Search Results

Search found 29193 results on 1168 pages for 'sql merge'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 674/1168 | < Previous Page | 670 671 672 673 674 675 676 677 678 679 680 681  | Next Page >

  • PHP Security checklist (injection, sessions etc)

    - by NoviceCoding
    So what kind of things should a person using PHP and MySql be focused on to maximize security. Things I have done: -mysql_real_escape_string all inputs -validate all inputs after escaping em -Placed random alpha numerics before my table names -50character salt + Ripemd passwords Heres where I think I am slacking: -I know know nothing about sessions and securing them. How unsafe/safe is it if all you are doing is: session_start(); $_SESSION['login']= $login; and checking it with: session_start(); if(isset($_SESSION['login'])){ -I heard something about other forms of injection like cross site injection and what not... -And probably many other things I dont know about. Is there a "checklist"/Quicktut on making php secure? I dont even know what I should be worried about.I kinda regret now not building off cakephp since I am not a pro.

    Read the article

  • Why might one app connect to SQL backend OK and a second app fail if they share the same connectionstring?

    - by hawbsl
    Trying to figure out a SQL connection error 26 in our app. We've got two closely related apps Foo and FooAddIn. Foo is a Winforms app built in VS2010 and runs fine and connects fine to our SQLExpress back end. FooAddIn is an Outlook AddIn which references Foo.exe and connects to the same SQL Express instance. Or rather, it doesn't connect, instead reporting: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified) Now, both apps share the same connectionstring and we've verified they really do share the same connectionstring. At this stage we're just testing from within the same developer machine, so the apps are on the same machine, going via the same VS2010 IDE. So a lot of the advice online for this error doesn't apply because the fact that Foo connects through to SQL Express tells us the database is there and available and can be reached. What else is there to check? One thing is that Foo and FooAddIn are running different runtime versions of System.Data (v2.0.50727 and v4.0.30319). Could that be a factor?

    Read the article

  • sql query returns incorrect result

    - by reza saberi
    I have a mysql database that stores quotation documents with some products that are clearly defining the price of each product in them, and a table for contracts storing contract details as well as customer code and quotation code to which it belongs. I have the following query to see how much is the total price of the quotation to write it in the invoice: select sum(sqproducts.price * sqproducts.quantity) as 'total-price', squotations.currency as 'currency' from sqproducts, ccontracts, squotations where sqproducts.contracted=1 AND squotations.code=sqproducts.quotation_code AND sqproducts.quotation_code=ccontracts.squotation_code AND sqproducts.quotation_code='QUOT/2012/1' group by currency

    Read the article

  • WHERE vs HAVING

    - by baloo
    Why is it that you need to place columns you create yourself (for example "select 1 as number") after HAVING and not WHERE in MySQL? And are there any downsides instead of doing "WHERE 1" (writing the whole definition instead of a column name)

    Read the article

  • Tricky SQL query - need to get time frames

    - by Andrew
    I am stumbled upon a problem, when I need a query which will produce a list of speeding time frames. Here is the data example [idgps_unit_location] [dt] [idgps_unit] [lat] [long] [speed_kmh] 26 10/18/2012 18:53 2 47 56 30 27 10/18/2012 18:53 2 49 58 31 28 10/18/2012 18:53 2 28 37 15 29 10/18/2012 18:54 2 56 65 33 30 10/18/2012 18:54 2 152 161 73 31 10/18/2012 18:55 2 134 143 64 32 10/18/2012 18:56 2 22 31 12 36 10/18/2012 18:59 2 98 107 47 37 10/18/2012 18:59 2 122 131 58 38 10/18/2012 18:59 2 91 100 44 39 10/18/2012 19:00 2 190 199 98 40 10/18/2012 19:01 2 194 203 101 41 10/18/2012 19:02 2 182 191 91 42 10/18/2012 19:03 2 162 171 78 43 10/18/2012 19:03 2 174 183 83 44 10/18/2012 19:04 2 170 179 81 45 10/18/2012 19:05 2 189 198 97 46 10/18/2012 19:06 2 20 29 10 47 10/18/2012 19:07 2 158 167 76 48 10/18/2012 19:08 2 135 144 64 49 10/18/2012 19:08 2 166 175 79 50 10/18/2012 19:09 2 9 18 5 51 10/18/2012 19:09 2 101 110 48 52 10/18/2012 19:09 2 10 19 7 53 10/18/2012 19:10 2 32 41 20 54 10/18/2012 19:10 1 54 63 85 55 10/19/2012 19:11 2 55 64 50 I need a query that would convert this table into the following report that shows frames of time when speed was 80: [idgps_unit] [dt_start] [lat_start] [long_start] [speed_start] [dt_end] [lat_end] [long_end] [speed_end] [speed_average] 2 10/18/2012 19:00 190 199 98 10/18/2012 19:02 182 191 91 96.66666667 2 10/18/2012 19:03 174 183 83 10/18/2012 19:05 189 198 97 87 1 10/18/2012 19:10 54 63 85 10/18/2012 19:10 54 63 85 85 Now, what have I tried? I tried putting this into separate tables, queries and do some joins... Nothing works and I am very frustrated... I am not even sure if this could be done via the query. Asking for the expert help!

