Search Results

Search found 27342 results on 1094 pages for 'sql denali'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 695/1094 | < Previous Page | 691 692 693 694 695 696 697 698 699 700 701 702  | Next Page >

  • C# and MySQL .NET Connector - Any way of preventing SQL Injection attacks in a generic class?

    - by John M
    My idea is to create some generic classes for Insert/Update/Select via a C# (3.5) Winforms app talking with a MySQL database via MySQL .NET Connector 6.2.2. For example: public void Insert(string strSQL) { if (this.OpenConnection() == true) { MySqlCommand cmd = new MySqlCommand(strSQL, connection); cmd.ExecuteNonQuery(); this.CloseConnection(); } } Then from anywhere in the program I can run a query with/without user input by just passing a SQL query string. Reading around on SO is starting to give me the indication that this may lead to SQL injection attacks (for any user-input values). Is there anyway of scrubbing the inputted strSQL or do I need to go and create individual parameterized queries in every method that needs to do a database function?

    Read the article

  • Recreation of MySQL DB using "mysql mydb < mydb.sql" is really slow when the table has tens of milli

    - by Jian Lin
    It seems that a MySQL database that has a table with tens of millions of records will get a big INSERT INTO statement when the following mysqldump some_db > some_db.sql is done to back up the database. (is it 1 insert statement that handles all the records?) So when reconstructing the DB using mysql some_db < some_db.sql then the CPU is hardly busy (about 1.8% usage by the mysql process... I don't see a mysqld either?) and also the hard disk doesn't seem to be too busy... Last time, the whole restore process took 5 hours. Is there a way to make it faster? Such as, when doing mysqldump, can it break the INSERT statement into shorter ones, so that the mysql doesn't need to parse the line so hard when restoring the DB?

    Read the article

  • "ref" vs "out" keyword errors using the sql-net and C# Sqlite combination for windows phone 7.1

    - by param
    I am getting some "ref" vs "out" keyword errors using the sql-net and C# Sqlite combination for windows phone 7.1. Is this due to a wrong combination of libraries that I am using? App Type: Windows Phone 7.1 Using: 1) sql-net Version 1.0.5, Source Nuget thru Visual Studio 2) C# Sqlite for WP7 (wp7sqlite) ( Community.CSharpSqlite.WP7) Version 0.1.1, Source Nuget thru Visual Studio. The exact error I receive is below **Error 5 The best overloaded method match for Community.CsharpSqlite.Sqlite3.sqlite3_open(string, ref Community.CsharpSqlite.Sqlite3.sqlite3)' has some invalid arguments C:\Dev\Learning\SQLite.cs Line:2492 Column: 29 ** The next error then hints that it is related to the parameter being passed as "out" type instead of "ref" type. Error 6 Argument 2 must be passed with the 'ref' keyword C:\Dev\Learning\SQLite.cs Line: 2492 Column: 64 I can make the compile errors go away by replacing the "out" keyword with the "ref" keyword, but that is likely to lead to other issues. Given that I do not see much complain about this issue - I may be doing something wrong but not able to detect easily. Thanks, Parmeshwar

    Read the article

  • Recreation of DB using "mysql mydb < mydb.sql" is really slow when the table has tens of millions of

    - by Jian Lin
    It seems that a MySQL database that has a table with tens of millions of records will get a big INSERT INTO statement when the following mysqldump some_db > some_db.sql is done to back up the database. (is it 1 insert statement that handles all the records?) So when reconstructing the DB using mysql some_db < some_db.sql then the CPU is hardly busy (about 1.8% usage by the mysql process... I don't see a mysqld either?) and also the hard disk doesn't seem to be too busy... Last time, the whole restore process took 5 hours. Is there a way to make it faster? Such as, when doing mysqldump, can it break the INSERT statement into shorter ones, so that the mysql doesn't need to parse the line so hard when restoring the DB?

    Read the article

  • RPC Fails but passing in SQL Man. Studios works

    - by Justin
    I am calling a stored procedure from a web service in an ASP.Net application. And until a few days ago, all was well. However now when i call it I get an error saying The timeout period elapsed prior to the completion of the operation or the server could not be reached. However when i would run SQL SERVER PROFILER, I could see that the call was getting to the database, but was timing out. I then copied the statement being executed found at the bottom of the Profiler and pasted it into Management Studio and executed it and it finishes in about 7 seconds.. This runs just fine on our production server. It seems to be similar to this question: SELECT DISTINCT not working in .NET application, but works in SQL Mgmt Studio but I see no answer.

    Read the article

  • Does Python Django support custom SQL and denormalized databases with no Foreign Key relationships?

