Search Results

Search found 17627 results on 706 pages for 'hierarchical query'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 323/706 | < Previous Page | 319 320 321 322 323 324 325 326 327 328 329 330  | Next Page >

  • How do I associate Parameters to Command objects in ADO with VBScript?

    - by Krashman5k
    I have been working an ADO VBScript that needs to accept parameters and incorporate those parameters in the Query string that gets passed the the database. I keep getting errors when the Record Set Object attempts to open. If I pass a query without parameters, the recordset opens and I can work with the data. When I run the script through a debugger, the command object does not show a value for the parameter object. It seems to me that I am missing something that associates the Command object and Parameter object, but I do not know what. Here is a bit of the VBScript Code: ... 'Open Text file to collect SQL query string' Set fso = CreateObject("Scripting.FileSystemObject") fileName = "C:\SQLFUN\Limits_ADO.sql" Set tso = fso.OpenTextFile(fileName, FORREADING) SQL = tso.ReadAll 'Create ADO instance' connString = "DRIVER={SQL Server};SERVER=myserver;UID=MyName;PWD=notapassword; Database=favoriteDB" Set connection = CreateObject("ADODB.Connection") Set cmd = CreateObject("ADODB.Command") connection.Open connString cmd.ActiveConnection = connection cmd.CommandText = SQL cmd.CommandType = adCmdText Set paramTotals = cmd.CreateParameter With paramTotals .value = "tot%" .Name = "Param1" End With 'The error occurs on the next line' Set recordset = cmd.Execute If recordset.EOF then WScript.Echo "No Data Returned" Else Do Until recordset.EOF WScript.Echo recordset.Fields.Item(0) ' & vbTab & recordset.Fields.Item(1) recordset.MoveNext Loop End If The SQL string that I use is fairly standard except I want to pass a parameter to it. It is something like this: SELECT column1 FROM table1 WHERE column1 IS LIKE ? I understand that ADO should replace the "?" with the parameter value I assign in the script. The problem I am seeing is that the Parameter object shows the correct value, but the command object's parameter field is null according to my debugger.

    Read the article

  • How do I use Perl's WWW::Facebook::API to publish to a user's newsfeed?

    - by Russell C.
    We use Facebook Connect on our site in conjunction with the WWW::Facebook::API CPAN module to publish to our users newsfeed when requested by the user. So far we've been able to successfully update the user's status using the following code: use WWW::Facebook::API; my $facebook = WWW::Facebook::API->new( desktop => 0, api_key => $fb_api_key, secret => $fb_secret, session_key => $query->cookie($fb_api_key.'_session_key'), session_expires => $query->cookie($fb_api_key.'_expires'), session_uid => $query->cookie($fb_api_key.'_user') ); my $response = $facebook->stream->publish( message => qq|Test status message|, ); However, when we try to update the code above so we can publish newsfeed stories that include attachments and action links as specified in the Facebook API documentation for Stream.Publish, we have tried about 100 different ways without any success. According to the CPAN documentation all we should have to do is update our code to something like the following and pass the attachments & action links appropriately which doesn't seem to work: my $response = $facebook->stream->publish( message => qq|Test status message|, attachment => $json, action_links => [@links], ); For example, we are passing the above arguments as follows: $json = qq|{ 'name': 'i\'m bursting with joy', 'href': ' http://bit.ly/187gO1', 'caption': '{*actor*} rated the lolcat 5 stars', 'description': 'a funny looking cat', 'properties': { 'category': { 'text': 'humor', 'href': 'http://bit.ly/KYbaN'}, 'ratings': '5 stars' }, 'media': [{ 'type': 'image', 'src': 'http://icanhascheezburger.files.wordpress.com/2009/03/funny-pictures-your-cat-is-bursting-with-joy1.jpg', 'href': 'http://bit.ly/187gO1'}] }|; @links = ["{'text':'Link 1', 'href':'http://www.link1.com'}","{'text':'Link 2', 'href':'http://www.link2.com'}"]; The above, nor any of the other representations we tried seem to work. I'm hoping some other perl developer out there has this working and can explain how to create the attachment and action_links variables appropriately in Perl for posting to the Facebook news feed through WWW::Facebook::API. Thanks in advance for your help!

    Read the article

  • Does NHibernate LINQ support ToLower() in Where() clauses?

    - by Daniel T.
    I have an entity and its mapping: public class Test { public virtual int Id { get; set; } public virtual string Name { get; set; } public virtual string Description { get; set; } } public class TestMap : EntityMap<Test> { public TestMap() { Id(x => x.Id); Map(x => x.Name); Map(x => x.Description); } } I'm trying to run a query on it (to grab it out of the database): var keyword = "test" // this is coming in from the user keyword = keyword.ToLower(); // convert it to all lower-case var results = session.Linq<Test> .Where(x => x.Name.ToLower().Contains(keyword)); results.Count(); // execute the query However, whenever I run this query, I get the following exception: Index was out of range. Must be non-negative and less than the size of the collection. Parameter name: index Am I right when I say that, currently, Linq to NHibernate does not support ToLower()? And if so, is there an alternative that allows me to search for a string in the middle of another string that Linq to NHibernate is compatible with? For example, if the user searches for kap, I need it to match Kapiolani, Makapuu, and Lapkap.