    Read the article

  • How to access web.config connection string in C#?

    - by salvationishere
    I have a 32-bit XP running VS 2008 and I am trying to decrypt my connection string from my web.config file in my C# ASPX file. Even though there are no errors returned, my current connection string doesn't display contents of my selected AdventureWorks stored procedure. I entered it: C:\Program Files\Microsoft Visual Studio 9.0\VC>Aspnet_regiis.exe -pe "connectionStrings" -app "/AddFileToSQL2" Then it said "Succeeded". And my web.config section looks like: <connectionStrings> <add name="Master" connectionString="server=MSSQLSERVER;database=Master; Integrated Security=SSPI" providerName="System.Data.SqlClient" /> <add name="AdventureWorksConnectionString" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Integrated Security=True" providerName="System.Data.SqlClient" /> <add name="AdventureWorksConnectionString2" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Persist Security Info=true; " providerName="System.Data.SqlClient" /> </connectionStrings> And my C# code behind looks like: string connString = ConfigurationManager.ConnectionStrings["AdventureWorksConnectionString2"].ConnectionString; Is there something wrong with the connection string in the web.config or C# code behind file?

    Read the article

  • How to add user customized data to database?

    - by CSharperWithJava
    I am trying to design a sqlite database that will store notes. Each of these notes will have common fields like title, due date, details, priority, and completed. In addition though, I would like to add data for more specialized notes like price for shopping list items and author/publisher data for books. I also want to have a few general purpose fields that users can fill with whatever text data they want. How can I design my database table in this case? I could just have a field for each piece of data for every note, but that would waste a lot of fields and I'd like to have other options and suggestions.

    Read the article

  • Using a trigger to record audit information vs. stored procedure

    - by Germ
    Suppose you have the following... An ASP.NET web application that calls a stored procedure to delete a record. The table has a trigger on it that will insert an audit entry each time a record is deleted. I want to be able to record in the audit entry the username of who deleted the record. What would be the best way to go about achieving this? I know I could remove the trigger and have the delete stored procedure insert the audit entry prior to deleting but are there any other recommeded alternative? If a username was passed as a parameter to the delete stored procedure, is there anyway to get this value in the trigger that's excuted when the record is deleted? I'm just throwing this out there...

    Read the article

  • What does P mean in Sort(Expression<Func<T, P>> expr, ListSortDirection direction)?