    - by Jay
    I've just started learning Python Django and have a lot of experience building high traffic websites using PHP and MySQL. What worries me so far is Python's overly optimistic approach that you will never need to write custom SQL and that it automatically creates all these Foreign Key relationships in your database. The one thing I've learned in the last few years of building Chess.com is that its impossible to NOT write custom SQL when you're dealing with something like MySQL that frequently needs to be told what indexes it should use (or avoid), and that Foreign Keys are a death sentence. Percona's strongest recommendation was for us to remove all FKs for optimal performance. Is there a way in Django to do this in the models file? create relationships without creating actual DB FKs? Or is there a way to start at the database level, design/create my database, and then have Django reverse engineer the models file?

    Read the article

  • Why does concatenating strings in the argument of EXEC sometimes cause a syntax error in T-SQL?

    - by Tim Goodman
    In MS SQL Server Management Studio 2005, running this code EXEC('SELECT * FROM employees WHERE employeeID = ' + CAST(3 AS VARCHAR)) gives this error: Incorrect syntax near 'CAST' However, if I do this, it works: DECLARE @temp VARCHAR(4000) SET @temp = 'SELECT * FROM employees WHERE employeeID = ' + CAST(3 AS VARCHAR) EXEC(@temp) I found an explanation here: http://stackoverflow.com/questions/1044831/t-sql-cannot-pass-concatenated-string-as-argument-to-stored-procedure According to the accepted answer, EXEC can take a local variable or a value as its argument, but not an expression. However, if that's the case, why does this work: DECLARE @temp VARCHAR(4000) SET @temp = CAST(3 AS VARCHAR) EXEC('SELECT * FROM employees WHERE employeeID = ' + @temp) 'SELECT * FROM employees WHERE employeeID = ' + @temp sure looks like an expression to me, but the code executes with no errors.

    Read the article

  • Using the "IN" clause with a comma delimited string from the output of a replace() function in Oracle SQL

    - by Thomas
    Hi All, I have an comma delimited string which I want to use in an "IN" clause of the statement. eg: 100,101,102 Since In and "IN" clause I have to quote the individial strings, I use a replace function: eg: select ''''||replace('100,101,102',',',''', ''')||'''' from dual; The above query works, however, when I try to use the output of the above as an input to the "IN" clause, it returns no data. I am restricted by only SQL statements, so I cannot use PL/SQL code. Kindly help. eg: select * from employee where employee_number in ( select ''''||replace('100,101,102',',',''', ''')||'''' from dual); The above does not work. Please let me know what I am missing.

    Read the article

  • Can I stop SQL*Plus from displaying "connected" when I have a "connect" in a script?

    - by René Nyffenegger
    I have a few sql scripts that I need to run via SQL*Plus. These scripts connect several times as different users with a connect user_01/pass_01@db_01. Now, each time the script does such a connect, it confirms the successful connection with a connected. This is distracting and I want to turn it off. I can achieve what I want with a set termout off connect user_01/pass_01@db_01 set termout on Is there a more elegant solution to my problem? Note, it doesn't help to permanently set termout off at the start of the script since I need to know if a command didn't run successfully.

    Read the article

  • Waiting for a submitted job to finish in Oracle PL/SQL?

    - by vicjugador
    I'm looking for the equivalent of Java's thread.join() in PL/SQL. I.e. I want to kick off a number of jobs (threads), and then wait for them to finish. How is this possible in PL/SQL? I'm thinking of using dbms_job.submit (I know it's deprecated). dbms_scheduler is also an alternative. My code: DECLARE jobno1 number; jobno2 number; BEGIN dbms_job.submit(jobno1,'begin dbms_lock.sleep(10); dbms_output.put_line(''job 1 exit'');end;'); dbms_job.submit(jobno2,'begin dbms_lock.sleep(10); dbms_output.put_line(''job 2 exit'');end;'); dbms_job.run(jobno1); dbms_job.run(jobno2); //Need code to Wait for jobno1 to finish //Need code to Wait for jobno2 to finish END;

    Read the article

  • ADO Execute not reading a line of SQL code?

    - by llaskin
    My code is below: var statement = "test_oracle.sql"; F = aqFile.OpenTextFile(statement, aqFile.faRead, aqFile.ctANSI); F.Cursor = 0; while(! F.IsEndOfFile()){ s = F.ReadLine(); oResult = Project.Variables.oConnection.Execute_(s); CheckResult(oResult, "Unable to run SQL script to add documents"); The first line that "s" reads is: set serverout on size 10000 An error is returned as "ORA-00922: missing or invalid option" Can anyone provide guidance?