    Read the article

  • Are AJAX sites crawlable by search engines?

    - by frankadelic
    I had always assumed that AJAX-driven content was invisible to search engines. (i.e. content inserted into the DOM via XMLHTTPRequest) For example, in this site, the main content is loaded via AJAX request by the browser: http://www.trustedsource.org/query/terra.cl ...if you view this page with Javascript disabled, the main content area is blank. However, Google cache shows the full content after the AJAX load: http://74.125.155.132/search?q=cache:JqcT6EVDHBoJ:www.trustedsource.org/query/terra.cl+http://www.trustedsource.org/query/terra.cl&cd=1&hl=en&ct=clnk&gl=us So, apparently search engines do index content loaded by AJAX. Questions: Is this a new feature in search engines? Most postings on the web indicate that you have to publish duplicate static HTML content for search engines to find them. Are there any tricks to get an AJAX-driven content to be crawled by search engines (besides creating duplicate static HTML content). Will the AJAX-driven content be indexed if it is loaded from a separate subdomain? How about a separate domain?

    Read the article

  • LINQ to SQL and DataPager

    - by Jonathan S.
    I'm using LINQ to SQL to search a fairly large database and am unsure of the best approach to perform paging with a DataPager. I am aware of the Skip() and Take() methods and have those working properly. However, I'm unable to use the count of the results for the datapager, as they will always be the page size as determined in the Take() method. For example: var result = (from c in db.Customers where c.FirstName == "JimBob" select c).Skip(0).Take(10); This query will always return 10 or fewer results, even if there are 1000 JimBobs. As a result, the DataPager will always think there's a single page, and users aren't able to navigate across the entire result set. I've seen one online article where the author just wrote another query to get the total count and called that. Something like: int resultCount = (from c in db.Customers where c.FirstName == "JimBob" select c).Count(); and used that value for the DataPager. But I'd really rather not have to copy and paste every query into a separate call where I want to page the results for obvious reasons. Is there an easier way to do this that can be reused across multiple queries? Thanks.

    Read the article

  • mysql prevent displaying a row ONE which has reference in another row TWO but no reference in row THREE

    - by Jayapal Chandran
    I have a table like the following id | name | pid 1 | sam | NULL 2 | sams ref | 1 3 | pam | NULL For the first time the first row gets inserted which will have pid as null I insert a row which is related to the first row and then i insert a row which is new and which may be referred by another row in future. now i want only the third row to be displayed and not the first and second row as the second row contains the reference of first row. so if any row has a reference to another row then both the rows should not be displayed. Only rows which is not having any reference should be displayed. BESIDES, IS IT A GOOD PRACTICE? PLEASE ADVICE ON THIS. Edited When i updated in server the query is always giving empty result. here is what i have and this one When pid is NULL then that row should appear but when another entry in the same table with pid as its parent id or any other rows id appears then both the rows should not appear. so if any pid has been referred then both the rows should not appear. here only one row will refer another row and not more than that. in my localhost i have mysql version 5.0.1 or something like that but when i installed xampp in another system it had 5.5 and in the live server it was 5.3 so in version around 5.0 the query is returning rows but in higher versions it is returning empty rows. so now i this case how to make a query?

    Read the article

  • Multhreading in Java

    - by Vijay Selvaraj
    I'm working with core java and IBM Websphere MQ 6.0. We have a standalone module say DBcomponent that hits the database and fetches a resultset based on the runtime query. The query is passed to the application via MQ messaging medium. We have a trigger configured for the queue which invokes the DBComponent whenever a message is available in the queue. The DBComponent consumes the message, constructs the query and returns the resultset to another queue. In this overall process we use log4j to log statements on a log file for auditing. The connection is pooled to the database using Apache pool. I am trying to check whether the log messages are logged correctly using a sample program. The program places the input message to the queue and checks for the logs in the log file. Its expected for the trigger method invocation to complete before i try to check for the message in log file, but every time my program to check for log message gets executed first leading my check to failure. Even if i introduce a Thread.sleep(time) doesn't solves the case. How can i make it to keep my method execution waiting until the trigger operation completes? Any suggestion will be helpful.