    - by Grasshopper
    I am attempting to use the answer in post: How do you sort an EntitySet<T> to expose an interface so that I can sort an EntitySet with a Binding list. I have created the class below and I get the following compiler error: "The type or namespace 'P' could not be found (are you missing a using directive or assembly reference?). Can someone tell me what the P means and which namespace I need to include to get the method below to compile? I am very new to delegates and lamba expressions. Also, can someone confirm that if I create a BindingList from my EntitySet that any modifications I make to the BindingList will be made to the EntitySet? Basically, I have an EntitySet that I need to sort and make changes to. Then, I will need to persist these changes using the original Entity that the BindingList came from. public class EntitySetBindingWrapper<T> : BindingList<T> { public EntitySetBindingWrapper(BindingList<T> root) : base(root) { } public void Sort(Expression<Func<T, P>> expr, ListSortDirection direction) { if (expr == null) base.RemoveSortCore(); MemberExpression propExpr = expr as MemberExpression; if (propExpr == null) throw new ArgumentException("You must provide a property", "expr"); PropertyDescriptorCollection descriptorCol = TypeDescriptor.GetProperties(typeof(T)); IEnumerable<PropertyDescriptor> descriptors = descriptorCol.Cast<PropertyDescriptor>(); PropertyDescriptor descriptor = descriptors.First(pd => pd.Name == propExpr.Member.Name); base.ApplySortCore(descriptor, direction); } }

    Read the article

  • I insert new parent row and child rowstate changes from Added to unchanged

    - by Joel
    rowsUpdated is an int32 to count how many rows are updated rowsToUpdate = dataset.ParentTable.Select("", "", dataviewRowState.Added) if rowsToUpdate isNot Nothing then for each row as datarow in RowsToUpdate changes the rowstate: rowsUpdated = rowsUpdated + ParentTableAdapter.update(row) Next row End if I'm sure it's something I'm over looking but I just can't see it. Thanks in advance, Joel

    Read the article

  • clearing an entire column in access

    - by I__
    is there a way to clear an entire column in a datasheet in access? i can just right click on it and delete it but that will affect the structure, i just need to clear all the records. how do i do this? perhaps the question i should be asking is how do i clear the entire contents of a datasheet in access?

    Read the article

  • Oracle sql developer can acess from loalhost but not ip address

    - by Welcome Always
    Here i have installed widows server 2008 64 orale 11g r2 64 now i want to access this from the ip address that i have set to my server not working i can't access trough the ip address.... when i use on my application .....local host it can get connected but when i add the ip for example 10.0.0.2 it's not connecting now simply also on local when i write the ip address it's not connecting but with localhost works fine..... so even i have used listener. regards

    Read the article

  • Best way to run multiple queries per second on database, performance wise?

    - by Michael Joell
    I am currently using Java to insert and update data multiple times per second. Never having used databases with Java, I am not sure what is required, and how to get the best performance. I currently have a method for each type of query I need to do (for example, update a row in a database). I also have a method to create the database connection. Below is my simplified code. public static void addOneForUserInChannel(String channel, String username) throws SQLException { Connection dbConnection = null; PreparedStatement ps = null; String updateSQL = "UPDATE " + channel + "_count SET messages = messages + 1 WHERE username = ?"; try { dbConnection = getDBConnection(); ps = dbConnection.prepareStatement(updateSQL); ps.setString(1, username); ps.executeUpdate(); } catch(SQLException e) { System.out.println(e.getMessage()); } finally { if(ps != null) { ps.close(); } if(dbConnection != null) { dbConnection.close(); } } } And my DB connection private static Connection getDBConnection() { Connection dbConnection = null; try { Class.forName(DB_DRIVER); } catch (ClassNotFoundException e) { System.out.println(e.getMessage()); } try { dbConnection = DriverManager.getConnection(DB_CONNECTION, DB_USER,DB_PASSWORD); return dbConnection; } catch (SQLException e) { System.out.println(e.getMessage()); } return dbConnection; } This seems to be working fine for now, with about 1-2 queries per second, but I am worried that once I expand and it is running many more, I might have some issues. My questions: Is there a way to have a persistent database connection throughout the entire run time of the process? If so, should I do this? Are there any other optimizations that I should do to help with performance? Thanks

    Read the article

  • Multiple user database design

    - by dieguitoweb
    I have to develop a basic social network for an academic purpose; but I need some tips for the users management.. The users are subdivided into 3 groups with different privilege: admins,analysts and standards users. For every user should be stored into the database the following information: name,lastname,e-mail,age,password. I'm not quite sure how I should design the database between theese two solutions: 1)one table called 'users' with the 'role' attribute that explain what a user can do and what can't do, and the permissions are managed via php 2)every application user is a database user created with the query 'CREATE ROLE' (It's a postgres database) and he has permissions on some tables granted with the 'GRANT' statement You should take into account that the project is for a database exam.. thanks

    Read the article

  • MySQL: Select pages that are not tagged?

