a scenario that exemplifies a good reason to use prefixes, such as fn_GetName, on function names in SQL Server? It would seem that it would be unnecessary since usually the context of its usage would make it clear that it's a function. I have not used any other language that has ever needed prefixes on functions, and I can't think of a good scenario that would show why SQL is any different. My only thinking is that perhaps in older IDE's it was useful for grouping functions together when the database objects were all listed together, but modern IDE's already make it clear what is a function.

    Read the article

  • hash password in SQL Server (asp.net)

    - by ile
    Is this how hashed password stored in SQL Server should look like? This is function I use to hash password (I found it in some tutorial) public string EncryptPassword(string password) { //we use codepage 1252 because that is what sql server uses byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password); byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes); return Encoding.GetEncoding(1252).GetString(hashBytes); } EDIT I tried to use sha-1 and now strings seem to look like as they are suppose to: public string EncryptPassword(string password) { return FormsAuthentication.HashPasswordForStoringInConfigFile(password, "sha1"); } // example output: 39A43BDB7827112409EFED3473F804E9E01DB4A8 Result from the image above looks like broken string, but this sha-1 looks normal.... Will this be secure enough?

    Read the article

  • Trigger an action to increment all rows of an int column which are greater than or equal to the inserted row

    - by Dev
    I am performing some insertion to an SQL table with has three columns and several rows of data The three columns are Id,Product,ProductOrder with the following data Id Product ProductOrder 1 Dell 1 2 HP 3 3 lenovo 2 4 Apple 10 Now, I would like a trigger which fires an action and increments all the ProductOrders by 1which are greater than or equal to the inserted ProductOrder. For example, I am inserting a record with Id=5 Product=Sony, ProductOrder=2 Then it should look for all the products with ProductOrder greater than or equal to 2 and increment them by 1. So, the resultant data in the SQL table should be as follows Id Product ProductOrder 1 Dell 1 2 HP 4 3 lenovo 3 4 Apple 11 5 Sony 2 From above we can see that ProductOrder which are equal or greater than the inserted are incremented by 1 like HP,Lenovo,Apple May I know a way to implement this?

    Read the article

  • SQL Native Client 10 Performance miserable (due to server-side cursors)

    - by namezero
    we have an application that uses ODBC via CDatabase/CRecordset in MFC (VS2010). We have two backends implemented. MSSQL and MySQL. Now, when we use MSSQL (with the Native Client 10.0), retrieving records with SELECT is dramatically slow via slow links (VPN, for example). The MySQL ODBC driver does not exhibit this nasty behavior. For example: CRecordset r(&m_db); r.Open(CRecordset::snapshot, L"SELECT a.something, b.sthelse FROM TableA AS a LEFT JOIN TableB AS b ON a.ID=b.Ref"); r.MoveFirst(); while(!r.IsEOF()) { // Retrieve CString strData; crs.GetFieldValue(L"a.something", strData); crs.MoveNext(); } Now, with the MySQL driver, everything runs as it should. The query is returned, and everything is lightning fast. However, with the MSSQL Native Client, things slow down, because on every MoveNext(), the driver communicates with the server. I think it is due to server-side cursors, but I didn't find a way to disable them. I have tried using: ::SQLSetConnectAttr(m_db.m_hdbc, SQL_ATTR_ODBC_CURSORS, SQL_CUR_USE_ODBC, SQL_IS_INTEGER); But this didn't help either. There are still long-running exec's to sp_cursorfetch() et al in SQL Profiler. I have also tried a small reference project with SQLAPI and bulk fetch, but that hangs in FetchNext() for a long time, too (even if there is only one record in the resultset). This however only happens on queries with LEFT JOINS, table-valued functions, etc. Note that the query doesn't take that long - executing the same SQL via SQL Studio over the same connection returns in a reasonable time. Question1: Is is possible to somehow get the native client to "cache" all results locally use local cursors in a similar fashion as the MySQL driver seems to do it? Maybe this is the wrong approach altogether, but I'm not sure how else to do this. All we want is to retrieve all data at once from a SELECT, then never talk the server again until the next query. We don't care about recordset updates, deletes, etc or any of that nonsense. We only want to retrieve data. We take that recordset, get all the data, and delete it. Question2: Is there a more efficient way to just retrieve data in MFC with ODBC?