    Read the article

  • SQL Server: Output an XML field as tabular data using a stored procedure

    - by Pawan
    I am using a table with an XML data field to store the audit trails of all other tables in the database. That means the same XML field has various XML information. For example my table has two records with XML data like this: 1st record: <client> <name>xyz</name> <ssn>432-54-4231</ssn> </client> 2nd record: <emp> <name>abc</name> <sal>5000</sal> </emp> These are the two sample formats and just two records. The table actually has many more XML formats in the same field and many records in each format. Now my problem is that upon query I need these XML formats to be converted into tabular result sets. What are the options for me? It would be a regular task to query this table and generate reports from it. I want to create a stored procedure to which I can pass that I need to query "<emp>" or "<client>", then my stored procedure should return tabular data.

    Read the article

  • Escaping single quote in PHP when inserting into MySQL

    - by hairdresser-101
    PLEASE NOTE: I am reposting as the original was not answered correctly... I AM LOOKING FOR THE WHY - NOT THE SOLUTION - I KNOW THE SOLUTION, WHAT I DON'T UNDERSTAND IS THE WHY! I have a perplexing issue that I can't seem to comprehend... I'm hoping someone here might be able to point me in the right direction... I have two SQL statements: - the first enters information from a form into the database. - the second takes data from the database entered above, sends an email and then logs the details of the transaction The problem is that it a appears that a single quote is triggering a MySQL error on the second entry only!!! The first instance works without issue but the second instance triggers the mysql_error(). Does the data from a form get handled differently from the data captured in a form? Query#1 - This works without issue (and without escaping the single quote) $result = mysql_query("INSERT INTO job_log (order_id, supplier_id, category_id, service_id, qty_ordered, customer_id, user_id, salesperson_ref, booking_ref, booking_name, address, suburb, postcode, state_id, region_id, email, phone, phone2, mobile, delivery_date, stock_taken, special_instructions, cost_price, cost_price_gst, sell_price, sell_price_gst, ext_sell_price, retail_customer, created, modified, log_status_id) VALUES ('$order_id', '$supplier_id', '$category_id', '{$value['id']}', '{$value['qty']}', '$customer_id', '$user_id', '$salesperson_ref', '$booking_ref', '$booking_name', '$address', '$suburb', '$postcode', '$state_id', '$region_id', '$email', '$phone', '$phone2', '$mobile', STR_TO_DATE('$delivery_date', '%d/%m/%Y'), '$stock_taken', '$special_instructions', '$cost_price', '$cost_price_gst', '$sell_price', '$sell_price_gst', '$ext_sell_price', '$retail_customer', '".date('Y-m-d H:i:s', time())."', '".date('Y-m-d H:i:s', time())."', '1')"); Query#2 - This fails when entering a name with a single quote (i.e. O'Brien) $query = mysql_query("INSERT INTO message_log (order_id, timestamp, message_type, email_from, supplier_id, primary_contact, secondary_contact, subject, message_content, status) VALUES ('$order_id', '".date('Y-m-d H:i:s', time())."', '$email', '$from', '$row->supplier_id', '$row->primary_email' ,'$row->secondary_email', '$subject', '$message_content', '1')");

    Read the article

  • Escaping single quote in PHP when inserting into MySQL

    - by hairdresser-101
    I have a perplexing issue that I can't seem to comprehend... I'm hoping someone here might be able to point me in the right direction... I have two SQL statements: - the first enters information from a form into the database. - the second takes data from the database entered above, sends an email and then logs the details of the transaction The problem is that it a appears that a single quote is triggering a MySQL error on the second entry only!!! The first instance works without issue but the second instance triggers the mysql_error(). Does the data from a form get handled differently from the data captured in a form? Query#1 - This works without issue (and without escaping the single quote) $result = mysql_query("INSERT INTO job_log (order_id, supplier_id, category_id, service_id, qty_ordered, customer_id, user_id, salesperson_ref, booking_ref, booking_name, address, suburb, postcode, state_id, region_id, email, phone, phone2, mobile, delivery_date, stock_taken, special_instructions, cost_price, cost_price_gst, sell_price, sell_price_gst, ext_sell_price, retail_customer, created, modified, log_status_id) VALUES ('$order_id', '$supplier_id', '$category_id', '{$value['id']}', '{$value['qty']}', '$customer_id', '$user_id', '$salesperson_ref', '$booking_ref', '$booking_name', '$address', '$suburb', '$postcode', '$state_id', '$region_id', '$email', '$phone', '$phone2', '$mobile', STR_TO_DATE('$delivery_date', '%d/%m/%Y'), '$stock_taken', '$special_instructions', '$cost_price', '$cost_price_gst', '$sell_price', '$sell_price_gst', '$ext_sell_price', '$retail_customer', '".date('Y-m-d H:i:s', time())."', '".date('Y-m-d H:i:s', time())."', '1')"); Query#2 - This fails when entering a name with a single quote (i.e. O'Brien) $query = mysql_query("INSERT INTO message_log (order_id, timestamp, message_type, email_from, supplier_id, primary_contact, secondary_contact, subject, message_content, status) VALUES ('$order_id', '".date('Y-m-d H:i:s', time())."', '$email', '$from', '$row->supplier_id', '$row->primary_email' ,'$row->secondary_email', '$subject', '$message_content', '1')");