    - by lauthiamkok
    Hi, I have a db with two tables like these below, page table pg_id title 1 a 2 b 3 c 4 d tagged table tagged_id pg_id 1 1 2 4 I want to select the pages which are tagged, I tried with this query below but doesn't work, SELECT * FROM root_pages LEFT JOIN root_tagged ON ( root_tagged.pg_id = root_pages.pg_id ) WHERE root_pages.pg_id != root_tagged.pg_id It returns zero - Showing rows 0 - 1 (2 total, Query took 0.0021 sec) But I want it to return pg_id title 2 b 3 c My query must have been wrong?? How can I return the pages which are not tagged correctly? Thanks.

    Read the article

  • Group and count in Rails

    - by alamodey
    I have this bit of code and I get an empty object. @results = PollRoles.find( :all, :select => 'option_id, count(*) count', :group => 'option_id', :conditions => ["poll_id = ?", @poll.id]) Is this the correct way of writing the query? I want a collection of records that have an option id and the number of times that option id is found in the PollRoles model. EDIT: This is how I''m iterating through the results: <% @results.each do |result| %> <% @option = Option.find_by_id(result.option_id) %> <%= @option.question %> <%= result.count %> <% end %>

    Read the article

  • form not showing for empty records

    - by Chris Hodges
    I have a relatively simple PHP page called editcustomers with 3 columns. The problem I'm having is that the form will show when there is a record in the database and the fields will be populated with that info. When no such records exists, the form is not even shown, eliminating the possibility to insert a record. My page layout is as follows: Column 1 shows a form containing customer information, allowing it to be edited. Column 2 allows ordering of products and showing how many products were ordered Column 3 shows the total paid so far, and the total owing. The code for the page I have at present: <html> <?php $id = $_GET['id']; require_once('connect.php'); $sth = $dbh->query("SELECT * FROM users where id = '$id';"); $sth->setFetchMode(PDO::FETCH_ASSOC); $eth = $dbh->query("SELECT * FROM purchases where id = '$id';"); $eth->setFetchMode(PDO::FETCH_ASSOC); ?> <div id="main"> <div id="left"> <form name="custInfo" action ="process.php" method ="post" > <input type = "hidden" name ="formType" value="custInfo"/> <?php while($row = $sth->fetch()){ ?> <p><input type = "hidden" name ="id" value="<?php echo $row["id"] ?>"/> <p><input type = "text" name ="firstName" size ="30" value=" <?php echo $row["firstName"]?>"/> <p><input type = "text" name ="lastName" size ="30" value="<?php echo $row["lastName"]?>"/> <p><input type = "text" name ="country" size ="30" value="<?php echo $row["country"]?>"/> <p></p> <input type="submit" value="Update" /> <?php }?> </div> <div id="mid"> <form name="custCosts" action ="process.php" method ="post" > <input type = "hidden" name ="formType" value="custCosts"/> <?php while($row = $eth->fetch()){ ?> <p><input type = "hidden" name ="id" value="<?php echo $row["id"] ?>"/> <p><input type = "text" name ="amountOwed" size ="30" value=" <?php echo $row["amountOwed"]?>"/> <p><input type = "text" name ="numAaa" size ="30" value="<?php echo $row["numAaa"]?>"/> <p><input type = "text" name ="numBbb" size ="30" value="<?php echo $row["numBbb"]?>"/> <p></p> <input type="submit" value="Update" /> <?php }?> </div> <div id="right"> <b>Total Balance</b> <p> Money owed: </p> <p> aaa total: </p> <p> bbb total: </p> <p> Total: </p> <input type = "text" name ="pay" size ="20" /></p> <input type="submit" value="Make Payment" /> </div> <?php $dbh =null; ?> </body> </html> And the code for all the database trickery: <?php require_once 'connect.php'; $formType = $_POST['formType']; $id = $_POST['id']; $firstName = $_POST['firstName']; $lastName = $_POST['lastName']; $country = $_POST['country']; $amountOwed = $_POST['amountOwed ']; $numAaa = $_POST['numAaa']; $numBbb = $_POST['numBbb']; if(empty($_POST['id'])) { $sth = $dbh->prepare("INSERT INTO customers (firstName, lastName, country) VALUES ('$firstName', '$lastName', '$country')"); $sth->execute(); } elseif(!empty($_POST['id']) && !isset($_POST['stayCost']) && $_POST['formType'] == 'guestInfo'){ $sth = $dbh->prepare("UPDATE customers SET firstName = '$firstName', lastName = '$lastName', country = '$country' WHERE id = '$id'"); $sth->execute(); }elseif(!empty($_POST['id']) && isset($_POST['stayCost']) && $_POST['formType'] == 'guestInfo'){ $sth = $dbh->prepare("INSERT INTO purchases (id, amountOwed, numAaa, numBbb) VALUES ('$id', '$amountOwed', '$numAaa', '$numBbb'"); $sth->execute(); }elseif(!empty($_POST['id']) && $_POST['formType'] == 'guestCosts'){ $sth = $dbh->prepare("UPDATE purchases SET amountOwed= '$amountOwed', numAaa = '$numAaa', numBbb= '$numBbb' WHERE id = '$id'"); $sth->execute(); } $dbh =null; ?> Why does the form not even display if there is no record? An error or something I might understand....but the form is still in the HTML and should still be being output, from what I can see. Why is this not the case?