    Read the article

  • Windows Azure Myths

    - by BuckWoody
    Windows Azure is part of the Microsoft "stack" - the suite of software and services we offer. Because we have so many products in almost every part of technology, it's hard to know everything about all parts of what we do - even for those of us who work here. So it's no surprise that some folks are not as familiar with Windows and SQL Azure as they are, say Windows Server or XBox. As I chat with folks about a solution for a business or organization need, I put Windows Azure into the mix. I always start off with "What do you already know about Windows Azure?" so that I don't bore folks with information they already have. I some cases they've checked out the product ahead of time and have specific questions, in others they aren't as familiar, and in still others there is a fair amount of mis-information. Sometimes that's because of a marketing failure, sometimes it's hearsay, and somtetimes it's active misinformation. I thought I might lay out a few of these misconceptions. As always - do your fact-checking! Never take anyone's word alone (including mine) as gospel. Make sure you educate yourself on your options. Your company or your clients depend on you to have the right information on IT, so make sure you live up to that. Myth 1: Nobody uses Windows Azure It's true that we don't give out numbers on the amount of clients on Windows and SQL Azure. But lots of folks are here - companies you may have heard of like Boeing, NASA, Fujitsu, The City of London, Nuedesic, and many others. I deal with firms small and large that use Windows Azure for mission-critical applications, sometimes totally on Windows and/or SQL Azure, sometimes in conjunction with an on-premises system, sometimes for only a specific component in Windows Azure like storage. The interesting thing is that many sites you visit have a Windows Azure component, or are running on Windows Azure. They just don't announce it. Just like the other cloud providers, the companies have asked to be completely branded themselves - they don't want you to be aware or care that they are on Windows Azure. Sometimes that's for security, other times it's for different reasons. It's just like the web sites you visit. For the most part, they don't advertise which OS or Web Server they use. It really just shouldn't matter. The point is that they just use what works to solve a given problem. Check out a few public case studies here: https://www.windowsazure.com/en-us/home/case-studies/ Myth 2: It's only for Microsoft stuff - can't use Open Source This is the one I face the most, and am the most dismayed by. We work just fine with many open source products, including Java, NodeJS, PHP, Ruby, Python, Hadoop, and many other languages and applications. You can quickly deploy a Wordpress, Umbraco and other "kits". We have software development kits (SDK's) for iPhones, iPads, Android, Windows phones and more. We have an SDK to work with FaceBook and other social networks. In short, we play well with others. More on the languages and runtimes we support here: https://www.windowsazure.com/en-us/develop/overview/ More on the SDK's here: http://www.wadewegner.com/2011/05/windows-azure-toolkit-for-ios/, http://www.wadewegner.com/2011/08/windows-azure-toolkits-for-devices-now-with-android/, http://azuretoolkit.codeplex.com/ Myth 3: Microsoft expects me to switch everything to "the cloud" No, we don't. That would be disasterous, unless the only things you run in your company uses works perfectly in Azure. Use Windows Azure  - or any cloud for that matter - where it works. Whenever I talk to companies, I focus on two things: Something that is broken and needs to be re-architected Something you want to do that is new If something is broken, and you need new tools to scale, extend, add capacity dynamically and so on, then you can consider using Windows or SQL Azure. It can help solve problems that you have, or it may include a component you don't want to write or architect yourself. Sometimes you want to do something new, like extend your company's offerings to mobile phones, to the web, or to a social network. More info on where it works here: http://blogs.msdn.com/b/buckwoody/archive/2011/01/18/windows-azure-and-sql-azure-use-cases.aspx Myth 4: I have to write code to use Windows and SQL Azure If Windows Azure is a PaaS - a Platform as a Service - then don't you have to write code to use it? Nope. Windows and SQL Azure are made up of various components. Some of those components allow you to write and deploy code (like Compute) and others don't. We have lots of customers using Windows Azure storage as a backup, to securely share files instead of using DropBox, to distribute videos or code or firmware, and more. Others use our High Performance Computing (HPC) offering to rent a supercomputer when they need one. You can even throw workloads at that using Excel! In addition there are lots of other components in Windows Azure you can use, from the Windows Azure Media Services to others. More here: https://www.windowsazure.com/en-us/home/scenarios/saas/ Myth 5: Windows Azure is just another form of "vendor lock-in" Windows Azure uses .NET, OSS languages and standard interfaces for the code. Sure, you're not going to take the code line-for-line and run it on a mainframe, but it's standard code that you write, and can port to something else. And the data is yours - you can bring it back whever you want. It's either in text or binary form, that you have complete control over. There are no licenses - you can "pay as you go", and when you're done, you can leave the service and take all your code, data and IP with you.   So go out there, read up, try it. Use it where it works. And don't believe everything you hear - sometimes the Internet doesn't get it all correct. :)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 691 692 693 694 695 696 697 698 699 700 701 702  | Next Page >