    Read the article

  • Asp.Net Random Error

    - by John Boker
    At random times, twice in the past two weeks, the we application will start to error and not work until I recycle the app pool in IIS. The specific error and stacktrace are: System.Web.HttpUnhandledException: Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.InvalidCastException: Unable to cast object of type 'System.Guid' to type 'System.String'. at System.Data.Linq.SqlClient.SqlProvider.Execute(Expression query, QueryInfo queryInfo, IObjectReaderFactory factory, Object[] parentArgs, Object[] userArgs, ICompiledSubQuery[] subQueries, Object lastResult) at System.Data.Linq.SqlClient.SqlProvider.ExecuteAll(Expression query, QueryInfo[] queryInfos, IObjectReaderFactory factory, Object[] userArguments, ICompiledSubQuery[] subQueries) at System.Data.Linq.SqlClient.SqlProvider.System.Data.Linq.Provider.IProvider.Execute(Expression query) at System.Data.Linq.DataQuery`1.System.Linq.IQueryProvider.Execute[S](Expression expression) at System.Linq.Queryable.FirstOrDefault[TSource](IQueryable`1 source) at DigitalScout.WEDS.Business.Slug.GetTeamPath(String teamID) at DigitalScout.WEDS.WebApp.Code.Navigator.TeamNavigator.Home(String teamID) at ASP.management_default_aspx.__DataBind__control7(Object sender, EventArgs e) at System.Web.UI.Control.OnDataBinding(EventArgs e) at System.Web.UI.Control.DataBind(Boolean raiseOnDataBinding) at System.Web.UI.Control.DataBindChildren() at System.Web.UI.Control.DataBind(Boolean raiseOnDataBinding) at System.Web.UI.WebControls.Repeater.CreateControlHierarchy(Boolean useDataSource) at System.Web.UI.WebControls.Repeater.OnDataBinding(EventArgs e) at System.Web.UI.Control.DataBindChildren() at System.Web.UI.Control.DataBind(Boolean raiseOnDataBinding) at System.Web.UI.WebControls.Repeater.CreateControlHierarchy(Boolean useDataSource) at System.Web.UI.WebControls.Repeater.OnDataBinding(EventArgs e) at DigitalScout.WEDS.WebApp.Management._default.Page_Load(Object sender, EventArgs e) at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) at System.Web.UI.Control.OnLoad(EventArgs e) at DigitalScout.WEDS.WebApp.Code.BaseClass.Pages.ManagementPage.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) --- End of inner exception stack trace --- at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at ASP.management_default_aspx.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) This error happens for every user of the system until the app pool is recycled. Any help on this would be helpful as we are not able to reproduce the error.

    Read the article

  • How can I use "Dependency Injection" in simple php functions, and should I bother?

    - by Tchalvak
    I hear people talking about dependency injection and the benefit of it all the time, but I don't really understand it. I'm wondering if it's a solution to the "I pass database connections as arguments all the time" problem. I tried reading wikipedia's entry on it, but the example is written in Java so I don't solidly understand the difference it is trying to make clear. ( http://en.wikipedia.org/wiki/Dependency_injection ). I read this dependency-injection-in-php article ( http://www.potstuck.com/2009/01/08/php-dependency-injection/ ), and it seems like the objective is to not pass dependencies to an object directly, but to cordon off the creation of an object along with the creation of it's dependencies. I'm not sure how to apply that in a using php functions context, though. Additionally, is the following Dependency Injection, and should I bother trying to do dependency injection in a functional context? Version 1: (the kind of code that I create, but don't like, every day) function get_data_from_database($database_connection){ $data = $database_connection->query('blah'); return $data; } Version 2: (don't have to pass a database connection, but perhaps not dependency injection?) function get_database_connection(){ static $db_connection; if($db_connection){ return $db_connection; } else { // create db_connection ... } } function get_data_from_database(){ $conn = get_database_connection(); $data = $conn->query('blah'); return $data; } $data = get_data_from_database(); Version 3: (the creation of the "object"/data is separate, and the database code is still, so perhaps this would count as dependency injection?) function factory_of_data_set(){ static $db_connection; $data_set = null; $db_connection = get_database_connection(); $data_set = $db_connection->query('blah'); return $data_set; } $data = factory_of_data_set(); Anyone have a good resource or just insight that makes the method and benefit -crystal- clear?