    Read the article

  • Access is re-writing - and breaking - my query!

    - by FrustratedWithFormsDesigner
    I have a query in MS Access (2003) that makes use of a subquery. The subquery part looks like this: ...FROM (SELECT id, dt, details FROM all_recs WHERE def_cd="ABC-00123") AS q1,... And when I switch to Table View to verify the results, all is OK. Then, I wanted the result of this query to be printed on the page header for a report (the query returns a single row that is page-header stuff). I get an error because the query is suddenly re-written as: ...FROM [SELECT id, dt, details FROM all_recs WHERE def_cd="ABC-00123"; ] AS q1,... So it's Ok that the round brackets are automatically replaced by square brackets, Access feels it needs to do that, fine! But why is it adding the ; into the subquery, which causes it to fail? I suppose I could just create new query objects for these subqueries, but it seems a little silly that I should have to do that.

    Read the article

  • Store database, good pattern for simultaneous access

    - by dygi
    I am kinda new to database designing so i ask for some advices or some kind of a good pattern. The situation is that, there is one database, few tables and many users. How should i design the database, or / and which types of queries should i use, to make it work, if users can interact with the database simultaneously? I mean, they have access to and can change the same set of data. I was thinking about transactions, but I am not sure, if that is the right / good / the only solution. I will appreciate some google keywords too.

    Read the article

  • SQL Join query, getting ManagerName

    - by user279521
    I have an tblEmployeeProfile & a tblPersonnel. tblPersonnel is an HR table, that consists of all employees in the company; tblEmployeeProfile contains details about an employee's position. tblPersonnel.PersonnelID tblPersonnel.FirstName tblPersonnel.MiddleName tblPersonnel.LastName tblPersonnel.PhoneNumber tblPersonnel.Email tblEmployeeProfile.EmployeeID tblEmployeeProfile.ManagerID tblEmployeeProfile.DepartmentID tblEmployeeProfile.JobCategoryID tblEmployeeProfile.SalaryID I want to return a record with the following fields: EmployeeID, FirstName, MiddleName, LastName, Email, ManagerFullName where EmployeeID = @EmployeeID *tblEmployeeProfile.ManagerID = tblPersonnel.PersonnelID* I can't seem to get the query correct for getting the ManagerFullName

    Read the article

  • Group by query design help

    - by Midhat
    Consider this data PK field1 field2 1 a b 2 a (null) 3 x y 4 x z 5 q w I need to get this data select all columns from all rows where field1 has count 1 i tried and finally settled for select * from mytable where field1 in (select field1 from mytable group by field1 having count(field1)>1 ) order by field1 but there has to be a better way than this

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 670 671 672 673 674 675 676 677 678 679 680 681  | Next Page >