    Read the article

  • Using current database name in T-SQL has Using statement

    - by AmRoSH
    Hello everybody. I have application runs T-SQL statements to update more than one database the problem is i'm using the following t-sql USE [msdb] GO DECLARE @jobId BINARY(16) EXEC msdb.dbo.sp_add_job @job_name=N'test2', @enabled=1, @start_step_id=1, @notify_level_eventlog=0, @notify_level_email=2, @notify_level_netsend=2, @notify_level_page=2, @delete_level=0, @description=N'', @category_name=N'[Uncategorized (Local)]', @owner_login_name=N'sa', @notify_email_operator_name=N'', @notify_netsend_operator_name=N'', @notify_page_operator_name=N'', @job_id = @jobId OUTPUT select @jobId GO EXEC msdb.dbo.sp_add_jobserver @job_name=N'test2', @server_name = N'AMR-PC\SQL2008' GO USE [msdb] GO EXEC msdb.dbo.sp_add_jobstep @job_name=N'test2', @step_name=N'test', @step_id=1, @cmdexec_success_code=0, @on_success_action=1, @on_fail_action=2, @retry_attempts=0, @retry_interval=0, @os_run_priority=0, @subsystem=N'TSQL', @command=N'EXEC sp_MSforeachdb '' EXEC sp_MSforeachtable @command1=''''DBCC DBREINDEX (''''''''*'''''''')'''', @replacechar=''''*''''''', @database_name=N'Client5281', @output_file_name=N'C:\Documents and Settings\Amr\Desktop\Scheduel Reports\report', @flags=2 GO USE [msdb] GO DECLARE @schedule_id int EXEC msdb.dbo.sp_add_jobschedule @job_name=N'test2', @name=N'test', @enabled=1, @freq_type=8, @freq_interval=1, @freq_subday_type=1, @freq_subday_interval=0, @freq_relative_interval=0, @freq_recurrence_factor=1, @active_start_date=20100517, @active_end_date=99991231, @active_start_time=0, @active_end_time=235959, @schedule_id = @schedule_id OUTPUT select @schedule_id GO and i'm using (USE [msdb]) before any block and i want to get database name to replace this @database_name=N'**Client5281**', with the current database name instead of ([msdb]) that i'm using. i hope that i explained what i want well.

    Read the article

  • Paging in SQL Server problems

    - by Manh Trinh
    I have searched for paging in SQL Server. I found most of the solution look like that What is the best way to paginate results in SQL Server But it don't meet my expectation. Here is my situation: I work on JasperReport, for that: to export the report I just need pass the any Select query into the template, it will auto generated out the report EX : I have a select query like this: Select * from table A I don't know any column names in table A. So I can't use Select ROW_NUMBER() Over (Order By columsName) And I also don't want it order by any columns. Anyone can help me do it? PS: In Oracle , it have rownum very helpful in this case. Select * from tableA where rownum > 100 and rownum <200 Paging with Oracle

    Read the article

  • Parse Domain from a given URL in T-SQL

    - by Adam N
    I fount this answer, but wanted to expand on the question and couldn't find any solutions here on stack or through searching google. Substring domainname from URL SQL Basically the link above solves my problem with a simple URL like parsing "www.google.com" with the result of google. What I am looking for to expand on that is the solution from the link above doesn't help with url's like 'www.maps.google.com' that just returns maps. WHat I would like is to have it return 'google' from the url 'www.maps.google.com' or return 'example' from 'www.test.example.com'. If anyone has a solution to this, I would greatly appreciate it. Update: To be more specific I will also need parsing on second level domains etc. 'www.maps.google.com.au' to return 'google' Here is my Sql function. CREATE FUNCTION [dbo].[parseURL] (@strURL varchar(1000)) RETURNS varchar(1000) AS BEGIN IF CHARINDEX('.', REPLACE(@strURL, 'www.','')) > 0 SELECT @strURL = LEFT(REPLACE(@strURL, 'www.',''), CHARINDEX('.',REPLACE(@strURL, 'www.',''))-1) Else SELECT @strURL = REPLACE(@strURL, 'www.','') RETURN @strURL END

    Read the article

  • SQL: Join Parent - Child tables

    - by pray4Mojo
    I'm building a simple review website application and need some help with SQL Query. There are 3 tables (Topics, Comments, Users). I need a SQL query to select the data from all 3 tables. The 'Topics' table is the parent and the 'Comments' table contains the child records (anywhere from zero to 100 records per parent. The third table 'Users' contains the user information for all users. Here are the fields for the 3 tables: Topics (topicID, strTopic, userID) Comments (commentID, topicID, strComment, userID) Users (userID, userName) I tried: SELECT * FROM Topics Inner Join Comments ON Topics.topicID = Comments.topicID Inner Join Users ON Topics.userID = Users.userID But this does not work correctly because there are multiple topics and the User info is not joined to the Comments table. Any help would be appreciated.

    Read the article

  • SQL Server 2005 Weird varchar Behavior

    - by Tom Tresansky
    This SQL Server 2005 T-SQL code: DECLARE @Test1 varchar; SET @Test1 = 'dog'; DECLARE @Test2 varchar(10); SET @Test2 = 'cat'; SELECT @Test1 AS Result1, @Test2 AS Result2; produces: Result1 = d Result2 = cat I would expect either The assignment SET @Test1 = 'dog'; to fail because there isn't enough room in @Test1 Or the SELECT to return 'dog' in the Result1 column. What is up with @Test1? Could someone please explain this behavior?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 244 245 246 247 248 249 250 251 252 253 254 255  | Next Page >