    Read the article

  • Need some help to determine the amount of recursive calls in PHP

    - by Ben Fransen
    Hi all, I've got a, I think fairly easy question, but this is bugging me for a while now. So I figured, maybe I can get some help here. Since recursive functions are always a bit tricky, and sometimes a bit unclear to me, I keep struggling to create a nice working solution to get my menudata. In one of my classes I have this function, which gives me all menu-items recursivly. The thing I want is to determine at which recursionlevel a certain object was retrieved so I can create a nicely looking HTML output with indents for the levels of nesting. public function GetObjectList($parentID = 0, $objectlist = null) { if(is_null($objectlist)) { $objectlist = new ObjectList("Model_Navigation"); } $query = MySQL::Query("SELECT * FROM `Navigation` WHERE `WebsiteID` = ".SITE_ID. " AND `LanguageID` = ".LANG_ID." AND `ParentID` = ".$parentID); while($result = MySQL::FetchAssoc($query)) { $object = new Model_Navigation(); $object->ID = $result["ID"]; $object->WebsiteID = $result["WebsiteID"]; $object->LanguageID = $result["LanguageID"]; $object->ParentID = $result["ParentID"]; $object->Name = $result["Name"]; $object->Page = Model_Page::GetObjectByID($result["PageID"]); $object->ExternalURL = $result["ExternalURL"]; $object->Index = $result["Index"]; $object->Level = [here lies my problem]; $objectlist->Add($object); self::GetObjectList($object->ID, $objectlist); } return $objectlist; } Hope to hear from you! Greetings from Holland, Ben Fransen

    Read the article

  • What issues to consider when rolling your own data-backend for Silverlight / AJAX on non-ASP.NET ser

    - by Edward Tanguay
    I have read-only Silverlight and AJAX apps which read static text and XML files from a PHP/Apache server, which works very nicely with features such as asynchronous loading, lazy-loading only what I need for each page, loading in the background, developed a little query language to get a PHP script to create custom XML files etc. it's pragmatic read-only REST, and all works fast and fine for read-only sites. Now I want to also add the ability to write data from these apps to a database on the same PHP/Apache server. For those of you who have built similar data-access layers, what do I need to consider while building this, especially regarding security so that not just any client can write and alter my database, e.g.: check HTTP_USER_AGENT for security check REMOTE_ADDR for security require a special code for security, perhaps a list of TAN codes (such as banks use for online transactions) each which can only be used once, both the client and server have these I wonder if there is some kind of standard REST query I should lean on for e.g. building SQL-like statements in the URL parameters, e.g. http://www.thedatalayersite.com/query?insertinto=customers&... Any thoughts, notes from experience, ideas, gotchas, especially ideas on tightening down security in this endeavor would be helpful.

    Read the article

  • Dependency injection and factory

    - by legenden
    Trying to figure out how to best handle the following scenario: Assume a RequestContext class which has a dependency to an external service, such as: public class RequestContext : IRequestContext { private readonly ServiceFactory<IWeatherService> _weatherService; public RequestContext(ServiceFactory<IWeatherService> weatherService, UserLocation location, string query) { _weatherService = weatherService; ... What sort of dependency should I require in the class that will ultimately instantiate RequestContext? It could be ServiceFactory<IWeatherService>, but that doesn't seem right, or I could create an IRequestContextFactory for it along the lines of: public class RequestContextFactory : IRequestContextFactory { private readonly ServiceFactory<IWeatherService> _weatherService; public RequestContextFactory(ServiceFactory<IWeatherService> weatherService) { _weatherService = weatherService; } public RequestContext Create(UserLocation location, string query) { return new RequestContext(_weatherService, location, query); } } And then pass the IRequestContextFactory through constructor injection. This seems like a good way to do it, but the problem with this approach is that I think it hinders discoverability (devs must know about the factory and implement it, which is not really apparent). Is there a better/more discoverable way that I'm missing?

    Read the article

  • SqlCe odd results why? -- Same SQL, different results in different apps. Issue with

    - by NitroxDM
    When I run this SQl in my mobile app I get zero rows. select * from inventory WHERE [ITEMNUM] LIKE 'PUMP%' AND [LOCATION] = 'GARAGE' When I run the same SQL in Query Analyzer 3.5 using the same database I get my expected one row. Why the difference? Here is the code I'm using in the mobile app: SqlCeCommand cmd = new SqlCeCommand(Query); cmd.Connection = new SqlCeConnection("Data Source="+filePath+";Persist Security Info=False;"); DataTable tmpTable = new DataTable(); cmd.Connection.Open(); SqlCeDataReader tmpRdr = cmd.ExecuteReader(); if (tmpRdr.Read()) tmpTable.Load(tmpRdr); tmpRdr.Close(); cmd.Connection.Close(); return tmpTable; UPDATE: For the sake of trying I used the code found in one of the answers found here and it works as expected. So my code looks like this: SqlCeConnection conn = new SqlCeConnection("Data Source=" + filePath + ";Persist Security Info=False;"); DataTable tmpTable = new DataTable(); SqlCeDataAdapter AD = new SqlCeDataAdapter(Query, conn); AD.Fill(tmpTable); The issue appears to be with the SqlCeDataReader. Hope this helps someone else out!

    Read the article

  • Are Parameters really enough to prevent Sql injections?

    - by Rune Grimstad
    I've been preaching both to my colleagues and here on SO about the goodness of using parameters in SQL queries, especially in .NET applications. I've even gone so far as to promise them as giving immunity against SQL injection attacks. But I'm starting to wonder if this really is true. Are there any known SQL injection attacks that will be successfull against a parameterized query? Can you for example send a string that causes a buffer overflow on the server? There are of course other considerations to make to ensure that a web application is safe (like sanitizing user input and all that stuff) but now I am thinking of SQL injections. I'm especially interested in attacks against MsSQL 2005 and 2008 since they are my primary databases, but all databases are interesting. Edit: To clarify what I mean by parameters and parameterized queries. By using parameters I mean using "variables" instead of building the sql query in a string. So instead of doing this: SELECT * FROM Table WHERE Name = 'a name' We do this: SELECT * FROM Table WHERE Name = @Name and then set the value of the @Name parameter on the query / command object.

    Read the article

  • Azure SDK causes Node.js service bus call to run slow

    - by PazoozaTest Pazman
    I am using this piece of code to call the service bus queue from my node.js server running locally using web matrix, I have also upload to windows azure "web sites" and it still performs slowly. var sb1 = azure.createServiceBusService(config.serviceBusNamespace, config.serviceBusAccessKey); sbMessage = { "Entity": { "SerialNumbersToCreate": '0', "SerialNumberSize": config.usageRates[3], "BlobName": 'snvideos' + channel.ChannelTableName, "TableName": 'snvideos' + channel.ChannelTableName } }; sb1.getQueue('serialnumbers', function(error, queue){ if (error === null){ sb1.sendQueueMessage('serialnumbers', JSON.stringify(sbMessage), function(error) { if (!error) res.send(req.query.callback + '({data: ' + JSON.stringify({ success: true, video: newVideo }) + '});'); else res.send(req.query.callback + '({data: ' + JSON.stringify({ success: false }) + '});'); }); } else res.send(req.query.callback + '({data: ' + JSON.stringify({ success: false }) + '});'); }); It can be up to 5 seconds before the server responds back to the client with the return result. When I comment out the sb1.getQueue('serialnumbers', function(error, queue){ and just have it return without sending a queue message it performs in less than 1 second. Why is that? Is my approach to using the azure sdk service bus correct? Any help would be appreciated.

    Read the article

  • MySqlDataReader giving error at build

    - by TuxMeister
    Hey there. I have a function in VB.net that authenticates a user towards a MySQL DB before launching the main application. Here's the code of the function: Public Function authConnect() As Boolean Dim dbserver As String Dim dbuser As String Dim dbpass As String dbserver = My.Settings.dbserver.ToString dbuser = My.Settings.dbuser.ToString dbpass = My.Settings.dbpass.ToString conn = New MySqlConnection myConnString = "server=" & dbserver & ";" & "user id=" & dbuser & ";" & "password=" & dbpass & ";" & "database=rtadmin" Dim myCommand As New MySqlCommand Dim myAdapter As New MySqlDataAdapter Dim myData As New DataTable Dim myDataReader As New MySqlDataReader Dim query As String myCommand.Parameters.Add(New MySqlParameter("?Username", login_usr_txt.Text)) myCommand.Parameters.Add(New MySqlParameter("?Password", login_pass_txt.Text)) query = "select * from users where user = ?Username and passwd = ?Password" conn.ConnectionString = myConnString Try conn.Open() Try myCommand.Connection = conn myCommand.CommandText = query myAdapter.SelectCommand = myCommand myDataReader = myCommand.ExecuteReader If myDataReader.HasRows() Then MessageBox.Show("You've been logged in.", "RT Live! Information", MessageBoxButtons.OK, MessageBoxIcon.Information) End If Catch ex As Exception End Try Catch ex As Exception End Try End Function The function is not yet complete, there are a few other things that need to be done before launching the application, since I'm using a MessageBox to display the result of the login attempt. The error that I'm getting is the following: Error 1 'MySql.Data.MySqlClient.MySqlDataReader.Friend Sub New(cmd As MySql.Data.MySqlClient.MySqlCommand, statement As MySql.Data.MySqlClient.PreparableStatement, behavior As System.Data.CommandBehavior)' is not accessible in this context because it is 'Friend'. C:\Users\Mario\documents\visual studio 2010\Projects\Remote Techs Live!\Remote Techs Live!\Login.vb 43 13 Remote Techs Live! Any ideas? Thanks.

    Read the article

  • ZIP Numerous Blob Files

    - by Michael
    I have a database table that contains numerous PDF blob files. I am attempting to combine all of the files into a single ZIP file that I can download and then print. Please help! <?php include 'config.php'; include 'connect.php'; $session= $_GET[session]; $query = " SELECT $tbl_uploads.username, $tbl_uploads.description, $tbl_uploads.type, $tbl_uploads.size, $tbl_uploads.content, $tbl_members.session FROM $tbl_uploads LEFT JOIN $tbl_members ON $tbl_uploads.username = $tbl_members.username WHERE $tbl_members.session= '$session'"; $result = mysql_query($query) or die('Error, query failed'); while(list($username, $description, $type, $size, $content) = mysql_fetch_array($result)) { header("Content-length: $size"); header("Content-type: $type"); header("Content-Disposition: inline; filename=$username-$description.pdf"); echo $content; } $files = array('File 1 from database', 'File 2 from database'); $zip = new ZipArchive; $zip->open('file.zip', ZipArchive::CREATE); foreach ($files as $file) { $zip->addFile($file); } $zip->close(); header('Content-Type: application/zip'); header('Content-disposition: attachment; filename=filename.zip'); header('Content-Length: ' . filesize($zipfilename)); readfile($zipname); mysql_close($link); exit; ?>

    Read the article

  • SQL with Regular Expressions vs Indexes with Logical Merging Functions

    - by geeko
    Hello Lads, I am trying to develop a complex textual search engine. I have thousands of textual pages from many books. I need to search pages that contain specified complex logical criterias. These criterias can contain virtually any compination of the following: A: Full words. B: Word roots (semilar to stems; i.e. all words with certain key letters). C: Word templates (in some languages are filled in certain templates to form various part of speech such as adjactives, past/present verbs...). D: Logical connectives: AND/OR/XOR/NOT/IF/IFF and parentheses to state priorities. Now, would it be faster to have the pages' full text in database (not indexed) and search though them all using SQL and Regular Expressions ? Or would it be better to construct indexes of word/root/template-page-location tuples. Hence, we can boost searching for individual words/roots/templates. However, it gets tricky as we interdouce logical connectives into our query. I thought of doing the following steps in such cases: 1: Seperately search for each individual words/roots/templates in the specified query. 2: On priority bases, we merge two result lists (from step 1) at a time depedning on the logical connective For example, if we are searching for "he AND (is OR was)": 1: We shall search for "he", "is" and "was" seperately and get result lists for each word. 2: Merge the result lists of "is" and "was" using the merging function OR-MERGE 3: Merge the merged result list from the OR-MERGE function with the one of "he" using the merging function AND-MERGE The result of step 3 is then returned as the result of the specified query. What do you think gurues ? Which is faster ? Any better ideas ? Thank you all in advance.

    Read the article

  • Linq-to-SQL: How to shape the data with group by?

    - by Cheeso
    I have an example database, it contains tables for Movies, People and Credits. The Movie table contains a Title and an Id. The People table contains a Name and an Id. The Credits table relates Movies to the People that worked on those Movies, in a particular role. The table looks like this: CREATE TABLE [dbo].[Credits] ( [Id] [int] IDENTITY (1, 1) NOT NULL PRIMARY KEY, [PersonId] [int] NOT NULL FOREIGN KEY REFERENCES People(Id), [MovieId] [int] NOT NULL FOREIGN KEY REFERENCES Movies(Id), [Role] [char] (1) NULL In this simple example, the [Role] column is a single character, by my convention either 'A' to indicate the person was an actor on that particular movie, or 'D' for director. I'd like to perform a query on a particular person that returns the person's name, plus a list of all the movies the person has worked on, and the roles in those movies. If I were to serialize it to json, it might look like this: { "name" : "Clint Eastwood", "movies" : [ { "title": "Unforgiven", "roles": ["actor", "director"] }, { "title": "Sands of Iwo Jima", "roles": ["director"] }, { "title": "Dirty Harry", "roles": ["actor"] }, ... ] } How can I write a LINQ-to-SQL query that shapes the output like that? I'm having trouble doing it efficiently. if I use this query: int personId = 10007; var persons = from p in db.People where p.Id == personId select new { name = p.Name, movies = (from m in db.Movies join c in db.Credits on m.Id equals c.MovieId where (c.PersonId == personId) select new { title = m.Title, role = (c.Role=="D"?"director":"actor") }) }; I get something like this: { "name" : "Clint Eastwood", "movies" : [ { "title": "Unforgiven", "role": "actor" }, { "title": "Unforgiven", "role": "director" }, { "title": "Sands of Iwo Jima", "role": "director" }, { "title": "Dirty Harry", "role": "actor" }, ... ] } ...but as you can see there's a duplicate of each movie for which Eastwood played multiple roles. How can I shape the output the way I want?

    Read the article

  • Oracle - Getting Select Count(*) from ... as an output parameter in System.Data.OracleClient

    - by cbeuker
    Greetings all, I have a question. I am trying to build a parametrized query to get me the number of rows from a table in Oracle. Rather simple. However I am an Oracle newbie.. I know in SQL Server you can do something like: Select @outputVariable = count(*) from sometable where name = @SomeOtherVariable and then you can set up an Output parameter in the System.Data.SqlClient to get the @outputVariable. Thinking that one should be able to do this in Oracle as well, I have the following query Select count(*) into :theCount from sometable where name = :SomeValue I set up my oracle parameters (using System.Data.OracleClient - yes I know it will be deprecated in .Net 4 - but that's what I am working with for now) as follows IDbCommand command = new OracleCommand(); command.CommandText = "Select count(*) into :theCount from sometable where name = :SomeValue"); command.CommandType = CommandType.Text; OracleParameter parameterTheCount = new OracleParameter(":theCount ", OracleType.Number); parameterTheCount .Direction = ParameterDirection.Output; command.Parameters.Add(parameterTheCount ); OracleParameter parameterSomeValue = new OracleParameter(":SomeValue", OracleType.VarChar, 40); parameterSomeValue .Direction = ParameterDirection.Input; parameterSomeValue .Value = "TheValueToLookFor"; command.Parameters.Add(parameterSomeValue ); command.Connection = myconnectionObject; command.ExecuteNonQuery(); int theCount = (int)parameterTheCount.Value; At which point I was hoping the count would be in the parameter parameterTheCount that I could readily access. I keep getting the error ora-01036 which http://ora-01036.ora-code.com tells me to check my binding in the sql statement. Am I messing something up in the SQL statement? Am I missing something simple elsewhere? I could just use command.ExecuteScaler() as I am only getting one item, and am probably going to end up using that, but at this point, curiosity has got the better of me. What if I had two parameters I wanted back from my query (ie: select max(ColA), min(ColB) into :max, :min.....) Thanks..

    Read the article

  • C++ boost.asio server and client connection undersanding

    - by Edgar Buchvalov
    i started learning boost.asio and i have some problems with undersanding tcp connections. There is example from official boost site: #include <ctime> #include <iostream> #include <string> #include <boost/asio.hpp> using boost::asio::ip::tcp; std::string make_daytime_string() { using namespace std; // For time_t, time and ctime; time_t now = time(0); return ctime(&now); } int main() { try { boost::asio::io_service io_service; tcp::acceptor acceptor(io_service, tcp::endpoint(tcp::v4(), 13)); for (;;) { tcp::socket socket(io_service); acceptor.accept(socket); std::string message = make_daytime_string(); boost::system::error_code ignored_error; boost::asio::write(socket, boost::asio::buffer(message), boost::asio::transfer_all(), ignored_error); } } catch (std::exception& e) { std::cerr << e.what() << std::endl; } return 0; } there is question, why if i want to connet to this server via client i have t write: boost::asio::io_service io_service; tcp::resolver resolver(io_service); tcp::resolver::query query(host_ip, "daytime"); //why daytime? tcp::resolver::iterator endpoint_iterator = resolver.resolve(query); tcp::resolver::iterator end; why daytime?, what it meant and where it is inicialized in server, or i just doesn't missed somefing? there is full client code : www.boost.org/doc/libs/1_39_0/doc/html/boost_asio/tutorial/tutdaytime1.html thanks for explanation in advance

    Read the article

  • I find a problem with sending receiving parameter

    - by kawtousse
    how to get the xml translation to html dropdownlist with ajax. I send the parameter with GET method but the JSP FILE THAT GENERATES THE XML DONT RECEIVE IT. var url="responsexml.jsp"; url=url+"?projectCode="+prj.options[prj.selectedIndex].value; xmlhttp.onreadystatechange=stateChanged; xmlhttp.open("GET",url,true); xmlhttp.send(null); and then in responsexml.jsp I do like that: <% String projectcode= (String)request.getParameter("projectCode"); System.out.println("++++projectCode:=" +projectcode); Session s = null; Transaction tx; try { s = HibernateUtil.currentSession(); tx = s.beginTransaction(); Query query = s.createQuery("SELECT from Wa wa where wa.ProjectCode='"+projectcode+"'"); response.setContentType("text/xml"); PrintWriter output = response.getWriter(); output.write( "<?xml version=\"1.0\" encoding=\"utf-8\"?>"); //response.setHeader("Cache-Control", "no-cache"); //constriure le xml if(projectcode!=null) { for(Iterator it=query.iterate();it.hasNext();) { if(it.hasNext()) { Wa object=(Wa)it.next(); //out.print( "<item id=\"" +object.getIdWA() + "\" name=\"" + object.getWAName() + "\" />"); output.write("<wa>"); output.write( "<item id=\"" + object.getIdWA() + "\" name=\"" + object.getWAName() + "\" />"); output.write("</wa>"); } } } } catch (HibernateException e) { e.printStackTrace(); } %> </body> </html> With this code I dont have my xml file. I got this error: The server did not understand the request, or the request was invalid. Erreur de traitement de la ressource http://www.w3.o... PLEASE HELP.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 319 320 321 322 323 324 325 326 327 328 329 330  | Next Page >